CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Taiwanese PCB Giant Unimicron Breached by Sarcoma Ransomware
Description: Taiwan-based printed circuit board (PCB) manufacturer Unimicron Technology Corp. has reportedly suffered a ransomware attack, with cybercriminal group Sarcoma claiming responsibility for the breach. While the company has yet to confirm a data leak, the threat actors have published samples of allegedly stolen documents on their extortion portal, suggesting a compromise of sensitive corporate data. … The post Taiwanese PCB Giant Unimicron Breached by Sarcoma Ransomware appeared first on CyberInsider.
Source: CyberInsider
February 12th, 2025 (5 months ago)
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Description: Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild. Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity. This is aside from the 23 flaws Microsoft addressed in its Chromium-based Edge
Source: TheHackerNews
February 12th, 2025 (5 months ago)

CVE-2024-38657
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
Description: Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy

EPSS Score: 0.15%

Source: TheHackerNews
February 12th, 2025 (5 months ago)
India's Cybercrime Problems Grow as Nation Digitizes
Description: More than half of attacks on Indian businesses come from outside the country, while 45% of those targeting consumers come from Cambodia, Myanmar, and Laos.
Source: Dark Reading
February 12th, 2025 (5 months ago)
acmailer vulnerable to cross-site scripting
Description: acmailer provided by Extra Innovation Inc. contains a cross-site scripting vulnerability.
Source: Japan Vulnerability Notes (JVN)
February 12th, 2025 (5 months ago)
The Risk of a Taiwan Invasion Is Rising Fast
Description: Prepare your business for potential geopolitical disruptions from a Taiwan invasion. Assess evolving risks, global economic impacts, and strategic measures to safeguard supply chains and critical operations in Asia.
Source: RecordedFuture
February 12th, 2025 (5 months ago)
This Adtech Company is Powering Surveillance of U.S. Military Personnel
Description: In a letter to a US senator, a Florida-based data broker says it obtained sensitive data on US military members from a Lithuanian company, revealing the global nature of commercial online ad surveillance.
Source: 404 Media
February 12th, 2025 (5 months ago)
Multiple vulnerabilities in ELECOM and LOGITEC network devices
Description: Multiple network devices provided by ELECOM CO.,LTD. and LOGITEC CORPORATION contain multiple vulnerabilities.
Source: Japan Vulnerability Notes (JVN)
February 12th, 2025 (5 months ago)
February's Patch Tuesday sees Microsoft offer just 63 fixes
Source: TheRegister
February 12th, 2025 (5 months ago)

CVE-2023-36884
Executive Summary Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders' resources. In 2024,...
Description: Executive Summary Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders' resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors than state-backed intrusions. Despite this overwhelming volume, cybercrime receives much less attention from national security practitioners than the threat from state-backed groups. While the threat from state-backed hacking is rightly understood to be severe, it should not be evaluated in isolation from financially motivated intrusions.  A hospital disrupted by a state-backed group using a wiper and a hospital disrupted by a financially motivated group using ransomware have the same impact on patient care. Likewise, sensitive data stolen from an organization and posted on a data leak site can be exploited by an adversary in the same way data exfiltrated in an espionage operation can be. These examples are particularly salient today, as criminals increasingly target and leak data from hospitals. Healthcare's share of posts on data leak sites has doubled over the past three years, even as the number of data leak sites tracked by Google Threat Intelligence Group has increased by nearly 50% year over year. The impact of these attacks mean that they must be taken seriously as a national security threat, no matter the motivation of the actors behind it. Cybercrime also facilitates state-backed hacking by allowing states to purchas...

CVSS: HIGH (7.5)

Source: Google Threat Intelligence
February 12th, 2025 (5 months ago)