CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Cybersecurity rethink - from reaction to resilience Source: TheRegister January 16th, 2025 (6 months ago)
	Ddarknotevil Allegedly Leaked the Data of Shanghai Epean Trading Co., Ltd. Description: Ddarknotevil Allegedly Leaked the Data of Shanghai Epean Trading Co., Ltd. Source: DarkWebInformer January 16th, 2025 (6 months ago)
	D6X Defaced Multiple Websites in India Description: D6X Defaced Multiple Websites in India Source: DarkWebInformer January 16th, 2025 (6 months ago)
	Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge Source: TheRegister January 16th, 2025 (6 months ago)
CVE-2024-53900	[mongoose] Mongoose search injection vulnerability Description: Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because of an incomplete fix for CVE-2024-53900. References https://nvd.nist.gov/vuln/detail/CVE-2025-23061 https://github.com/Automattic/mongoose/commit/64a9f9706f2428c49e0cfb8e223065acc645f7bc https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md https://github.com/Automattic/mongoose/releases/tag/8.9.5 https://www.npmjs.com/package/mongoose?activeTab=versions https://github.com/advisories/GHSA-vg7j-7cwx-8wgw EPSS Score: 0.05% Source: Github Advisory Database (NPM) January 16th, 2025 (6 months ago)
	Strategic Approaches to Threat Detection, Investigation & Response Description: By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence. Source: Dark Reading January 16th, 2025 (6 months ago)
	MFA Failures - The Worst is Yet to Come Description: This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come. [...] Source: BleepingComputer January 16th, 2025 (6 months ago)
CVE-2024-7344	New UEFI Secure Boot flaw exposes systems to bootkits, patch now Description: A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. [...] EPSS Score: 0.04% Source: BleepingComputer January 16th, 2025 (6 months ago)
	Meta Is Laying the Narrative Groundwork for Trump’s Mass Deportations Description: Multiple experts drew comparisons between Meta's recent changes around immigration and what happened in Myanmar in 2017, where Facebook contributed to a genocide by allowing the spread of hate. Source: 404 Media January 16th, 2025 (6 months ago)
	Wolf Haldenstein Data Breach Exposed 3.5 Million Americans Description: Wolf Haldenstein Adler Freeman & Herz LLP, a prominent U.S. law firm, has disclosed a data breach affecting nearly 3.45 million individuals. The breach, caused by an external hacking incident, compromised sensitive personal and medical information. The firm first detected suspicious network activity on December 13, 2023, and took immediate steps to secure its systems. … The post Wolf Haldenstein Data Breach Exposed 3.5 Million Americans appeared first on CyberInsider. Source: CyberInsider January 16th, 2025 (6 months ago)