CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. [...]
April 29th, 2025 (about 2 months ago)
|
|
Description: After several days offline and swirling rumors of arrests and law enforcement action, BreachForums administrators have issued a statement claiming that their forum was not compromised and that no team members have been apprehended. The announcement, cryptographically signed with PGP, offers the first direct communication from the original forum's team since mid-April. According to the …
The post BreachForums Admins Deny Breach, Warn Against Clones appeared first on CyberInsider.
April 29th, 2025 (about 2 months ago)
|
|
Description: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider" BleepingComputer has learned from multiple sources. [...]
April 28th, 2025 (about 2 months ago)
|
|
Description: Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people. [...]
April 28th, 2025 (about 2 months ago)
|
|
Description: Urban One, the largest media company serving African Americans, disclosed a data breach to regulators. A ransomware group said it had attacked the company.
April 28th, 2025 (about 2 months ago)
|
|
Description: Our team managed to breach and encrypt Dermatologits of Birmingham's network.
Once we have breached the network we have managed to download 141GB from there.
What kind of data was taken:
- patients data
- medical data
- employee d ...
April 28th, 2025 (about 2 months ago)
|
|
Description: Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities, uncovered by Intruder’s bug-hunting team, reveal how attackers turn overlooked flaws into serious security incidents.
1. Stealing AWS Credentials with a Redirect
Server-Side Request Forgery (SSRF) is a
April 28th, 2025 (about 2 months ago)
|
|
Description: VeriSource Services, Inc., a Houston-based service provider, has disclosed a data breach it suffered after an external system was compromised earlier this year, affecting four million individuals. The breach, discovered in April 2025, resulted in the exposure of sensitive personal information. According to the details in a filing with the Maine Attorney General's office, the …
The post VeriSource Breach Exposes Personal Data of 4 Million Individuals appeared first on CyberInsider.
April 28th, 2025 (about 2 months ago)
|
|
Description: Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor instead.
WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to breach sites running
April 28th, 2025 (about 2 months ago)
|
|
Description: Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access.
The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities -
CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP
CVSS: CRITICAL (9.0) EPSS Score: 36.6%
April 28th, 2025 (about 2 months ago)
|