CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Hackers use FastHTTP in new high-speed Microsoft 365 password attacks Description: Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. [...] Source: BleepingComputer January 14th, 2025 (5 months ago)
	Microsoft 365 apps crash on Windows Server after Office update Description: Microsoft says a known issue is causing Classic Outlook and Microsoft 365 applications to crash on Windows Server 2016 or Windows Server 2019 systems. [...] Source: BleepingComputer January 14th, 2025 (5 months ago)
	Microsoft Cracks Down on Malicious Copilot AI Use Description: According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services. Source: Dark Reading January 13th, 2025 (5 months ago)
	Microsoft sues 'foreign-based' criminals, seizes sites used to abuse AI Source: TheRegister January 13th, 2025 (5 months ago)
	Microsoft: macOS bug lets hackers install malicious kernel drivers Description: Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. [...] Source: BleepingComputer January 13th, 2025 (5 months ago)
	Microsoft MFA outage blocking access to Microsoft 365 apps Description: Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps. [...] Source: BleepingComputer January 13th, 2025 (5 months ago)
CVE-2024-42179	HCL MyXalytics is affected by sensitive information disclosure vulnerability Description: HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version. CVSS: LOW (2.0) EPSS Score: 0.04% Source: CVE January 13th, 2025 (5 months ago)
	Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation Description: Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech giant's Digital Crimes Unit (DCU) said it has observed the threat actors "develop Source: TheHackerNews January 11th, 2025 (5 months ago)
	Microsoft to force install new Outlook on Windows 10 PCs in February Description: Microsoft will force install the new Outlook email client on Windows 10 systems starting with next month's security update. [...] Source: BleepingComputer January 10th, 2025 (5 months ago)
CVE-2024-12802	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security... Description: SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name. CVSS: CRITICAL (9.1) EPSS Score: 0.04% Source: CVE January 10th, 2025 (5 months ago)