Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Alleged breach of Odoo S.A. – Full Employee Database (63.4MB) for Sale at $25,000
June 5th, 2025 (about 23 hours ago)
|
|
Description: ConnectWise issued a patch to stave off attacks on ScreenConnect customers, but the company's disclosures don't explain what the vulnerability is and when it was first exploited.
June 5th, 2025 (about 23 hours ago)
|
|
Description: The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government.
That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysis.
"Their diverse toolset shows consistent coding patterns across malware families, particularly in
June 5th, 2025 (about 23 hours ago)
|
|
Description: Sturdevant's Auto parts is the regions largest automotive parts &
accessory business with 40 locally owned stores in SD, ND, Iowa
, Minnesota & Nebraska.
We are going to upload about 16 GB of corporate data. Personal do
cuments, lots of contracts and agreements, client data, financial
data (audits, payment details, reports), etc.
June 5th, 2025 (about 23 hours ago)
|
|
|
Description: Columbia Integração delivers IT solutions in cloud, cybersecurity, and infrastructure to drive digital transformation for businesses in Brazil.
June 5th, 2025 (about 23 hours ago)
|
|
June 5th, 2025 (about 24 hours ago)
|
|
Description: Critical security flaws in dozens of popular Chrome extensions, ranging from hardcoded API credentials to unencrypted data transmissions, collectively affect tens of millions of users. These vulnerabilities expose users to risks, including financial fraud, data profiling, and analytics manipulation. The investigations conducted by Symantec’s Security Technology and Response (STAR) team, highlight how common oversights like …
The post Over 90 Chrome Extensions Found Exposing Sensitive Data and Credentials appeared first on CyberInsider.
June 5th, 2025 (about 24 hours ago)
|
CVE-2025-47827 |
Description: In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.
June 5th, 2025 (about 24 hours ago)
|
|
CVE-2025-30084 |
Extension - rsjoomla.com - A reflected XSS vulnerability RSMail! component 3.0.0 - 3.3.13 for Joomla
Description: A stored XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text fields or other input points, which is subsequently executed in the browser of any user who clicks on the crafted text in the dashboard.
June 5th, 2025 (about 24 hours ago)
|
|
CVE-2025-27753 |
Description: A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was discovered. The vulnerability is due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker to inject malicious SQL code through unsanitized input fields, which are used directly in SQL queries. Exploiting this flaw can lead to unauthorized database access, data leakage, or modification of records.
June 5th, 2025 (about 24 hours ago)
|