CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Ransomware Attack Update for 19th of February 2025 Description: Ransomware Attack Update for 19th of February 2025 Source: DarkWebInformer February 20th, 2025 (5 months ago)
CVE-2025-21355	CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability Description: CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability CVSS: HIGH (8.6) EPSS Score: 1.08% Source: DarkWebInformer February 19th, 2025 (5 months ago)
	Russian Groups Target Signal Messenger in Spy Campaign Description: These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says. Source: Dark Reading February 19th, 2025 (5 months ago)
	Insight Partners, VC Giant, Falls to Social Engineering Description: The start-up incubator and PR firm with holdings in more than 70 cybersecurity firms has announced a data breach with as-yet-unknown effects. Source: Dark Reading February 19th, 2025 (5 months ago)
	[github.com/bishopfox/sliver] SSRF in sliver teamserver Description: Summary The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so Reproduction steps Run server wget https://github.com/BishopFox/sliver/releases/download/v1.5.42/sliver-server_linux chmod +x sliver-server_linux ./sliver-server_linux Generate binary generate --mtls 127.0.0.1:8443 Run it on windows, then Task manager -> find process -> Create memory dump file Install RogueSliver and get the certs git clone https://github.com/ACE-Responder/RogueSliver.git pip3 install -r requirements.txt --break-system-packages python3 ExtractCerts.py implant.dmp Start callback listener. Teamserver will connect when POC is run and send "ssrf poc" to nc nc -nvlp 1111 Run the poc (pasted at bottom of this file) python3 poc.py python3 poc.py 192.168.1.33 8443 44.221.186.72 1111 Details We see here an envelope is read from the connection and if the envelope.Type matches a handler the handler will be executed func handleSliverConnection(conn net.Conn) { mtlsLog.Infof("Accepted incoming connection: %s", conn.RemoteAddr()) implantConn := core.NewImplantConnection(consts.MtlsStr, conn.RemoteAddr().String()) defer func() { mtlsLog.Debugf("mtls connection closing") conn.Close() implantConn.Cleanup() }() done := make(chan bool) go func() { defer func() { done <- true }() handlers := se... Source: Github Advisory Database (Go) February 19th, 2025 (5 months ago)
	Trump’s DoD CISO pick previously faced security clearance suspension Source: TheRegister February 19th, 2025 (5 months ago)
	CISA and FBI: Ghost ransomware breached orgs in 70 countries Description: CISA and the FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations. [...] Source: BleepingComputer February 19th, 2025 (5 months ago)
	Check out this free automated tool that hunts for exposed AWS secrets in public repos Source: TheRegister February 19th, 2025 (5 months ago)
	Phishing attack hides JavaScript using invisible Unicode trick Description: A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). [...] Source: BleepingComputer February 19th, 2025 (5 months ago)
	LazaGrad Hack Targeted the Website of University of Religions and Denominations Description: LazaGrad Hack Targeted the Website of University of Religions and Denominations Source: DarkWebInformer February 19th, 2025 (5 months ago)