CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	[Darknetlive Archive] Opiates Vendor "DopeKingUSA" Imprisoned for Distributing Fentanyl Description: [Darknetlive Archive] Opiates Vendor "DopeKingUSA" Imprisoned for Distributing Fentanyl Source: DarkWebInformer January 14th, 2025 (6 months ago)
	WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites Description: A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...] Source: BleepingComputer January 14th, 2025 (6 months ago)
	US govt says North Korea stole over $659 million in crypto last year Description: North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. [...] Source: BleepingComputer January 14th, 2025 (6 months ago)
	FBI wipes Chinese PlugX malware from thousands of Windows PCs in America Source: TheRegister January 14th, 2025 (6 months ago)
	Windows 10 KB5049981 update released with new BYOVD blocklist Description: Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver (BYOVD) attacks. [...] Source: BleepingComputer January 14th, 2025 (6 months ago)
	Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws Description: Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...] Source: BleepingComputer January 14th, 2025 (6 months ago)
	Windows 11 KB5050009 & KB5050021 cumulative updates released Description: Microsoft has released the Windows 11 KB5050009 and KB5050021 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...] Source: BleepingComputer January 14th, 2025 (6 months ago)
	Zero-Day Security Bug Likely Fueling Fortinet Firewall Attacks Description: An ongoing campaign targeting FortiGate devices with management interfaces exposed on the public Internet is leading to unauthorized administrative logins and configuration changes, creating new accounts, and performing SSL VPN authentication. Source: Dark Reading January 14th, 2025 (6 months ago)
	Google OAuth flaw lets attackers gain access to abandoned accounts Description: A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms. [...] Source: BleepingComputer January 14th, 2025 (6 months ago)
	Google OAuth Vulnerability Exposes Millions via Failed Startup Domains Description: New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data. "Google's OAuth login doesn't protect against someone purchasing a failed startup's domain and using it to re-create email accounts for former employees," Truffle Security co-founder and CEO Dylan Ayrey said Source: TheHackerNews January 14th, 2025 (6 months ago)