CyberAlerts

Description: Missing Authorization in DinoRANK Wed, 05/28/2025 - 11:01 Aviso Affected Resources DinoRANK Description INCIBE has coordinated the publication of a medium severity vulnerability affecting DinoRANK, a SEO tool. The vulnerability was discovered by Pablo Alcarria.This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector and CWE vulnerability type:CVE-2025-40673: CVSS v4.0: 5.3 | CVSS AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-862 Identificador INCIBE-2025-0275 3 - Medium Solution The vulnerability has been fixed by DinoRANK team in the latest version. Detail CVE-2025-40673: A Missing Authorization vulnerability has been found in DinoRANK. This vulnerability allows an attacker to access invoices of any user via accessing endpoint '/facturas/YYYY-MM/SDRYYMM-XXXXX.pdf' because there is no access control. The pdf filename can be obtained via OSINT, insecure network traffic or brute force. References list DinoRANK Etiquetas 0day Update CNA Vulnerability ...

EPSS Score: 0.04%

Source: Incibe CERT

May 28th, 2025 (22 days ago)

CVE-2025-5025

No QUIC certificate pinning with wolfSSL

Description: libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC and HTTP/3. Since pinning makes the transfer succeed if the pin is fine, users could unwittingly connect to an impostor server without noticing.

EPSS Score: 0.02%

Source: CVE

May 28th, 2025 (22 days ago)

CVE-2025-4947

QUIC certificate check skip with wolfSSL

Description: libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks.

EPSS Score: 0.02%

Source: CVE

May 28th, 2025 (22 days ago)

DragonForce double-whammy: First hit an MSP, then use RMM software to push ransomware

Source: TheRegister

May 28th, 2025 (22 days ago)

Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats

Description: Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App Store is confronted by a wide range of threats that seek to defraud users in various ways, ranging from "deceptive apps designed to steal personal information to fraudulent payment schemes that attempt to exploit

Source: TheHackerNews

May 28th, 2025 (22 days ago)

Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model

Description: The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attract businesses legitimate and shady.

Source: Dark Reading

May 28th, 2025 (22 days ago)

Structured Query Language Injection in frappe.desk.reportview.get_list Endpoint in Frappe Framework

Description: Posted by Ron E on May 27 An authenticated SQL injection vulnerability exists in the frappe.desk.reportview.get_list API of the Frappe Framework, affecting versions v15.56.1. The vulnerability stems from improper sanitization of the fields[] parameter, which allows low-privileged users to inject arbitrary SQL expressions directly into the SELECT clause. Sample Structured Query Language Injection: Request: GET...

Source: Full Disclosure Mailinglist

May 28th, 2025 (22 days ago)

ASUS to chase business PC market with free AI, or no AI - because nobody knows what to do with it

Source: TheRegister

May 28th, 2025 (22 days ago)

🏴‍☠️ Lynx has just published a new victim : kosmas.cz

Description: Online bookstore Kosmas.cz

Source: Ransomware.live

May 28th, 2025 (22 days ago)

Don't click on that Facebook ad for a text-to-AI-video tool

Source: TheRegister

May 28th, 2025 (23 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Falta de autorización en DinoRANK Description: Missing Authorization in DinoRANK Wed, 05/28/2025 - 11:01 Aviso Affected Resources DinoRANK Description INCIBE has coordinated the publication of a medium severity vulnerability affecting DinoRANK, a SEO tool. The vulnerability was discovered by Pablo Alcarria.This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector and CWE vulnerability type:CVE-2025-40673: CVSS v4.0: 5.3 \| CVSS AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N \| CWE-862 Identificador INCIBE-2025-0275 3 - Medium Solution The vulnerability has been fixed by DinoRANK team in the latest version. Detail CVE-2025-40673: A Missing Authorization vulnerability has been found in DinoRANK. This vulnerability allows an attacker to access invoices of any user via accessing endpoint '/facturas/YYYY-MM/SDRYYMM-XXXXX.pdf' because there is no access control. The pdf filename can be obtained via OSINT, insecure network traffic or brute force. References list DinoRANK Etiquetas 0day Update CNA Vulnerability ... EPSS Score: 0.04% Source: Incibe CERT May 28th, 2025 (22 days ago)
CVE-2025-5025	No QUIC certificate pinning with wolfSSL Description: libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC and HTTP/3. Since pinning makes the transfer succeed if the pin is fine, users could unwittingly connect to an impostor server without noticing. EPSS Score: 0.02% Source: CVE May 28th, 2025 (22 days ago)
CVE-2025-4947	QUIC certificate check skip with wolfSSL Description: libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks. EPSS Score: 0.02% Source: CVE May 28th, 2025 (22 days ago)
	DragonForce double-whammy: First hit an MSP, then use RMM software to push ransomware Source: TheRegister May 28th, 2025 (22 days ago)
	Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats Description: Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App Store is confronted by a wide range of threats that seek to defraud users in various ways, ranging from "deceptive apps designed to steal personal information to fraudulent payment schemes that attempt to exploit Source: TheHackerNews May 28th, 2025 (22 days ago)
	Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model Description: The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attract businesses legitimate and shady. Source: Dark Reading May 28th, 2025 (22 days ago)
	Structured Query Language Injection in frappe.desk.reportview.get_list Endpoint in Frappe Framework Description: Posted by Ron E on May 27 An authenticated SQL injection vulnerability exists in the frappe.desk.reportview.get_list API of the Frappe Framework, affecting versions v15.56.1. The vulnerability stems from improper sanitization of the fields[] parameter, which allows low-privileged users to inject arbitrary SQL expressions directly into the SELECT clause. Sample Structured Query Language Injection: Request: GET... Source: Full Disclosure Mailinglist May 28th, 2025 (22 days ago)
	ASUS to chase business PC market with free AI, or no AI - because nobody knows what to do with it Source: TheRegister May 28th, 2025 (22 days ago)
	🏴‍☠️ Lynx has just published a new victim : kosmas.cz Description: Online bookstore Kosmas.cz Source: Ransomware.live May 28th, 2025 (22 days ago)
	Don't click on that Facebook ad for a text-to-AI-video tool Source: TheRegister May 28th, 2025 (23 days ago)