CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. [...]
May 8th, 2025 (about 2 months ago)
|
|
Description: Impact
The Trix editor, in versions prior to 2.1.15, is vulnerable to XSS attacks when pasting malicious code.
An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed.
Patches
Update Recommendation: Users should upgrade to Trix editor version 2.1.15 or later.
References
The XSS vulnerability was reported by HackerOne researcher hiumee.
References
https://github.com/basecamp/trix/security/advisories/GHSA-mcrw-746g-9q8h
https://github.com/basecamp/trix/commit/75226089646841b0f774d8b152e5ec27d2d9e191
https://github.com/advisories/GHSA-mcrw-746g-9q8h
May 8th, 2025 (about 2 months ago)
|
|
|
Description: Summary
When using the Rack::Session::Pool middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session.
Details
Rack session middleware prepares the session at the beginning of request, then saves is back to the store with possible changes applied by host rack application. This way the session becomes to be a subject of race conditions in general sense over concurrent rack requests.
Impact
When using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout.
Mitigation
Update to the latest version of rack-session, or
Ensure your application invalidates sessions atomically by marking them as logged out e.g., using a logged_out flag, instead of deleting them, and check this flag on every request to prevent reuse, or
Implement a custom session store that tracks session invalidation timestamps and refuses to accept session data if the session was invalidated after the request began.
Related
This code was previously part of rack in Rack < 3, see https://github.com/rack/rack/security/advisories/GHSA-vpfw-47h7-xj4g for the equivalent advisory in rack (affecting Rack < 3 only).
References
https://github.com/rack/rack-session/security/...
May 8th, 2025 (about 2 months ago)
|
|
|
Description: FastMap::get() lacks sufficient checks to its parameter index and is used to unsafely get a Vec element.
fast_id_map is unmaintained.
References
https://github.com/Bruce0203/fast_map
https://rustsec.org/advisories/RUSTSEC-2025-0034.html
https://github.com/advisories/GHSA-4h96-mv53-2c86
May 8th, 2025 (about 2 months ago)
|
|
Description: Alleged Data Leak of 10,000+ US Citizens PII
May 8th, 2025 (about 2 months ago)
|
|
Description: People and organizations across Japan are being inundated with phishing messages from cybercriminals who are using CoGUI, a sophisticated toolkit that lets them avoid detection.
May 8th, 2025 (about 2 months ago)
|
|
Description: "Novaevo" refers to a specialized software solution developed by T.consulT, an Italian company, designed to manage the lifecycle of technical documentation in industrial sectors, particularly aerospace and defense. The software ensures...
May 8th, 2025 (about 2 months ago)
|
|
Description: Explore Insikt Group's in-depth 2025 report on the US-China AI race—comparing funding, talent, regulation, compute capacity, and model benchmarks. Discover why China trails the US and what could change before 2030.
May 8th, 2025 (about 2 months ago)
|
|
Description: Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024.
"NETXLOADER is a new .NET-based loader that plays a critical role in cyber attacks," Trend Micro researchers Jacob Santos, Raymart Yambot, John Rainier Navato, Sarah Pearl
May 8th, 2025 (about 2 months ago)
|
|
Description: Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. [...]
May 8th, 2025 (about 2 months ago)
|