CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A judge rules that Anthropic's training on copyrighted works without authors' permission was a legal fair use, but that stealing the books in the first place is illegal.
June 24th, 2025 (11 days ago)
|
CVE-2025-32976 |
Description: Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains a logic flaw in its two-factor authentication implementation that allows authenticated users to bypass TOTP-based 2FA requirements. The vulnerability exists in the 2FA validation process and can be exploited to gain elevated access.
EPSS Score: 0.1%
June 24th, 2025 (11 days ago)
|
|
CVE-2025-27828 |
Description: A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4, 10.1.0.0 through 10.1.0.5, and 10.2.0.0 through 10.2.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful exploit requires user interaction and could allow an attacker to execute arbitrary scripts with a limited impact on the confidentiality and the integrity.
EPSS Score: 0.04% SSVC Exploitation: none
June 24th, 2025 (11 days ago)
|
|
Description: The U.S. House of Representatives has banned the use of WhatsApp on government-managed devices for congressional staffers, citing significant cybersecurity concerns around data protection and transparency. The directive was issued Monday by the House's Chief Administrative Officer (CAO), who informed staff that the Meta-owned messaging app posed a “high risk” due to opaque data handling …
The post U.S. House Bans WhatsApp on Staff Devices Over Security Concerns appeared first on CyberInsider.
June 24th, 2025 (11 days ago)
|
|
Description: Sweeney is an always open and transparent residential design-buil
d remodeling firm that caters to homeowner professionals in Dane
County, specifically Madison, Stoughton, Fitchburg, Maple Bluff,
McFarland, Middleton, Monona, Oregon, Shorewood Hills, Sun Prairi
e, Verona, and Waunakee.
We are going to upload about 200(!)MB of corporate data. Just a f
ew financial files.
June 24th, 2025 (11 days ago)
|
|
|
Description: Keystone is a U.S. shipowner and operator founded in Philadelphia
in 1909.
We are ready to upload corporate documents such as: personal info
rmation of employees (DOB, phone, email and so on), detailed fina
ncial data (payment details, reports, invoices, salaries, bonuses
), corporate NDAs, cargo ship blueprints, etc.
June 24th, 2025 (11 days ago)
|
|
|
Description: Integrity Mortgage operates under the MAC 5 Mortgage umbrella and
has an A rating with the Better Business Bureau.
We are ready to upload more than 8 GB of essential corporate docu
ments such as: detailed personal client data (scans of passports,
SSNs, DLs, credit cards and so on), detailed company financial d
ata (audits, payment details, reports, invoices), correspondence,
etc.
June 24th, 2025 (11 days ago)
|
|
|
Description: The Lowell is a New York legacy and a landmark luxury hotel, located near Central Park and all the wonderful shops of Madison Avenue. Established in 1927.
June 24th, 2025 (11 days ago)
|
|
Description: Security researcher mr.d0x has unveiled a new browser-based social engineering technique dubbed FileFix, a creative evolution of the ClickFix attack chain. This method allows attackers to execute operating system commands on Windows systems directly through the file upload dialog, bypassing the need for the Run Dialog (Win + R), and demonstrates how benign features like …
The post New FileFix Attack Executes OS Commands Directly from the Browser appeared first on CyberInsider.
June 24th, 2025 (11 days ago)
|
|
June 24th, 2025 (11 days ago)
|