CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
WhatsApp Says Zero-Click Attack Infected Users With Spyware
Description: WhatsApp has revealed that nearly 100 journalists and civil society members were targeted using spyware developed by the Israeli firm Paragon Solutions. The attack, which likely compromised the devices of some victims, was identified and disrupted in December 2024. While the perpetrators remain unknown, WhatsApp has sent a cease-and-desist letter to Paragon and is exploring … The post WhatsApp Says Zero-Click Attack Infected Users With Spyware appeared first on CyberInsider.
Source: CyberInsider
February 3rd, 2025 (5 months ago)
Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’
Source: TheRegister
February 3rd, 2025 (5 months ago)
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
Description: A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer. "Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a
Source: TheHackerNews
February 3rd, 2025 (5 months ago)
DragonNest - 511,290 breached accounts
Description: In August 2013, the massively multiplayer online role-playing game (MMORGP) DragonNest suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 500k unique email addresses along with usernames, IP addresses and plain text passwords. The service later suffered a massive data loss.
Source: HaveIBeenPwnedLatestBreaches
February 3rd, 2025 (5 months ago)
Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP
Source: TheRegister
February 3rd, 2025 (5 months ago)

CVE-2025-0971
Zenvia Movidesk Profile Editing EditProfile cross site scripting
Description: A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 25.01.22.245a473c54 is able to address this issue. It is recommended to upgrade the affected component. Eine problematische Schwachstelle wurde in Zenvia Movidesk bis 25.01.22 ausgemacht. Dies betrifft einen unbekannten Teil der Datei /Account/EditProfile der Komponente Profile Editing. Mit der Manipulation des Arguments username mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 25.01.22.245a473c54 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

CVSS: MEDIUM (5.3)

EPSS Score: 0.05%

Source: CVE
February 3rd, 2025 (5 months ago)

CVE-2025-0970
Zenvia Movidesk Login redirect
Description: A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 25.01.22.245a473c54 is able to address this issue. It is recommended to upgrade the affected component. In Zenvia Movidesk bis 25.01.22 wurde eine problematische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Datei /Account/Login. Dank Manipulation des Arguments ReturnUrl mit unbekannten Daten kann eine open redirect-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 25.01.22.245a473c54 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

CVSS: MEDIUM (6.9)

EPSS Score: 0.05%

Source: CVE
February 3rd, 2025 (5 months ago)

CVE-2025-0967
code-projects Chat System add_chatroom.php sql injection
Description: A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/add_chatroom.php. The manipulation of the argument chatname/chatpass leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in code-projects Chat System 1.0 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /user/add_chatroom.php. Durch Beeinflussen des Arguments chatname/chatpass mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.3)

EPSS Score: 0.17%

Source: CVE
February 3rd, 2025 (5 months ago)

CVE-2024-50304
ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
Description: In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex is taken. Add a lockdep expression to hlist_for_each_entry_rcu() in ip_tunnel_find() in order to validate that the mutex is held and to silence the suspicious RCU usage warning [1]. [1] WARNING: suspicious RCU usage 6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted ----------------------------- net/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by ip/362: #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60 stack backtrace: CPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Call Trace: dump_stack_lvl+0xba/0x110 lockdep_rcu_suspicious.cold+0x4f/0xd6 ip_tunnel_find+0x435/0x4d0 ip_tunnel_newlink+0x517/0x7a0 ipgre_newlink+0x14c/0x170 __rtnl_newlink+0x1173/0x19c0 rtnl_newlink+0x6c/0xa0 rtnetlink_rcv_msg+0x3cc/0xf60 netlink_rcv_skb+0x171/0x450 netlink_unicast+0x539/0x7f0 netlink_sendmsg+0x8c1/0xd80 ____sys_sendmsg+0x8f9/0xc20 ___sys_sendmsg+0x197/0x1e0 __sys_sendmsg+0x122/0x1f0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f

EPSS Score: 0.04%

Source: CVE
February 3rd, 2025 (5 months ago)

CVE-2024-50157
RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop
Description: In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop Driver waits indefinitely for the fifo occupancy to go below a threshold as soon as the pacing interrupt is received. This can cause soft lockup on one of the processors, if the rate of DB is very high. Add a loop count for FPGA and exit the __wait_for_fifo_occupancy_below_th if the loop is taking more time. Pacing will be continuing until the occupancy is below the threshold. This is ensured by the checks in bnxt_re_pacing_timer_exp and further scheduling the work for pacing based on the fifo occupancy.

EPSS Score: 0.04%

Source: CVE
February 3rd, 2025 (5 months ago)