CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Windows 11 June 2025 Patch Tuesday Fixes 66 Flaws, One Zero-Day
🚨 Marked as known exploited on June 10th, 2025 (11 days ago).
Description: Microsoft's June 2025 Patch Tuesday addresses 66 vulnerabilities across its product suite, including a high-severity zero-day in the WebDAV service that is currently being exploited in the wild. The most critical flaws this month impact core Windows services, remote access components, and Microsoft Office products. The zero-day vulnerability, tracked as CVE-2025-33053, is a remote code … The post Windows 11 June 2025 Patch Tuesday Fixes 66 Flaws, One Zero-Day appeared first on CyberInsider.

CVSS: HIGH (8.8)

EPSS Score: 16.5%

Source: CyberInsider
June 10th, 2025 (11 days ago)
Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)
🚨 Marked as known exploited on June 10th, 2025 (11 days ago).
Description: 9Critical56Important0Moderate0LowMicrosoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild.Microsoft addresses 65 CVEs in its June 2025 Patch Tuesday release, with nine rated critical, and 56 rated as important. Our counts omitted one vulnerability reported by CERT CC.This month’s update includes patches for:.NET and Visual StudioApp Control for Business (WDAC)Microsoft AutoUpdate (MAU)Microsoft Local Security Authority Server (lsasrv)Microsoft OfficeMicrosoft Office ExcelMicrosoft Office OutlookMicrosoft Office PowerPointMicrosoft Office SharePointMicrosoft Office WordNuance Digital Engagement PlatformPower AutomateRemote Desktop ClientVisual StudioWebDAVWindows Common Log File System DriverWindows Cryptographic ServicesWindows DHCP ServerWindows DWM Core LibraryWindows HelloWindows InstallerWindows KDC Proxy Service (KPSSVC)Windows KernelWindows Local Security Authority (LSA)Windows Local Security Authority Subsystem Service (LSASS)Windows MediaWindows NetlogonWindows Recovery DriverWindows Remote Access Connection ManagerWindows Remote Desktop ServicesWindows Routing and Remote Access Service (RRAS)Windows SDKWindows SMBWindows Security AppWindows ShellWindows Standards-Based Storage Management ServiceWindows Storage Management ProviderWindows Storage Port DriverWindows Win32K GRFXRemote code execution (RCE) vulnerabilities accounted for 38.5% of the vulnerabilities patched this month, followed by information disclosure vu...

CVSS: HIGH (8.8)

EPSS Score: 16.5%

Source: Tenable Blog
June 10th, 2025 (11 days ago)
Texas warns 300,000 crash reports siphoned via compromised user account
Source: TheRegister
June 10th, 2025 (11 days ago)
🏴‍☠️ Everest has just published a new victim : Department of Culture and Tourism Abu Dhabi - Full leak published
Description: [AI generated] The Department of Culture and Tourism Abu Dhabi is a governmental organization in charge of conserving and promoting the Emirate's cultural heritage and tourism sector. They plan festivals, concerts and other cultural events, manage major tourist sites and museums, work to attract international visitors, and regulate the tourism industry in Abu Dhabi.
Source: Ransomware.live
June 10th, 2025 (11 days ago)

CVE-2025-33053
Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability
Description: Web Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows.

CVSS: HIGH (8.8)

EPSS Score: 16.5%

Source: CISA KEV
June 10th, 2025 (11 days ago)
OpenAI working to fix ChatGPT outage affecting users worldwide
Description: OpenAI is working to fix an ongoing outage impacting ChatGPT users worldwide and preventing them from accessing the chatbot on the web or via mobile and desktop apps. [...]
Source: BleepingComputer
June 10th, 2025 (12 days ago)
AI is a data-breach time bomb, reveals new report
Description: AI acts like Pac-Man—devouring sensitive data across clouds, apps, and copilots. Varonis analyzed 1,000 orgs and found 99% have exposed data AI can access, exposing them to data risks. [...]
Source: BleepingComputer
June 10th, 2025 (12 days ago)
Massive Heroku outage impacts web platforms worldwide
Description: Heroku is suffering a widespread outage that has lasted over six hours, preventing developers from logging into the platform and breaking website functionality. [...]
Source: BleepingComputer
June 10th, 2025 (12 days ago)
Ivanti Workspace Control hardcoded key flaws expose SQL credentials
Description: Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. [...]
Source: BleepingComputer
June 10th, 2025 (12 days ago)
FIN6 hackers pose as job seekers to backdoor recruiters’ devices
Description: In a twist on typical hiring-related social engineering attacks, the FIN6 hacking group impersonates job seekers to target recruiters, using convincing resumes and phishing sites to deliver malware. [...]
Source: BleepingComputer
June 10th, 2025 (12 days ago)