CyberAlerts

🏴‍☠️ Ralord has just published a new victim : Bio-Clima Service

Description: Bio-Clima Service Srl, an Italian company based in Bernareggio, Lombardy, specializing in the technical assistance, maintenance, and...

Source: Ransomware.live

April 16th, 2025 (4 days ago)

CVE-2025-22872

Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

Description: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).

EPSS Score: 0.01%

Source: CVE

April 16th, 2025 (4 days ago)

CVE-2024-53305

An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query.

Description: An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query.

EPSS Score: 0.07%

Source: CVE

April 16th, 2025 (4 days ago)

CVE-2024-53304

An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands...

Description: An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine.

EPSS Score: 0.05%

Source: CVE

April 16th, 2025 (4 days ago)

CVE-2024-53303

A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated...

Description: A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request.

EPSS Score: 0.21%

Source: CVE

April 16th, 2025 (4 days ago)

Apple fixes two zero-days exploited in targeted iPhone attacks

Description: Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an "extremely sophisticated attack" against specific targets' iPhones. [...]

Source: BleepingComputer

April 16th, 2025 (4 days ago)

🏴‍☠️ Akira has just published a new victim : Lamberti Group

Description: The Lamberti Group produces chemical specialties for a broad rang e of applications. We are ready to upload essential corporate documents such as: det ailed financial information, employee personal information, proje cts, customers data, corporate NDA’s, etc.

Source: Ransomware.live

April 16th, 2025 (4 days ago)

CVE-2025-3739

Drupal 8 Google Optimize Hide Page - Critical - Unsupported - SA-CONTRIB-2025-040

Description: Vulnerability in Drupal Drupal 8 Google Optimize Hide Page.This issue affects Drupal 8 Google Optimize Hide Page: *.*.

EPSS Score: 0.03%

SSVC Exploitation: none

Source: CVE

April 16th, 2025 (4 days ago)

CVE-2025-3738

Google Optimize - Critical - Unsupported - SA-CONTRIB-2025-039

Description: Vulnerability in Drupal Google Optimize.This issue affects Google Optimize: *.*.

EPSS Score: 0.03%

Source: CVE

April 16th, 2025 (4 days ago)

CVE-2025-3737

Google Maps: Store Locator - Critical - Unsupported - SA-CONTRIB-2025-038

Description: Vulnerability in Drupal Google Maps: Store Locator.This issue affects Google Maps: Store Locator: *.*.

EPSS Score: 0.03%

Source: CVE

April 16th, 2025 (4 days ago)

Threat and Vulnerability Intelligence Database

Example Searches: