CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-22217	Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer Description: Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access. The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection. "A malicious user with network access may be able to use specially crafted SQL queries to gain database CVSS: HIGH (8.6) EPSS Score: 0.04% Source: TheHackerNews January 29th, 2025 (5 months ago)
	UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents Description: The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE. "This research focuses on completing the picture of UAC-0063's operations, particularly documenting their expansion beyond their initial focus on Central Asia, Source: TheHackerNews January 29th, 2025 (5 months ago)
	SXF Common Library vulnerable to improper input data handling Description: SXF Common Library provided by General Incorporated Association OCF is vulnerable to improper input data handling. Source: Japan Vulnerability Notes (JVN) January 29th, 2025 (5 months ago)
	The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster Source: TheRegister January 29th, 2025 (5 months ago)
	SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon Source: TheRegister January 29th, 2025 (5 months ago)
	Daily Dose of Dark Web Informer - January 28th, 2025 Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts. Source: DarkWebInformer January 29th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling Bank Accounts from Argentina Description: A Threat Actor Claims to be Selling Bank Accounts from Argentina Source: DarkWebInformer January 28th, 2025 (5 months ago)
	Lynx Ransomware Group 'Industrializes' Cybercrime With Affiliates Description: The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals. Source: Dark Reading January 28th, 2025 (5 months ago)
	SPIDER-X Targeted the Website of Malaysian Army Description: SPIDER-X Targeted the Website of Malaysian Army Source: DarkWebInformer January 28th, 2025 (5 months ago)
	OAuth Flaw Exposed Millions of Airline Users to Account Takeovers Description: The now-fixed vulnerability involved a major travel services company that's integrated with dozens of airline websites worldwide. Source: Dark Reading January 28th, 2025 (5 months ago)