CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Daily Dose of Dark Web Informer - February 10th, 2025
Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Source: DarkWebInformer
February 11th, 2025 (5 months ago)

CVE-2024-52875
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Description: Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. [...]

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: BleepingComputer
February 11th, 2025 (5 months ago)

CVE-2024-42512
[OPCFoundation.NetStandard.Opc.Ua] Authorization Bypass in OPC UA .NET Standard Stack
Description: Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. References https://nvd.nist.gov/vuln/detail/CVE-2024-42512 https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-42512.pdf https://github.com/advisories/GHSA-qv5f-57gw-vx3h

CVSS: HIGH (8.6)

EPSS Score: 0.04%

Source: Github Advisory Database (Nuget)
February 10th, 2025 (5 months ago)

CVE-2024-42513
[OPCFoundation.NetStandard.Opc.Ua] Authentication Bypass by Spoofing in OPC UA .NET Standard Stack
Description: Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints. References https://nvd.nist.gov/vuln/detail/CVE-2024-42513 https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-42513.pdf https://github.com/OPCFoundation/UA-.NETStandard/tree/1.5.374.158 https://github.com/advisories/GHSA-7wwr-h8cm-9jf7

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: Github Advisory Database (Nuget)
February 10th, 2025 (5 months ago)
XE Group Shifts From Card Skimming to Supply Chain Attacks
Description: The likely Vietnam-based threat actor has been using two zero-days in VeraCore's warehouse management software in some of its latest cyberattacks.
Source: Dark Reading
February 10th, 2025 (5 months ago)
All your 8Base are belong to us: Ransomware crew busted in global sting
Source: TheRegister
February 10th, 2025 (5 months ago)

CVE-2024-11831
[serialize-javascript] Cross-site Scripting (XSS) in serialize-javascript
Description: A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package. References https://nvd.nist.gov/vuln/detail/CVE-2024-11831 https://github.com/yahoo/serialize-javascript/pull/173 https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e https://access.redhat.com/security/cve/CVE-2024-11831 https://bugzilla.redhat.com/show_bug.cgi?id=2312579 https://github.com/advisories/GHSA-76p7-773f-r4q5

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: Github Advisory Database (NPM)
February 10th, 2025 (5 months ago)
[hickory-proto] Hickory DNS failure to verify self-signed RRSIG for DNSKEYs
Description: Summary The DNSSEC validation routines treat entire RRsets of DNSKEY records as trusted once they have established trust in only one of the DNSKEYs. As a result, if a zone includes a DNSKEY with a public key that matches a configured trust anchor, all keys in that zone will be trusted to authenticate other records in the zone. There is a second variant of this vulnerability involving DS records, where an authenticated DS record covering one DNSKEY leads to trust in signatures made by an unrelated DNSKEY in the same zone. Details verify_dnskey_rrset() will return Ok(true) if any record's public key matches a trust anchor. This results in verify_rrset() returning a Secure proof. This ultimately results in successfully verifying a response containing DNSKEY records. verify_default_rrset() looks up DNSKEY records by calling handle.lookup(), which takes the above code path. There's a comment following this that says "DNSKEYs were already validated by the inner query in the above lookup", but this is not the case. To fully verify the whole RRset of DNSKEYs, it would be necessary to check self-signatures by the trusted key over the other keys. Later in verify_default_rrset(), verify_rrset_with_dnskey() is called multiple times with different keys and signatures, and if any call succeeds, then its Proof is returned. Similarly, verify_dnskey_rrset() returns Ok(false) if any DNSKEY record is covered by a DS record. A comment says "If all the keys are valid, then we are secure", but ...
Source: Github Advisory Database (Rust)
February 10th, 2025 (5 months ago)
120K Victims Compromised in Memorial Hospital Ransomware Attack
Description: After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.
Source: Dark Reading
February 10th, 2025 (5 months ago)
Guilty Plea in Hacking of the SEC's X Account That Caused Bitcoin Value Spike
Source: Dark Reading
February 10th, 2025 (5 months ago)