CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Hacker steals $223 million in Cetus Protocol cryptocurrency heist Description: The decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned. [...] Source: BleepingComputer May 23rd, 2025 (29 days ago)
	Dozens of malicious packages on NPM collect host and network data Description: 60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. [...] Source: BleepingComputer May 23rd, 2025 (29 days ago)
	Alleged Sale of Web Admin Access to a Private Clinic in the USA Description: Alleged Sale of Web Admin Access to a Private Clinic in the USA Source: DarkWebInformer May 23rd, 2025 (29 days ago)
	Alleged Data for Sale of AT&T Description: Alleged Data for Sale of AT&T Source: DarkWebInformer May 23rd, 2025 (29 days ago)
	[DotNetNuke.SiteExportImport] DNN site Import could use an external source with a crafted request Description: A malicious SuperUser (Host) could craft a request to use an external url for a site export to then be imported. References https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-62mf-vhhw-xmf8 https://github.com/dnnsoftware/Dnn.Platform/commit/13fb13ee76173c3467d7ee8d120b20ca7bd4fa63 https://github.com/advisories/GHSA-62mf-vhhw-xmf8 Source: Github Advisory Database (Nuget) May 23rd, 2025 (29 days ago)
	[DotNetNuke.Web] Reflected Cross-Site Scripting (XSS) in module actions in edit mode Description: A specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions. References https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-79m3-rvx2-3qq9 https://github.com/dnnsoftware/Dnn.Platform/commit/351b166492ad4b6509c273dc83211d52238e31a7 https://github.com/advisories/GHSA-79m3-rvx2-3qq9 Source: Github Advisory Database (Nuget) May 23rd, 2025 (29 days ago)
	[DotNetNuke.Core] Reflected Cross-Site Scripting (XSS) in module actions in edit mode Description: A specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions. References https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-79m3-rvx2-3qq9 https://github.com/dnnsoftware/Dnn.Platform/commit/351b166492ad4b6509c273dc83211d52238e31a7 https://github.com/advisories/GHSA-79m3-rvx2-3qq9 Source: Github Advisory Database (Nuget) May 23rd, 2025 (29 days ago)
	[DotNetNuke.Core] DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline Description: Uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks. References https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-m4hf-fxcg-cp34 https://github.com/dnnsoftware/Dnn.Platform/commit/cfed83c291d5e5072b2fa70924a8b7c35b1cdf9e https://github.com/advisories/GHSA-m4hf-fxcg-cp34 Source: Github Advisory Database (Nuget) May 23rd, 2025 (29 days ago)
	Alleged Data Breach of Herbies Seeds Description: Alleged Data Breach of Herbies Seeds Source: DarkWebInformer May 23rd, 2025 (29 days ago)
	CISA says SaaS providers in firing line after Commvault zero-day Azure attack Source: TheRegister May 23rd, 2025 (29 days ago)