CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
May 9th, 2025 (about 2 months ago)
|
|
May 9th, 2025 (about 2 months ago)
|
|
Description: Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor.
"Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's
May 9th, 2025 (about 2 months ago)
|
|
Description: AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity theft, and malicious misuse.
If your company is exploring or already using AI agents, you need to ask: Are they secure?
AI agents work with sensitive data and make real-time decisions. If they’re not
May 9th, 2025 (about 2 months ago)
|
|
Description: Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025.
"The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos
May 9th, 2025 (about 2 months ago)
|
|
Description: The Hennessy Funds are offered only to United States residents, and information on this web site is intended only for such persons.
May 9th, 2025 (about 2 months ago)
|
|
|
Description: Mountain View Mushrooms Mountain View Mushrooms was established in 2003. We are the largest producer and wholesaler of fresh mushrooms in the Intermountain West.
May 9th, 2025 (about 2 months ago)
|
CVE-2025-46392 |
Description: Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x.
There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration team does not intend to fix these issues in 1.x. Apache Commons Configuration 1.x is still safe to use in scenario's where you only load trusted configurations.
Users that load untrusted configurations or give attackers control over usage patterns are recommended to upgrade to the 2.x version line, which fixes these issues. Apache Commons Configuration 2.x is not a drop-in replacement, but as it uses a separate Maven groupId and Java package namespace they can be loaded side-by-side, making it possible to do a gradual migration.
EPSS Score: 0.04%
May 9th, 2025 (about 2 months ago)
|
|
Description: The Vulnerability Treadmill
The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct
May 9th, 2025 (about 2 months ago)
|
|
Description: Unit 42 details a new malware obfuscation technique where threat actors hide malware in bitmap resources within .NET applications. These deliver payloads like Agent Tesla or XLoader.
The post Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources appeared first on Unit 42.
May 9th, 2025 (about 2 months ago)
|