CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
BadPilot network hacking campaign fuels Russian SandWorm attacks
Description: A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been targeting critical organizations and governments in a multi-year campaign dubbed 'BadPilot.' [...]
Source: BleepingComputer
February 12th, 2025 (5 months ago)
Ivanti fixes three critical flaws in Connect Secure & Policy Secure
Description: Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems. [...]
Source: BleepingComputer
February 12th, 2025 (5 months ago)
Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries
Description: A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe. "This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations," the
Source: TheHackerNews
February 12th, 2025 (5 months ago)
Citizen Lab Report Uncovers Major Security Flaws in RedNote App
Description: Researchers at Citizen Lab have identified critical network security vulnerabilities in RedNote, a popular Chinese social media app with over 300 million users. Their findings reveal that RedNote transmits user data with insufficient encryption, leaving browsing activity, device metadata, and even personal files exposed to network attackers. The security flaws stem from weaknesses in RedNote … The post Citizen Lab Report Uncovers Major Security Flaws in RedNote App appeared first on CyberInsider.
Source: CyberInsider
February 12th, 2025 (5 months ago)
Russia's Sandworm caught snarfing credentials, data from American and Brit orgs
Source: TheRegister
February 12th, 2025 (5 months ago)
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally
Description: Sandworm (aka Seashell Blizzard) has an initial access wing called "BadPilot" that uses standard intrusion tactics to spread Russia's tendrils around the world.
Source: Dark Reading
February 12th, 2025 (5 months ago)
Lulzsec Arabs Defaced Multiple websites in India
Description: Lulzsec Arabs Defaced Multiple websites in India
Source: DarkWebInformer
February 12th, 2025 (5 months ago)
Elon Musk's Waste.gov Is Just a WordPress Theme Placeholder Page
Description: Musk told reporters all of DOGE's actions are "maximally transparent." The website tracking waste is currently about an imaginary architecture firm.
Source: 404 Media
February 12th, 2025 (5 months ago)
New FinalDraft Malware Uses Microsoft Outlook for Espionage
Description: Elastic Security Labs has identified a new malware family named FinalDraft, that uses Microsoft’s Graph API to communicate through Outlook email drafts, allowing attackers to bypass traditional network monitoring. The malware is part of a sophisticated cyber-espionage campaign and includes a custom loader, a backdoor, and multiple post-exploitation modules targeting a foreign ministry. Elastic Security … The post New FinalDraft Malware Uses Microsoft Outlook for Espionage appeared first on CyberInsider.
Source: CyberInsider
February 12th, 2025 (5 months ago)
A Threat Actor Claims to be Selling the Access of Armat d.o.o.
Description: A Threat Actor Claims to be Selling the Access of Armat d.o.o.
Source: DarkWebInformer
February 12th, 2025 (5 months ago)