CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Ransomware now plays a role in nearly half of all breaches, new research finds
Description: Verizon researchers found that 64% of ransomware victims did not pay the ransoms — which was up from 50% two years ago.
Source: The Record
April 24th, 2025 (about 2 months ago)
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)
Description: As we pack our bags and prepare for the adult-er version of BlackHat (that apparently doesn’t require us to print out stolen mailspoolz to hand to people at their talks), we want to tell you about a recent adventure - a heist, if you will.No heist story

CVSS: CRITICAL (10.0)

EPSS Score: 63.86%

Source: Watchtower Labs
April 24th, 2025 (about 2 months ago)
Yale New Haven Health Confirms 5.5 Million Affected in March Cybersecurity Incident
Description: Yale New Haven Health has officially confirmed that a March cybersecurity breach impacted over 5.5 million individuals, making it one of the largest healthcare data incidents reported in 2025. The figure, now listed on the U.S. Department of Health and Human Services’ Office for Civil Rights (HHS OCR) breach portal, significantly expands the scope of … The post Yale New Haven Health Confirms 5.5 Million Affected in March Cybersecurity Incident appeared first on CyberInsider.
Source: CyberInsider
April 24th, 2025 (about 2 months ago)
Your vendor may be the weakest link: Percentage of third-party breaches doubled in a year
Source: TheRegister
April 24th, 2025 (about 2 months ago)
Millions impacted by data breaches at Blue Shield of California, mammography service and more
Description: Blue Shield of California said an improper Google Analytics configuration exposed the data of more than 4.5 million people, while state regulators recently received more than a dozen other reports involving healthcare-related organizations.
Source: The Record
April 23rd, 2025 (about 2 months ago)
Blue Shield of California leaked health data of 4.7 million members to Google
Description: Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google's analytics and advertisement platforms. [...]
Source: BleepingComputer
April 23rd, 2025 (about 2 months ago)
Blue Shield of California Exposed Health Data of 4.7 Million Members
Description: Blue Shield of California has disclosed a data breach that potentially exposed the protected health information (PHI) of approximately 4.7 million individuals. The breach, which stemmed from misconfigured web analytics, went undetected for nearly three years and was officially listed on the U.S. Department of Health and Human Services (HHS) Office for Civil Rights breach … The post Blue Shield of California Exposed Health Data of 4.7 Million Members appeared first on CyberInsider.
Source: CyberInsider
April 23rd, 2025 (about 2 months ago)
Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends
🚨 Marked as known exploited on April 23rd, 2025 (about 2 months ago).
Description: The 2025 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation was present in 20% of breaches — a 34% increase year-over-year. To support the report, Tenable Research contributed enriched data on the most exploited vulnerabilities. In this blog, we analyze 17 edge-related CVEs and remediation trends across industry sectors.BackgroundSince 2008, Verizon’s annual Data Breach Investigations Report (DBIR) has helped organizations understand evolving cyber threats. For the 2025 edition, Tenable Research contributed enriched data on the most exploited vulnerabilities of the past year. We analyzed over 160 million data points and zeroed-in on the 17 edge device CVEs featured in the DBIR to understand their average remediation times. In this blog, we take a closer look at these vulnerabilities, revealing industry-specific trends and highlighting where patching still lags — often by months.In this year’s DBIR, vulnerabilities in Virtual Private Networks (VPNs) and edge devices were particular areas of concern, accounting for 22% of the CVE-related breaches in this year’s report, almost eight times the amount of 3% found in the 2024 report.AnalysisThe 2025 DBIR found that exploitation of vulnerabilities surged to be one of the top initial access vectors for 20% of data breaches. This represents a 34% increase over last year’s report and is driven in part by the zero-day exploitation of VPN and edge device vulnerabilities – asset classes that tradit...

CVSS: MEDIUM (6.0)

Source: Tenable Blog
April 23rd, 2025 (about 2 months ago)
Thousands of Baltimore students, teachers affected by data breach following February ransomware attack
Description: Thousands of students, teachers and administrators had information stolen from the Baltimore City Public Schools system during a ransomware attack in February.
Source: The Record
April 23rd, 2025 (about 2 months ago)
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
Description: The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.
Source: Dark Reading
April 22nd, 2025 (about 2 months ago)