CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Explore the critical role of cyberattacks in shaping the modern space race. Learn how nation-states and organizations must adapt their cybersecurity measures to protect global economies, military operations, and the future of space exploration.
February 5th, 2025 (5 months ago)
|
|
|
Description: We talk all about Musk's takeover of the federal government, including audio of a meeting we got touching a Musk ally's AI plans. Then, AI slop in libraries.
February 5th, 2025 (5 months ago)
|
|
|
Description: A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan.
"This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector," Seqrite Labs researcher Subhajeet Singha said in a technical report
February 5th, 2025 (5 months ago)
|
|
|
Description: Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments.
Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks.
"Originally sourced from public
February 5th, 2025 (5 months ago)
|
|
|
February 5th, 2025 (5 months ago)
|
|
|
Description: The security startup's autonomous security remediation platform uses off-the-shelf large language models (LLMs) to analyze security alerts and apply the fixes.
February 5th, 2025 (5 months ago)
|
CVE-2025-23114 |
Description: Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0.
"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code
CVSS: CRITICAL (9.0) EPSS Score: 0.04%
February 5th, 2025 (5 months ago)
|
|
|
Description: As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws.
Staying informed on these trends can help MSPs and IT teams
February 5th, 2025 (5 months ago)
|
|
|
Description: Security researchers at WatchTowr have uncovered a widespread security risk arising from abandoned Amazon S3 storage buckets, demonstrating how attackers could have leveraged them to distribute malicious software updates, manipulate infrastructure deployments, and compromise networks across government, military, financial, and cybersecurity sectors. The scale of the issue, the researchers argue, could have made past supply …
The post Forgotten S3 Buckets Risked Largest-Ever Supply Chain Attack appeared first on CyberInsider.
February 5th, 2025 (5 months ago)
|
|
|
Description: A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels.
"AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs researcher Jyotika Singh said in an analysis.
"It allows attackers to control infected systems
February 5th, 2025 (5 months ago)
|