CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises
Description: The threat actor known as Rare Werewolf (formerly Rare Wolf) has been linked to a series of cyber attacks targeting Russia and the Commonwealth of Independent States (CIS) countries. "A distinctive feature of this threat is that the attackers favor using legitimate third-party software over developing their own malicious binaries," Kaspersky said. "The malicious functionality of the campaign
Source: TheHackerNews
June 10th, 2025 (7 days ago)
Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account
Description: Google has stepped in to address a security flaw that could have made it possible to brute-force an account's recovery phone number, potentially exposing them to privacy and security risks. The issue, according to Singaporean security researcher "brutecat," leverages an issue in the company's account recovery feature. That said, exploiting the vulnerability hinges on several moving parts,
Source: TheHackerNews
June 10th, 2025 (7 days ago)
The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier
Description: Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely and efficiently without constant human oversight, which is where non-human identities (NHIs) come in. NHIs — including application secrets, API keys, service accounts, and OAuth tokens — have exploded in recent years, thanks to an
Source: TheHackerNews
June 10th, 2025 (7 days ago)
The Evolution of Linux Binaries in Targeted Cloud Operations
Description: Using data from machine learning tools, we predict a surge in cloud attacks leveraging reworked Linux Executable and Linkage Format (ELF) files. The post The Evolution of Linux Binaries in Targeted Cloud Operations appeared first on Unit 42.
Source: Palo Alto Unit42
June 10th, 2025 (7 days ago)
Múltiples vulnerabilidades en DM Corporative CMS de Dmacroweb
Description: Multiple vulnerabilities in DM Corporative CMS by Dmacroweb Tue, 06/10/2025 - 11:23 Aviso Affected Resources DM Corporative CMS, versions prior to 2025.01. Description INCIBE has coordinated the publication of 9 vulnerabilities: 4 of critical severity and 5 of medium severity, affecting DM Corporative CMS of Dmacroweb, a content management system. The vulnerabilities have been discovered by Oscar Atienza.These vulnerabilities have been assigned the following code, CVSS v4.0 base score, CVSS vector and CWE vulnerability type:CVE-2025-40654 to CVE-2025-40657: CVSS v4.0: 9.3 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-89CVE-2025-40658 to CVE-2025-40661: CVSS v4.0: 6.9 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-639CVE-2025-40662: CVSS v4.0: 6.9 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-200 Identificador INCIBE-2025-0305 5 - Critical Solution The vulnerabilities have been fixed by the Dmacroweb team in version 2025.01. Detail A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases. The list of assigned parameters and identifiers is as follows:CVE-2025-40654: name and cod parameters in /antbuspre.asp.CVE-2025-40655: na...

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: Incibe CERT
June 10th, 2025 (7 days ago)
🏴‍☠️ Stormous has just published a new victim : education.gouv.fr
Description: Data of over +40,000 individuals has been accessed. The data includes email addresses, passwords, dates, login URLs, names, and regions
Source: Ransomware.live
June 10th, 2025 (7 days ago)
Russian NGO Warns the FSB Is Intercepting Telegram Messages to Prosecute Users
Description: Russia's Federal Security Service (FSB) has reportedly intercepted private messages between Russian citizens and Ukrainian Telegram channel bots, initiating treason investigations based on the contents, according to human rights NGO First Department. The revelation underscores escalating digital surveillance and raises concerns about Telegram's security posture amid Russia's deepening crackdown on dissent. Shades on Telegram The … The post Russian NGO Warns the FSB Is Intercepting Telegram Messages to Prosecute Users appeared first on CyberInsider.
Source: CyberInsider
June 10th, 2025 (7 days ago)
MacOS 26 ‘Tahoe’ Is the End of the Road for Intel-based Apple Computers
Description: Apple has officially announced that macOS 26 “Tahoe” will be the final version of its desktop operating system to support Intel-based Macs, effectively drawing the curtain on the architecture that powered Macs for nearly two decades. The news came not during the widely viewed WWDC keynote but rather in a quieter moment of the Platforms … The post MacOS 26 ‘Tahoe’ Is the End of the Road for Intel-based Apple Computers appeared first on CyberInsider.
Source: CyberInsider
June 10th, 2025 (7 days ago)
Apple tries to contain itself with lightweight Linux VMs for macOS
Source: TheRegister
June 10th, 2025 (7 days ago)
Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser
Source: TheRegister
June 10th, 2025 (7 days ago)