CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Ransomware attack at New York blood services provider – donors turned away during shortage crisis
Source: TheRegister
January 30th, 2025 (5 months ago)
Police seizes Cracked and Nulled hacking forum servers, arrests suspects
Description: Europol and German law enforcement confirmed the arrest of two suspects and the seizure of 17 servers in Operation Talent, which took down Cracked and Nulled, two of the largest hacking forums with over 10 million users. [...]
Source: BleepingComputer
January 30th, 2025 (5 months ago)
Microsoft lifts Windows 11 update block for PCs with gaming issues
Description: Microsoft has removed a safeguard hold that prevented devices with Auto HDR enabled from installing the Windows 11 2024 Update due to gaming issues. [...]
Source: BleepingComputer
January 30th, 2025 (5 months ago)
Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter
Description: Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in a
Source: TheHackerNews
January 30th, 2025 (5 months ago)
Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
Description: An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort has targeted the following domains - www.cracked.io www.nulled.to www.mysellix.io www.sellix.io www.starkrdp.io Visitors to these websites are now greeted by a seizure banner that says they were confiscated
Source: TheHackerNews
January 30th, 2025 (5 months ago)
Exposure Management Provider CYE Acquires Solvo
Description: The addition of Solvo CSPM to CYE Hyver aims to address need for multi-cloud vulnerability monitoring and risk assessment.
Source: Dark Reading
January 30th, 2025 (5 months ago)
Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics
Description: A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI's safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]
Source: BleepingComputer
January 30th, 2025 (5 months ago)
Canvassing apps used by UK political parties riddled with privacy, security issues
Source: TheRegister
January 30th, 2025 (5 months ago)
Speedio Reportedly Suffers Data Breach Exposing 62M Records
Description: A dataset allegedly containing over 62 million records from the Brazilian lead generation platform Speedio has been listed for sale on a popular hacking forum. The breach, which includes 27 million unique email addresses, was recently added to Have I Been Pwned (HIBP) as an unverified data exposure, meaning it may originate from other sources. … The post Speedio Reportedly Suffers Data Breach Exposing 62M Records appeared first on CyberInsider.
Source: CyberInsider
January 30th, 2025 (5 months ago)
Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike
Description: This new report from Cisco Talos Incident Response explores how threat actors increasingly deployed web shells against vulnerable web applications, and exploited vulnerable or unpatched public-facing applications to gain initial access.
Source: Cisco Talos Blog
January 30th, 2025 (5 months ago)