CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Why SOC Roles Need to Evolve to Attract a New Generation
Description: The cybersecurity industry faces a growing crisis in attracting and retaining SOC analysts.
Source: Dark Reading
December 6th, 2024 (6 months ago)
Conquering the Complexities of Modern BCDR
Description: The modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities make data protection and seamless business continuity challenging for businesses of all sizes. Your organization needs robust security measures that go beyond traditional backup solutions to address the intricacies of today’s complex IT ecosystems.
Source: TheHackerNews
December 6th, 2024 (6 months ago)
Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks
Description: Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month. Unlike the first
Source: TheHackerNews
December 6th, 2024 (6 months ago)
More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader
Description: The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using VenomLNK, a staple tool that serves as an initial access vector for the deployment of follow-on
Source: TheHackerNews
December 6th, 2024 (6 months ago)
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
Description: The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that's designed to drop the Visual Basic Script malware, Recorded Future's Insikt Group said in a new analysis.
Source: TheHackerNews
December 6th, 2024 (6 months ago)
Nebraska Man pleads guilty to dumb cryptojacking operation
Description: ​A Nebraska man pleaded guilty on Thursday to operating a large-scale cryptojacking operation after being arrested and charged in April. [...]
Source: BleepingComputer
December 6th, 2024 (6 months ago)
Romania's election systems targeted in over 85,000 cyberattacks
Description: A declassified report from Romania's Intelligence Service says that the country's election infrastructure was targeted by more than 85,000 cyberattacks. [...]
Source: BleepingComputer
December 6th, 2024 (6 months ago)
[@directus/app] Directus has an HTML Injection in Comment
Description: Summary The Comment feature has implemented a filter to prevent users from adding restricted characters, such as HTML tags. However, this filter operates on the client-side, which can be bypassed, making the application vulnerable to HTML Injection. Details The Comment feature implements a character filter on the client-side, this can be bypassed by directly sending a request to the endpoint. Example Request: PATCH /activity/comment/3 HTTP/2 Host: directus.local { "comment": "TEST HTML INJECTION Test Link" } Example Response: { "data": { "id": 3, "action": "comment", "user": "288fdccc-399a-40a1-ac63-811bf62e6a18", "timestamp": "2023-09-06T02:23:40.740Z", "ip": "10.42.0.1", "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36", "collection": "directus_files", "item": "7247dda1-c386-4e7a-8121-7e9c1a42c15a", "comment": "TEST HTML INJECTION Test Link", "origin": "https://directus.local", "revisions": [] } } Example Result: Impact With the introduction of session cookies this issue has become exploitable as a malicious script is now able to do authenticated actions on the current users behalf. References https://github.com/directus/directus/security/advisories/GHSA-r6wx-627v-gh2f https://nvd.nist.gov/vuln/detail/CVE-2024-54128 https://github.com/directus/directus/commit/4487fb18d5cb09e071b111d2dc0c9d6bcb437633 https://github.com/directus/directus/comm...
Source: Github Advisory Database (NPM)
December 5th, 2024 (6 months ago)
[directus] Directus has an HTML Injection in Comment
Description: Summary The Comment feature has implemented a filter to prevent users from adding restricted characters, such as HTML tags. However, this filter operates on the client-side, which can be bypassed, making the application vulnerable to HTML Injection. Details The Comment feature implements a character filter on the client-side, this can be bypassed by directly sending a request to the endpoint. Example Request: PATCH /activity/comment/3 HTTP/2 Host: directus.local { "comment": "TEST HTML INJECTION Test Link" } Example Response: { "data": { "id": 3, "action": "comment", "user": "288fdccc-399a-40a1-ac63-811bf62e6a18", "timestamp": "2023-09-06T02:23:40.740Z", "ip": "10.42.0.1", "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36", "collection": "directus_files", "item": "7247dda1-c386-4e7a-8121-7e9c1a42c15a", "comment": "TEST HTML INJECTION Test Link", "origin": "https://directus.local", "revisions": [] } } Example Result: Impact With the introduction of session cookies this issue has become exploitable as a malicious script is now able to do authenticated actions on the current users behalf. References https://github.com/directus/directus/security/advisories/GHSA-r6wx-627v-gh2f https://nvd.nist.gov/vuln/detail/CVE-2024-54128 https://github.com/directus/directus/commit/4487fb18d5cb09e071b111d2dc0c9d6bcb437633 https://github.com/directus/directus/comm...
Source: Github Advisory Database (NPM)
December 5th, 2024 (6 months ago)
[path-to-regexp] Unpatched `path-to-regexp` ReDoS in 0.1.x
Description: Impact The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp, originally reported here: https://github.com/advisories/GHSA-9wv6-86v2-598j Patches Upgrade to 0.1.12. Workarounds Avoid using two parameters within a single path segment, when the separator is not . (e.g. no /:a-:b). Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking. References https://github.com/advisories/GHSA-9wv6-86v2-598j https://blakeembrey.com/posts/2024-09-web-redos/ References https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w https://blakeembrey.com/posts/2024-09-web-redos https://github.com/advisories/GHSA-rhx6-c78j-4q9w
Source: Github Advisory Database (NPM)
December 5th, 2024 (6 months ago)