CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[@keystone-6/core] Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields
Description: Summary {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. These filters can be used as an oracle to probe the existence or value of otherwise unreadable fields. Specifically, when a mutation includes a where clause with multiple unique filters (e.g. id and email), Keystone will attempt to match records even if filtering by the latter fields would normally be rejected by field.isFilterable or list.defaultIsFilterable. This can allow malicious actors to infer the presence of a particular field value when a filter is successful in returning a result. Impact This affects any project relying on the default or dynamic isFilterable behaviour (at the list or field level) to prevent external users from using the filtering of fields as a discovery mechanism. While this access control is respected during findMany operations, it was not completely enforced during update and delete mutations when accepting more than one unique where values in filters. This has no impact on projects using isFilterable: false or defaultIsFilterable: false for sensitive fields, or if you have otherwise omitted filtering by these fields from your GraphQL schema. (See workarounds) Patches This issue has been patched in @keystone-6/core version 6.5.0. Workarounds To mitigate this issue in older versions where patching is not a viable pathway. Set isFilterable: false statically for relevant fields to prevent filtering by them earlier in th...
Source: Github Advisory Database (NPM)
May 5th, 2025 (about 2 months ago)
Unofficial Signal app used by Trump officials investigates hack
Description: TeleMessage, an Israeli company that sells an unofficial Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being hacked. [...]
Source: BleepingComputer
May 5th, 2025 (about 2 months ago)
Hackers launch ‘serious’ attacks against Georgia school district, New Mexico university
Description: Multiple school districts and a university in New Mexico are suffering from cyberattacks wreaking havoc as the end of the school year approaches.
Source: The Record
May 5th, 2025 (about 2 months ago)
[@misskey-dev/summaly] @misskey-dev/summaly Redirect Filter Bypass
Description: Summary A logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced. Details In the main summaly function, a new scrapingOptions object is created and passed to either the matched plugin, if any, or the default summarize function. The issue here is that the new scrapingOptions object is not provided the allowRedirects property of opts. PoC Publish a post containing a link to any URL that redirects on Misskey. A preview will be generated for the target of the redirect, despite Misskey passing allowRedirects: false. Impact Misskey will follow redirects, despite explicitly requesting not to. References https://github.com/misskey-dev/summaly/security/advisories/GHSA-7899-w6c4-vqc4 https://github.com/misskey-dev/summaly/commit/45153b4f08a772c395a13f7a25399dd87ed022ed https://github.com/advisories/GHSA-7899-w6c4-vqc4
Source: Github Advisory Database (NPM)
May 5th, 2025 (about 2 months ago)
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
Description: Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo. "These vulnerabilities can be chained by
Source: TheHackerNews
May 5th, 2025 (about 2 months ago)
Darcula PhaaS steals 884,000 credit cards via SMS phishing texts
Description: The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. [...]
Source: BleepingComputer
May 5th, 2025 (about 2 months ago)
GlobalX, Airline for Trump’s Deportations, Hacked
Description: Hackers say they have obtained what they say are passenger lists for GlobalX flights from January to this month. The data appears to include people who have been deported.
Source: 404 Media
May 5th, 2025 (about 2 months ago)
🏴‍☠️ Bert has just published a new victim : SIMCO Electronics (UPDATE 5/5/2025)
Description: SIMCO Electronics is a leading provider of calibration and software solutions for technology companies. Founded in 1962 to serve NASA and Silicon Valley firms.
Source: Ransomware.live
May 5th, 2025 (about 2 months ago)
🏴‍☠️ Hunters has just published a new victim : Sioux Chief
Description: Exfiltraded data : yes - Encrypted data : yes
Source: Ransomware.live
May 5th, 2025 (about 2 months ago)
🏴‍☠️ Hunters has just published a new victim : GPF Lewis
Description: Exfiltraded data : yes - Encrypted data : yes
Source: Ransomware.live
May 5th, 2025 (about 2 months ago)