CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	With millions upon millions of victims, scale of unstoppable info-stealer malware laid bare Source: TheRegister February 27th, 2025 (4 months ago)
CVE-2024-57040	TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained via a... Description: TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained via a brute force attack. EPSS Score: 0.72% Source: CVE February 26th, 2025 (4 months ago)
CVE-2024-55581	When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because... Description: When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate (unless the using program specifies a TLS configuration). EPSS Score: 0.02% Source: CVE February 26th, 2025 (4 months ago)
	GrassCall scam drains crypto wallets through fake web3 job interviews Description: A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets. [...] Source: BleepingComputer February 26th, 2025 (4 months ago)
	Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet Source: TheRegister February 26th, 2025 (4 months ago)
CVE-2024-53573	Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for... Description: Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/{id}. EPSS Score: 0.06% Source: CVE February 26th, 2025 (4 months ago)
	AI-Fueled Tax Scams on the Rise Source: Dark Reading February 26th, 2025 (4 months ago)
CVE-2025-1634	[io.quarkus:quarkus-resteasy] io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout Description: A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError. References https://nvd.nist.gov/vuln/detail/CVE-2025-1634 https://access.redhat.com/security/cve/CVE-2025-1634 https://bugzilla.redhat.com/show_bug.cgi?id=2347319 https://github.com/quarkusio/quarkus/issues/46412 https://github.com/quarkusio/quarkus/commit/80b8eb41678cdccb46e964dc324d048a5ef00f4b https://github.com/advisories/GHSA-4fwr-mh5q-hchh EPSS Score: 0.07% Source: Github Advisory Database (Maven) February 26th, 2025 (4 months ago)
	Onapsis Introduces Control Central for New Era of RISE With SAP Source: Dark Reading February 26th, 2025 (4 months ago)
	Menlo Security Acquires Votiro Source: Dark Reading February 26th, 2025 (4 months ago)