CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[pwpush] Password Pusher Allows Session Token Interception Leading to Potential Hijacking
Description: Impact A vulnerability has been reported in Password Pusher where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although the session token is replaced and invalidated upon logout, if an attacker manages to capture the session cookie before this process, they can use the token to gain unauthorized access to the user's session until the token expires or is manually cleared. This vulnerability hinges on the attacker's ability to access the session cookie during an active session, either through a man-in-the-middle attack, by exploiting another vulnerability like XSS, or via direct access to the victim's device. Patches Although there is no direct resolution to this vulnerability, it is recommended to always use the latest version of Password Pusher to best mitigate risk. Workarounds If self-hosting, ensure Password Pusher is hosted exclusively over SSL connections to encrypt traffic and prevent session cookies from being intercepted in transit. Additionally, implement best practices in local security to safeguard user systems, browsers, and data against unauthorized access. To further mitigate session hijacking risks, Password Pusher implements the following security measures: Automatic Session Expiration: Sessions are automatically expired after 2 hours of inactivity, reducing the window for potential exploitation. Session Reset on Login and Logout: Sessions are fully reset both when a user logs in and logs out, ensu...
Source: Github Advisory Database (RubyGems)
December 30th, 2024 (6 months ago)
[better-auth] Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint
Description: Summary An open redirect vulnerability has been identified in the verify email endpoint of Better Auth, potentially allowing attackers to redirect users to malicious websites. This issue affects users relying on email verification links generated by the library. Affected Versions All versions prior to v1.1.6. Impact Attackers could craft malicious email verification links that exploit the redirect functionality to send users to untrusted domains. This can result in: Phishing attacks – Users may unknowingly enter sensitive information on fake login pages. Reputation damage – Trust issues for applications using Better Auth. Vulnerability Details The verify email callback endpoint accepts a callbackURL parameter. Unlike other verification methods, email verification only uses JWT to verify and redirect without proper validation of the target domain. The origin checker is bypassed in this scenario because it only checks for POST requests. An attacker can manipulate this parameter to redirect users to arbitrary URLs controlled by the attacker. Example Exploit: https://example.com/auth/verify-email?token=abcd1234&callbackURL=https://malicious-site.com Patches Upgrade to Better Auth v1.1.6 or later. This version enforces domain validation for callbackURL for /verify-email path and for all other GET endpoints. Workarounds You can also use hooks to pre-check URLs in your auth instance to prevent this without upgrading: const auth = betterAuth({ hooks: { before: (c...
Source: Github Advisory Database (NPM)
December 30th, 2024 (6 months ago)
Corps Claims to have Leaked the Data of Albastar Airline
Description: Corps Claims to have Leaked the Data of Albastar Airline
Source: DarkWebInformer
December 30th, 2024 (6 months ago)
Z-BL4CX-H4T Defaced the Website of AKmedia
Description: Z-BL4CX-H4T Defaced the Website of AKmedia
Source: DarkWebInformer
December 30th, 2024 (6 months ago)
Microsoft issues urgent dev warning to update .NET installer link
Description: Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains to install .NET components, as the domain will soon be unavailable due to the bankruptcy and imminent shutdown of CDN provider Edgio. [...]
Source: BleepingComputer
December 30th, 2024 (6 months ago)
A Threat Actor Claims to be Selling Corp RDP Access to an Unidentified Company in Germany
Description: A Threat Actor Claims to be Selling Corp RDP Access to an Unidentified Company in Germany
Source: DarkWebInformer
December 30th, 2024 (6 months ago)
How to Get the Most Out of Cyber Insurance
Description: Cyber insurance should augment your cybersecurity strategy — not replace it.
Source: Dark Reading
December 30th, 2024 (6 months ago)
What Security Lessons Did We Learn in 2024?
Description: Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.
Source: Dark Reading
December 30th, 2024 (6 months ago)
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Description: Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week's update, we'll cover the most important developments in
Source: TheHackerNews
December 30th, 2024 (6 months ago)
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
Description: The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader initiative to bolster the
Source: TheHackerNews
December 30th, 2024 (6 months ago)