CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-22592
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update
Description: FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

EPSS Score: 0.08%

SSVC Exploitation: poc

Source: CVE
June 2nd, 2025 (11 days ago)

CVE-2024-22563
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.
Description: openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

EPSS Score: 0.08%

SSVC Exploitation: poc

Source: CVE
June 2nd, 2025 (11 days ago)

CVE-2024-0567
Gnutls: rejects certificate chain with distributed trust
Description: A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

EPSS Score: 1.09%

SSVC Exploitation: poc

Source: CVE
June 2nd, 2025 (11 days ago)
Alleged data breach of Oxygen – 134GB of Financial and Identity Documents Leaked
Description: Alleged data breach of Oxygen – 134GB of Financial and Identity Documents Leaked
Source: DarkWebInformer
June 2nd, 2025 (11 days ago)
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Description: Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies. Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations and
Source: TheHackerNews
June 2nd, 2025 (11 days ago)
🏴‍☠️ Worldleaks has just published a new victim : Jardin De Ville
Description: [AI generated] Jardin De Ville is a luxury outdoor furniture company based in Canada. Established in 1956, it offers a wide array of high-quality outdoor lounge and dining furniture. Renowned for their designs, it provides a vast collection of products such as umbrellas, lighting, sofas, and tables. Jardin De Ville collaborates with various prominent designer brands to maintain its luxurious and stylish offerings.
Source: Ransomware.live
June 2nd, 2025 (11 days ago)
Critical Bugs Could Spark Takeover of Widely Used Fire Safety OT/ICS Platform
Description: The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.
Source: Dark Reading
June 2nd, 2025 (11 days ago)
Australia Begins New Ransomware Payment Disclosure Rules
Description: The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential civil penalties.
Source: Dark Reading
June 2nd, 2025 (11 days ago)
Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says
Description: BO Team, also known as Black Owl, has been active since early 2024 and appears to operate independently, with its own arsenal of tools and tactics, researchers at Russian cybersecurity firm Kaspersky said.
Source: The Record
June 2nd, 2025 (11 days ago)
Alleged database leak of National Agency for Land Conservation, Cadastre, and Cartography (ANCFCC)
Description: Alleged database leak of National Agency for Land Conservation, Cadastre, and Cartography (ANCFCC)
Source: DarkWebInformer
June 2nd, 2025 (11 days ago)