CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Google Threat Intelligence spotted the China-based operation known as APT41 leveraging the company's own Calendar app as part of a cyber-espionage campaign.
May 29th, 2025 (14 days ago)
|
|
Description: The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China (PRC) of targeting its Ministry of Foreign Affairs.
In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the unclassified networks of the Czech Ministry of Foreign Affairs. The extent of the breach is presently not
May 28th, 2025 (15 days ago)
|
|
Description: The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country's Ministry of Foreign Affairs and critical infrastructure organizations. [...]
May 28th, 2025 (15 days ago)
|
|
Description: China- and North Korea-aligned groups account for more than half of global attacks, and an increasing number of countries look to cyber to balance power in the region.
May 27th, 2025 (16 days ago)
|
|
Description: According to police in Guangzhou, the group — allegedly linked to Taiwan’s ruling Democratic Progressive Party (DPP) — has targeted more than 1,000 key networks in over 10 Chinese provinces.
May 27th, 2025 (16 days ago)
|
|
May 26th, 2025 (18 days ago)
|
|
Description: A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region.
The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary code on a
CVSS: MEDIUM (5.3) EPSS Score: 82.26%
May 22nd, 2025 (21 days ago)
|
CVE-2025-4692 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 5.9
ATTENTION: Exploitable remotely/Low attack complexity
Vendor: ABUP
Equipment: ABUP Internet of Things (IoT) Cloud Platform
Vulnerability: Incorrect Privilege Assignment
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to access device profiles for which they are not authorized.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following ABUP products are affected:
ABUP IoT Cloud Platform: All Versions
3.2 VULNERABILITY OVERVIEW
3.2.1 INCORRECT PRIVILEGE ASSIGNMENT CWE-266
Actors can use a maliciously crafted JavaScript Object Notation (JSON) Web Token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by the Cloud Update Platform.
CVE-2025-4692 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L).
A CVSS v4 score has also been calculated for CVE-2025-4692. A base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Communications
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: China
3.4 RESEARCHER
Daniel Christensen of Telenor reported this vulnerability to CISA
4. MITIGATIONS
ABUP did not respond ...
CVSS: MEDIUM (6.8) EPSS Score: 0.03%
May 20th, 2025 (23 days ago)
|
|
Description: State and local governments must grapple with resource constraints even as they face increased demand for cybersecurity vigilance to protect critical infrastructure and essential services. Here’s how exposure management can help.State and local governments play a crucial role in the daily lives of communities, including managing the critical infrastructure we rely on every day, such as water systems, transportation networks, power grids, and emergency services. These institutions are on the front lines of delivering and safeguarding these essential services. A successful cyber attack on even a small municipality can disrupt daily operations, compromise sensitive data and threaten public safety.As digital threats grow more advanced and persistent, protecting state and local systems is no longer just a technical issue, it is a fundamental part of securing the nation’s most vital functions. To address this growing challenge, state and local governments need comprehensive statewide cybersecurity strategies aligned with recognized cybersecurity best practices and standards, sustainable funding and coordinated support to defend against ever evolving threats.Cyber threats against state and local governmentsAs frontline operators of critical infrastructure, state and local governments face an increasingly complex and evolving cyber threat landscape. For example, in 2023, Volt Typhoon, a state-sponsored threat actor backed by the People’s Republic of China (PRC), launched a prolong...
May 20th, 2025 (23 days ago)
|
|
Description: Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.
ESET, which first discovered the hacking group's intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using
May 20th, 2025 (23 days ago)
|