CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-45863	TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface. Description: TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface. EPSS Score: 0.09% Source: CVE May 13th, 2025 (about 1 month ago)
	North Korea ramps up cyberspying in Ukraine to assess war risk Description: The state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations. [...] Source: BleepingComputer May 13th, 2025 (about 1 month ago)
	What Does EU's Bug Database Mean for Vulnerability Tracking? Description: The EU cyber agency ENISA has launched its vulnerability database, the EUVD; security experts shared their thoughts regarding what this means for CVEs, as well as the larger conversation around how bugs are tracked. Source: Dark Reading May 13th, 2025 (about 1 month ago)
	Alleged Data Breach of an Unidentified Company in Hong Kong Description: alleged-data-breach-of-an-unidentified-company-in-hong-kong Source: DarkWebInformer May 13th, 2025 (about 1 month ago)
CVE-2025-45861	TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface. Description: TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface. EPSS Score: 0.09% Source: CVE May 13th, 2025 (about 1 month ago)
	Twilio denies breach following leak of alleged Steam 2FA codes Description: Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. [...] Source: BleepingComputer May 13th, 2025 (about 1 month ago)
	Microsoft Patches Five Actively Exploited Flaws in May 2025 Windows 11 Update 🚨 Marked as known exploited on May 13th, 2025 (about 1 month ago). Description: Microsoft's Patch Tuesday for May 2025 addresses 78 vulnerabilities across its product suite, including five zero-day vulnerabilities that are already being exploited in the wild. The Windows 11 cumulative update KB5058411 (Build 26100.4061) brings critical fixes for elevation-of-privilege and remote code execution flaws impacting core Windows components. The update was released on May 13, 2025, … The post Microsoft Patches Five Actively Exploited Flaws in May 2025 Windows 11 Update appeared first on CyberInsider. Source: CyberInsider May 13th, 2025 (about 1 month ago)
	CISA Warns of TeleMessage Vuln Despite Low CVSS Score Description: Though the app claims to use end-to-end encryption, hackers have reportedly accessed archived data on the app's servers via a new vulnerability. Source: Dark Reading May 13th, 2025 (about 1 month ago)
	Alleged Sale of Unauthorized Access to an Unknown Company in the USA Description: Alleged Sale of Unauthorized Access to an Unknown Company in the USA Source: DarkWebInformer May 13th, 2025 (about 1 month ago)
	Ivanti fixes EPMM zero-days chained in code execution attacks Description: Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. [...] Source: BleepingComputer May 13th, 2025 (about 1 month ago)