CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this
January 24th, 2025 (5 months ago)
|
|
|
Description: The Pwn2Own Automotive 2025 hacking competition has wrapped up, with security researchers uncovering 49 unique zero-day vulnerabilities across various automotive and charging systems. The event, which took place over three days, saw researchers awarded a total of $886,250 for their discoveries. Sina Kheirkhah of Summoning Team emerged as the “Master of Pwn,” securing the top …
The post Pwn2Own Automotive Ends With 49 Zero-Days, $886k in Payouts appeared first on CyberInsider.
January 24th, 2025 (5 months ago)
|
|
|
Description: The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People's Republic of Korea (DPRK) in violation of international sanctions.
The action targets Jin Sung-Il (진성일), Pak
January 24th, 2025 (5 months ago)
|
|
|
Description: PayPal, Inc. has agreed to pay a $2 million penalty to the New York State Department of Financial Services (DFS) after an investigation found that cybersecurity failures led to the exposure of sensitive customer information, including Social Security Numbers (SSNs). The breach stemmed from a December 2022 cybersecurity event in which unmasked customer data was …
The post PayPal Fined $2M for Cybersecurity Lapse Exposing User Data appeared first on CyberInsider.
January 24th, 2025 (5 months ago)
|
|
|
Description: Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations.
"When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you're outside of trusted locations," Google said in a post announcing the
January 24th, 2025 (5 months ago)
|
CVE-2020-11023 |
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The medium-severity vulnerability is CVE-2020-11023 (CVSS score: 6.1/6.9), a nearly five-year-old cross-site scripting (XSS) bug that could be
CVSS: MEDIUM (6.9)
January 24th, 2025 (5 months ago)
|
|
|
January 24th, 2025 (5 months ago)
|
|
|
January 24th, 2025 (5 months ago)
|
|
|
Description: At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China.
January 24th, 2025 (5 months ago)
|
|
CVE-2025-24530 |
Description: An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
CVSS: MEDIUM (6.4) EPSS Score: 0.04%
January 24th, 2025 (5 months ago)
|