CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Countries Begin NATO's Locked Shields Cyber Defense Exercise
Description: The NATO-run live cyber exercise event helps countries test and develop defenses against current and emerging cyber threats including disinformation, quantum, and AI.
Source: Dark Reading
May 8th, 2025 (about 2 months ago)
From Managing Vulnerabilities to Managing Exposure: The Critical Shift You Can’t Ignore
Description: Vulnerability management remains core to reducing cyber risk — but as the attack surface grows, teams need a risk-driven strategy that looks beyond vulnerabilities to see the bigger picture. Discover how exposure management unifies data and prioritizes real exposures — keeping teams proactive and ahead of cyber threats.The limits of siloed securityOver the years, the attack surface has grown significantly with the rise of cloud computing, software as a service (SaaS), internet of things (IoT), operational technology (OT), AI and other emerging technologies. The COVID-19 pandemic accelerated this shift, with many companies adopting hybrid, remote-office models, even as many, in recent years, have instituted return-to-office policies.As digital infrastructure expanded, security teams added more tools to combat emerging cyber threats, leading to tool sprawl. Now, many organizations juggle dozens of different security tools, resulting in inefficiencies, especially when managing risk data and coordinating remediation efforts.On the data side, cybersecurity teams are stuck with siloed, disorganized and often duplicate risk data. Without context, prioritization becomes a guessing game, making it hard to identify the most critical risks to address. At the same time, security leaders struggle to answer basic questions like, “How exposed are we to an attack?”The operational challenge is equally concerning. Domain-specific practices remain manual and coordination between IT, DevOps, ...
Source: Tenable Blog
May 8th, 2025 (about 2 months ago)
Russian state-linked Coldriver spies add new malware to operation
Description: A Russian cyber-espionage group tracked as Coldriver by Google researchers has updated its malware toolset.
Source: The Record
May 8th, 2025 (about 2 months ago)
Ransomware: 'WannaCry' guidance for enterprise administrators
Description: Guidance for enterprise administrators who want to reduce the likelihood of being held to ransom by WannaCry (or other types of ransomware).
Source: NCSC Alerts and Advisories
May 8th, 2025 (about 2 months ago)
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware
Description: The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, involved the use of spear-phishing lures to deliver an updated version of a backdoor called ANEL. "The ANEL file from
Source: TheHackerNews
May 8th, 2025 (about 2 months ago)
Security Tools Alone Don't Protect You — Control Effectiveness Does
Description: 61% of security leaders reported suffering a breach due to failed or misconfigured controls over the past 12 months. This is despite having an average of 43 cybersecurity tools in place. This massive rate of security failure is clearly not a security investment problem. It is a configuration problem. Organizations are beginning to understand that a security control installed or deployed is not
Source: TheHackerNews
May 8th, 2025 (about 2 months ago)
Cyber security for major events
Description: Assessing the cyber security needs of major events.
Source: NCSC Alerts and Advisories
May 8th, 2025 (about 2 months ago)
SonicWall urges admins to patch VPN flaw exploited in attacks
Description: SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks [...]
Source: BleepingComputer
May 8th, 2025 (about 2 months ago)
Spam campaign targeting Brazil abuses Remote Monitoring and Management tools
Description: A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents.
Source: Cisco Talos Blog
May 8th, 2025 (about 2 months ago)
Ubiquiti Patches Critical UniFi Camera Remote Code Execution Flaw
Description: Ubiquiti has released urgent security updates for its UniFi Protect camera firmware and application after disclosing two vulnerabilities, one of which received a critical CVSS score of 10.0 due to its remote code execution (RCE) potential. Both flaws could allow attackers to gain unauthorized access to video streams or execute code remotely, posing serious risks … The post Ubiquiti Patches Critical UniFi Camera Remote Code Execution Flaw appeared first on CyberInsider.
Source: CyberInsider
May 8th, 2025 (about 2 months ago)