CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Daily Dose of Dark Web Informer - January 26th, 2025 Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts. Source: DarkWebInformer January 27th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling the Data of Jollibee Description: A Threat Actor Claims to be Selling the Data of Jollibee Source: DarkWebInformer January 26th, 2025 (5 months ago)
	Counter Claims to have Leaked the Data of CognitiveMetrics Description: Counter Claims to have Leaked the Data of CognitiveMetrics Source: DarkWebInformer January 26th, 2025 (5 months ago)
	RipperSec Targeted the Website of LEPAGE Description: RipperSec Targeted the Website of LEPAGE Source: DarkWebInformer January 26th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling the Data of Norwegian Training Center (NTC) Philippines Description: A Threat Actor Claims to be Selling the Data of Norwegian Training Center (NTC) Philippines Source: DarkWebInformer January 26th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling the Data of Mahalo Hotel Description: A Threat Actor Claims to be Selling the Data of Mahalo Hotel Source: DarkWebInformer January 26th, 2025 (5 months ago)
	Ransomware gang uses SSH tunnels for stealthy VMware ESXi access Description: Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. [...] Source: BleepingComputer January 26th, 2025 (5 months ago)
	UnitedHealth now says 190 million impacted by 2024 data breach Description: UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. [...] Source: BleepingComputer January 26th, 2025 (5 months ago)
CVE-2024-50050	Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks Description: A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server.  The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it a Source: TheHackerNews January 26th, 2025 (5 months ago)
CVE-2025-0682	ThemeREX Addons <= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode Description: The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. CVSS: HIGH (8.8) EPSS Score: 0.05% Source: CVE January 26th, 2025 (5 months ago)