CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Stolen Path of Exile 2 admin account used to hack player accounts Description: Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November. [...] Source: BleepingComputer January 13th, 2025 (6 months ago)
	[github.com/openfga/openfga] OpenFGA Authorization Bypass Description: Overview OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA v1.3.8 to v1.8.2, specifically under the following conditions: Calling Check API or ListObjects with a model that uses conditions, and OpenFGA is configured with caching enabled (OPENFGA_CHECK_QUERY_CACHE_ENABLED), and Check API call or ListObjects API calls contain contextual tuples that include conditions. Fix Upgrade to v1.8.3. This upgrade is backwards compatible. References https://github.com/openfga/openfga/security/advisories/GHSA-32q6-rr98-cjqv https://github.com/advisories/GHSA-32q6-rr98-cjqv Source: Github Advisory Database (Go) January 13th, 2025 (6 months ago)
	Microsoft sues 'foreign-based' criminals, seizes sites used to abuse AI Source: TheRegister January 13th, 2025 (6 months ago)
	Community Health Northwest Florida Has Been Claimed a Victim to RansomHub Ransomware Description: Community Health Northwest Florida Has Been Claimed a Victim to RansomHub Ransomware Source: DarkWebInformer January 13th, 2025 (6 months ago)
	A Threat Actor is Claiming to Sell S3 Access of Multiple Indian Companies with Data Totaling 22+ TB Description: A Threat Actor is Claiming to Sell S3 Access of Multiple Indian Companies with Data Totaling 22+ TB Source: DarkWebInformer January 13th, 2025 (6 months ago)
	Our New FOIA Forum! 1/23, 1PM EST Description: Come learn how to pry government records from the new Trump administration. Source: 404 Media January 13th, 2025 (6 months ago)
	Microsoft: macOS bug lets hackers install malicious kernel drivers Description: Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. [...] Source: BleepingComputer January 13th, 2025 (6 months ago)
	Dread Pirate Roberts, of the original Silk Road, makes a post about "Why Claims are dangerous to believe." Description: Dread Pirate Roberts, of the original Silk Road, makes a post about "Why Claims are dangerous to believe." Source: DarkWebInformer January 13th, 2025 (6 months ago)
	Azure and M365 MFA outage locks out users across regions Source: TheRegister January 13th, 2025 (6 months ago)
	A Threat Actor Claims to be Selling Data of Insurgentes University Description: A Threat Actor Claims to be Selling Data of Insurgentes University Source: DarkWebInformer January 13th, 2025 (6 months ago)