CyberAlerts

768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023

Description: As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known exploited vulnerabilities (KEV) were known to be weaponized either on or before

Source: TheHackerNews

February 3rd, 2025 (5 months ago)

PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages

Description: The maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security. "Maintainers can now archive a project to let users know that the project is not expected to receive any more updates," Facundo Tuesca, senior engineer at Trail of Bits, said. In doing so, the idea is to

Source: TheHackerNews

February 3rd, 2025 (5 months ago)

What Is Attack Surface Management?

Description: Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker’s perspective has never been more important. In this

Source: TheHackerNews

February 3rd, 2025 (5 months ago)

Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions

Description: Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. "Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials," Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. The

Source: TheHackerNews

February 3rd, 2025 (5 months ago)

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February]

Description: This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky tricks online, simple steps are making a big difference. Let’s take a

Source: TheHackerNews

February 3rd, 2025 (5 months ago)

2 officers bailed as anti-corruption unit probes data payouts to N Irish cops

Source: TheRegister

February 3rd, 2025 (5 months ago)

PyPI adds project archiving system to stop malicious updates

Description: The Python Package Index (PyPI) has announced the introduction of 'Project Archival,' a new system that allows publishers to archive their projects, indicating to the users that no updates are to be expected. [...]

Source: BleepingComputer

February 3rd, 2025 (5 months ago)

NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers

Description: NETGEAR has released security updates for multiple Nighthawk gaming routers, patching a critical unauthenticated remote code execution (RCE) vulnerability that could allow attackers to take control of affected devices. The company strongly advises users to install the latest firmware to mitigate the risk. The vulnerability, tracked under PSV-2023-0039, was reported through Bugcrowd, NETGEAR’s bug bounty … The post NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers appeared first on CyberInsider.

Source: CyberInsider

February 3rd, 2025 (5 months ago)

Fedora 41 : buku (2025-e035838041)

Description: Nessus Plugin ID 214873 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e035838041 advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214873

Source: Tenable Plugins

February 3rd, 2025 (5 months ago)

Fedora 40 : buku (2025-df3432c3ee)

Description: Nessus Plugin ID 214874 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-df3432c3ee advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214874

Source: Tenable Plugins

February 3rd, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023 Description: As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known exploited vulnerabilities (KEV) were known to be weaponized either on or before Source: TheHackerNews February 3rd, 2025 (5 months ago)
	PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages Description: The maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security. "Maintainers can now archive a project to let users know that the project is not expected to receive any more updates," Facundo Tuesca, senior engineer at Trail of Bits, said. In doing so, the idea is to Source: TheHackerNews February 3rd, 2025 (5 months ago)
	What Is Attack Surface Management? Description: Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker’s perspective has never been more important. In this Source: TheHackerNews February 3rd, 2025 (5 months ago)
	Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions Description: Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. "Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials," Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. The Source: TheHackerNews February 3rd, 2025 (5 months ago)
	⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February] Description: This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky tricks online, simple steps are making a big difference. Let’s take a Source: TheHackerNews February 3rd, 2025 (5 months ago)
	2 officers bailed as anti-corruption unit probes data payouts to N Irish cops Source: TheRegister February 3rd, 2025 (5 months ago)
	PyPI adds project archiving system to stop malicious updates Description: The Python Package Index (PyPI) has announced the introduction of 'Project Archival,' a new system that allows publishers to archive their projects, indicating to the users that no updates are to be expected. [...] Source: BleepingComputer February 3rd, 2025 (5 months ago)
	NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers Description: NETGEAR has released security updates for multiple Nighthawk gaming routers, patching a critical unauthenticated remote code execution (RCE) vulnerability that could allow attackers to take control of affected devices. The company strongly advises users to install the latest firmware to mitigate the risk. The vulnerability, tracked under PSV-2023-0039, was reported through Bugcrowd, NETGEAR’s bug bounty … The post NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers appeared first on CyberInsider. Source: CyberInsider February 3rd, 2025 (5 months ago)
	Fedora 41 : buku (2025-e035838041) Description: Nessus Plugin ID 214873 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e035838041 advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214873 Source: Tenable Plugins February 3rd, 2025 (5 months ago)
	Fedora 40 : buku (2025-df3432c3ee) Description: Nessus Plugin ID 214874 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-df3432c3ee advisory. Update to 4.9Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected buku package. Read more at https://www.tenable.com/plugins/nessus/214874 Source: Tenable Plugins February 3rd, 2025 (5 months ago)