CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: SIMCO Electronics is a leading provider of calibration and software solutions for technology companies. Founded in 1962 to serve NASA and Silicon Valley firms.
May 10th, 2025 (about 2 months ago)
|
|
Description: Germany's Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform.
The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets
May 10th, 2025 (about 2 months ago)
|
|
Description: Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent.
The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid $391 million to a group of 40
May 10th, 2025 (about 2 months ago)
|
|
|
Description: TBD
May 10th, 2025 (about 2 months ago)
|
|
|
Description: 590K USD
May 10th, 2025 (about 2 months ago)
|
|
Description: Threat Attack Daily - 9th of May 2025
May 9th, 2025 (about 2 months ago)
|
|
Description: Ransomware Attack Update for the 9th of May 2025
May 9th, 2025 (about 2 months ago)
|
|
May 9th, 2025 (about 2 months ago)
|
|
Description: Summary
A maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the session token.
Details
Failure to properly validate the port for a proxy request can result in proxying to an arbitrary domain. The malicious URL https:///proxy/[email protected]/path would be proxied to [email protected]/path where the attacker could exfiltrate a user's session token.
Impact
Any user who runs code-server with the built-in proxy enabled and clicks on maliciously crafted links that go to their code-server instances with reference to /proxy.
Normally this is used to proxy local ports, however the URL can reference the attacker's domain instead, and the connection is then proxied to that domain, which will include sending cookies.
With access to the session cookie, the attacker can then log into code-server and have full access to the machine hosting code-server as the user running code-server.
Patches
Patched versions are from v4.99.4 onward.
References
https://github.com/coder/code-server/security/advisories/GHSA-p483-wpfp-42cj
https://github.com/coder/code-server/commit/47d6d3ada5aadef6d221f3d612401eb3dad9299e
https://github.com/coder/code-server/releases/tag/v4.99.4
https://github.com/advisories/GHSA-p483-wpfp-42cj
May 9th, 2025 (about 2 months ago)
|
|
|
Description: A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4432
https://github.com/briansmith/ring/pull/2447
https://github.com/briansmith/ring/commit/ec2d3cf1d91f148c84e4806b4f0b3c98f6df3b38
https://access.redhat.com/security/cve/CVE-2025-4432
https://bugzilla.redhat.com/show_bug.cgi?id=2350655
https://github.com/briansmith/ring
https://github.com/briansmith/ring/blob/main/RELEASES.md#version-01712-2025-03-05
https://rustsec.org/advisories/RUSTSEC-2025-0009.html
https://github.com/advisories/GHSA-c86p-w88r-qvqr
EPSS Score: 0.13%
May 9th, 2025 (about 2 months ago)
|