CyberAlerts

The North Face Suffers New Credential Stuffing Customer Data Breach

Description: Outdoor gear giant The North Face has notified customers of a new credential stuffing attack that exposed personal account details, marking the second such security incident in just two months. The latest attack was detected on April 23, 2025, raising fresh concerns about the brand’s account security practices. According to the customer notice issued by … The post The North Face Suffers New Credential Stuffing Customer Data Breach appeared first on CyberInsider.

Source: CyberInsider

June 2nd, 2025 (12 days ago)

CVE-2025-3951

WP-Optimize < 4.2.0 - Admin+ SQLi

Description: The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations.

EPSS Score: 0.03%

Source: CVE

June 2nd, 2025 (12 days ago)

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

Description: Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia. "In what appears to be a multi-stage phishing operation, the attackers

Source: TheHackerNews

June 2nd, 2025 (12 days ago)

🏴‍☠️ Nightspire has just published a new victim : Pistolero

Description: Pistolero (Mexico)

Source: Ransomware.live

June 2nd, 2025 (12 days ago)

CVE-2025-25179

GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory

Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.

EPSS Score: 0.01%

Source: CVE

June 2nd, 2025 (12 days ago)

🏴‍☠️ Nightspire has just published a new victim : Hospital José Agurto Tello de Chosica

Description: Hospital José Agurto Tello de Chosica (Peru)

Source: Ransomware.live

June 2nd, 2025 (13 days ago)

🏴‍☠️ Lynx has just published a new victim : Wilkie Sanderson

Description: On time. Every time.

Source: Ransomware.live

June 2nd, 2025 (13 days ago)

Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data

Source: TheRegister

June 2nd, 2025 (13 days ago)

🏴‍☠️ Incransom has just published a new victim : Universidad Técnica del Norte Ecuador

Description: Universidad Técnica del Norte UTN, Ciencia y Técnica al Servicio del Pueblo.

Source: Ransomware.live

June 2nd, 2025 (13 days ago)

🏴‍☠️ Incransom has just published a new victim : valuestoreit

Description: Value Store It Self Storage is a privately owned self storage company based in Miami, Florida. We tender over 1'00,000 sq/ft in Florida, New York, Connecticut and offer a safe and clean place for residential and business customers to store their belongings. All the Value Store It facilities are managed by a professional staff that is trained to meet your needs and expectations. Their knowledge of storage and the local area make them a reliable source for questions regarding storage, truck rentals, moving services packing supplies and communities serviced. Value Store It Self Storage continues to expand in South Florida and is currently adding properties to accommodate new and future customers.

Source: Ransomware.live

June 2nd, 2025 (13 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	The North Face Suffers New Credential Stuffing Customer Data Breach Description: Outdoor gear giant The North Face has notified customers of a new credential stuffing attack that exposed personal account details, marking the second such security incident in just two months. The latest attack was detected on April 23, 2025, raising fresh concerns about the brand’s account security practices. According to the customer notice issued by … The post The North Face Suffers New Credential Stuffing Customer Data Breach appeared first on CyberInsider. Source: CyberInsider June 2nd, 2025 (12 days ago)
CVE-2025-3951	WP-Optimize < 4.2.0 - Admin+ SQLi Description: The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations. EPSS Score: 0.03% Source: CVE June 2nd, 2025 (12 days ago)
	Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions Description: Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia. "In what appears to be a multi-stage phishing operation, the attackers Source: TheHackerNews June 2nd, 2025 (12 days ago)
	🏴‍☠️ Nightspire has just published a new victim : Pistolero Description: Pistolero (Mexico) Source: Ransomware.live June 2nd, 2025 (12 days ago)
CVE-2025-25179	GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. EPSS Score: 0.01% Source: CVE June 2nd, 2025 (12 days ago)
	🏴‍☠️ Nightspire has just published a new victim : Hospital José Agurto Tello de Chosica Description: Hospital José Agurto Tello de Chosica (Peru) Source: Ransomware.live June 2nd, 2025 (13 days ago)
	🏴‍☠️ Lynx has just published a new victim : Wilkie Sanderson Description: On time. Every time. Source: Ransomware.live June 2nd, 2025 (13 days ago)
	Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data Source: TheRegister June 2nd, 2025 (13 days ago)
	🏴‍☠️ Incransom has just published a new victim : Universidad Técnica del Norte Ecuador Description: Universidad Técnica del Norte UTN, Ciencia y Técnica al Servicio del Pueblo. Source: Ransomware.live June 2nd, 2025 (13 days ago)
	🏴‍☠️ Incransom has just published a new victim : valuestoreit Description: Value Store It Self Storage is a privately owned self storage company based in Miami, Florida. We tender over 1'00,000 sq/ft in Florida, New York, Connecticut and offer a safe and clean place for residential and business customers to store their belongings. All the Value Store It facilities are managed by a professional staff that is trained to meet your needs and expectations. Their knowledge of storage and the local area make them a reliable source for questions regarding storage, truck rentals, moving services packing supplies and communities serviced. Value Store It Self Storage continues to expand in South Florida and is currently adding properties to accommodate new and future customers. Source: Ransomware.live June 2nd, 2025 (13 days ago)