CyberAlerts

Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes

Source: TheRegister

June 4th, 2025 (about 7 hours ago)

Ransomware Attack Update for the 4th of June 2025

Description: Ransomware Attack Update for the 4th of June 2025

Source: DarkWebInformer

June 4th, 2025 (about 7 hours ago)

Threat Attack Daily - 4th of June 2025

Description: Threat Attack Daily - 4th of June 2025

Source: DarkWebInformer

June 4th, 2025 (about 7 hours ago)

CVE-2024-22922

An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login...

Description: An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php

EPSS Score: 0.51%

SSVC Exploitation: none

Source: CVE

June 4th, 2025 (about 8 hours ago)

CVE-2024-22903

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.

Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.

EPSS Score: 1.5%

SSVC Exploitation: poc

Source: CVE

June 4th, 2025 (about 8 hours ago)

CVE-2024-22899

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.

Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.

EPSS Score: 12.45%

SSVC Exploitation: poc

Source: CVE

June 4th, 2025 (about 8 hours ago)

CVE-2024-22729

NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page.

Description: NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page.

EPSS Score: 91.17%

SSVC Exploitation: poc

Source: CVE

June 4th, 2025 (about 8 hours ago)

CVE-2024-22725

Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's...

Description: Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's error reporting.

EPSS Score: 0.34%

SSVC Exploitation: none

Source: CVE

June 4th, 2025 (about 8 hours ago)

CVE-2024-22646

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess...

Description: An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.

EPSS Score: 0.2%

SSVC Exploitation: none

Source: CVE

June 4th, 2025 (about 8 hours ago)

CVE-2024-22626

Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=.

Description: Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=.

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE

June 4th, 2025 (about 8 hours ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes Source: TheRegister June 4th, 2025 (about 7 hours ago)
	Ransomware Attack Update for the 4th of June 2025 Description: Ransomware Attack Update for the 4th of June 2025 Source: DarkWebInformer June 4th, 2025 (about 7 hours ago)
	Threat Attack Daily - 4th of June 2025 Description: Threat Attack Daily - 4th of June 2025 Source: DarkWebInformer June 4th, 2025 (about 7 hours ago)
CVE-2024-22922	An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login... Description: An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php EPSS Score: 0.51% SSVC Exploitation: none Source: CVE June 4th, 2025 (about 8 hours ago)
CVE-2024-22903	Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function. Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function. EPSS Score: 1.5% SSVC Exploitation: poc Source: CVE June 4th, 2025 (about 8 hours ago)
CVE-2024-22899	Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function. Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function. EPSS Score: 12.45% SSVC Exploitation: poc Source: CVE June 4th, 2025 (about 8 hours ago)
CVE-2024-22729	NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page. Description: NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page. EPSS Score: 91.17% SSVC Exploitation: poc Source: CVE June 4th, 2025 (about 8 hours ago)
CVE-2024-22725	Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's... Description: Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's error reporting. EPSS Score: 0.34% SSVC Exploitation: none Source: CVE June 4th, 2025 (about 8 hours ago)
CVE-2024-22646	An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess... Description: An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system. EPSS Score: 0.2% SSVC Exploitation: none Source: CVE June 4th, 2025 (about 8 hours ago)
CVE-2024-22626	Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=. Description: Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=. EPSS Score: 0.07% SSVC Exploitation: none Source: CVE June 4th, 2025 (about 8 hours ago)