Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Mozilla launches new system to detect Firefox crypto drainer add-ons
Description: Mozilla has developed a new security feature for its add-on portal that helps block Firefox malicious extensions that drain cryptocurrency wallets. [...]
Source: BleepingComputer
June 3rd, 2025 (5 days ago)
Scattered Spider: Three things the news doesn’t tell you
Description: Scattered Spider isn't one group — it's an identity-first threat model evolving fast. From vishing to AiTM phishing, they're exploiting MFA gaps to hijack the cloud. Watch the Push Security webinar to learn how their identity-based tactics work — and how to stop them. [...]
Source: BleepingComputer
June 3rd, 2025 (5 days ago)
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
Description: CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server. [...]
Source: BleepingComputer
June 3rd, 2025 (5 days ago)
🏴‍☠️ Qilin has just published a new victim : sky
Description: Established in 1987, Sky-mac is specialised in Air-Conditioning and Mechanical Ventilation (ACMV), HVAC system, related services, which encompasses the designing, installation, service, maintenance and repair of ACMV systems. Sky-mac has o ...
Source: Ransomware.live
June 3rd, 2025 (5 days ago)
Ukraine's Massive Drone Attack Was Powered by Open Source Software
Description: Ukraine used ArduPilot to help it wipe out Russian targets. It wasn’t the first time and it won’t be the last.
Source: 404 Media
June 3rd, 2025 (5 days ago)
The Egg Yolk Principle: Human Sexuality Will Always Outsmart Prudish Algorithms and Hateful Politicians
Description: Anti-porn laws can't stop porn, but they can stop free speech. In the meantime, people will continue to get off to anything and everything.
Source: 404 Media
June 3rd, 2025 (5 days ago)
Microsoft patches the patch that put Windows 11 in a coma
Source: TheRegister
June 3rd, 2025 (5 days ago)
Victoria’s Secret delays earnings release after security incident
Description: Fashion retail giant Victoria's Secret has delayed its first quarter 2025 earnings release because of ongoing corporate system restoration efforts following a May 24 security incident. [...]
Source: BleepingComputer
June 3rd, 2025 (5 days ago)
Multiple Vulnerabilities in SAP GuiXT Scripting
Description: Posted by Michał Majchrowicz via Fulldisclosure on Jun 03Security Advisory Vulnerabilities reported to vendor: March 13, 2025 Vendor requested additional information: March 20, 2025 Additional information provided to vendor: March 22, 2025 Vendor confirmed the reported issues but rejected them: March 31, 2025 Additional information provided to vendor: May 6, 2025 Vendor confirmed the reported issues but rejected them: May 15, 2025 Vendor closed the tickets for all reported issues: May 16, 2025 Public...
Source: Full Disclosure Mailinglist
June 3rd, 2025 (5 days ago)
Stored XSS in "Description" Functionality - cubecartv6.5.9
Description: Posted by Andrey Stoykov on Jun 03# Exploit Title: Stored XSS in "Description" Functionality - cubecartv6.5.9 # Date: 05/2025 # Exploit Author: Andrey Stoykov # Version: 6.5.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Stored XSS #1: Steps to Reproduce: 1. Visit "Account" > "Address Book" and choose "Edit" 2. In the "Description" parameter enter the following payload...
Source: Full Disclosure Mailinglist
June 3rd, 2025 (5 days ago)