CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Scammers file first — Get your IRS Identity Protection PIN now
Description: The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against identity theft and fraudulent returns. [...]
Source: BleepingComputer
January 11th, 2025 (6 months ago)
City of West Haven has been Claimed a Victim to Qilin Ransomware
Description: City of West Haven has been Claimed a Victim to Qilin Ransomware
Source: DarkWebInformer
January 11th, 2025 (6 months ago)
DEFACER KAMPUNG Defaced the Website of Elgon View Teachers Training College
Description: DEFACER KAMPUNG Defaced the Website of Elgon View Teachers Training College
Source: DarkWebInformer
January 11th, 2025 (6 months ago)
If Planet X Exists, It’s Running Out of Places to Hide
Description: A tour of the outer solar system, from Pluto-Charon to Planet X, plus saber teeth and punky molluscs.
Source: 404 Media
January 11th, 2025 (6 months ago)
A Threat Actor Claims to be Selling Access to an Unidentified UK Company
Description: A Threat Actor Claims to be Selling Access to an Unidentified UK Company
Source: DarkWebInformer
January 11th, 2025 (6 months ago)
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Description: Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech giant's Digital Crimes Unit (DCU) said it has observed the threat actors "develop
Source: TheHackerNews
January 11th, 2025 (6 months ago)
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Description: The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands' Financial Intelligence and Investigative Service, Finland's National Bureau of
Source: TheHackerNews
January 11th, 2025 (6 months ago)

CVE-2025-23079
XSSes in Extension:ArticleFeedbackv5
Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - ArticleFeedbackv5 extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - ArticleFeedbackv5 extension: from 1.42.X before 1.42.2.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2025-23078
XSS in BreadCrumbs2
Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Breadcrumbs2 extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Breadcrumbs2 extension: from 1.39.X before 1.39.11, from 1.41.X before 1.41.5, from 1.42.X before 1.42.4.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)

CVE-2025-22949
Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution.
Description: Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution.

EPSS Score: 0.04%

Source: CVE
January 11th, 2025 (6 months ago)