CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-13484

Description: A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied. References https://nvd.nist.gov/vuln/detail/CVE-2024-13484 https://access.redhat.com/security/cve/CVE-2024-13484 https://bugzilla.redhat.com/show_bug.cgi?id=2269376 https://github.com/advisories/GHSA-58fx-7v9q-3g56

CVSS: HIGH (8.2)

EPSS Score: 0.04%

Source: Github Advisory Database (Go)
January 28th, 2025 (5 months ago)
Description: Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.
Source: Dark Reading
January 28th, 2025 (5 months ago)
Description: G700 V6 RAT Full Setup Tutorial
Source: DarkWebInformer
January 28th, 2025 (5 months ago)
Description: Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. [...]
Source: BleepingComputer
January 28th, 2025 (5 months ago)

CVE-2025-0736

Description: A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors. References https://nvd.nist.gov/vuln/detail/CVE-2025-0736 https://access.redhat.com/security/cve/CVE-2025-0736 https://bugzilla.redhat.com/show_bug.cgi?id=2342233 https://github.com/advisories/GHSA-269m-c36j-r834

CVSS: MEDIUM (5.5)

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)
January 28th, 2025 (5 months ago)
Description: A Threat Actor is Selling TeraStealer 1.0
Source: DarkWebInformer
January 28th, 2025 (5 months ago)
Description: Garmin users are reporting that their watches crash when using apps that require GPS access and then get stuck in a reboot loop, showing a blue triangle logo. [...]
Source: BleepingComputer
January 28th, 2025 (5 months ago)
Description: Carthage Police Department Has Fallen Victim to RHYSIDA Ransomware
Source: DarkWebInformer
January 28th, 2025 (5 months ago)
Description: A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. [...]
Source: BleepingComputer
January 28th, 2025 (5 months ago)

CVE-2024-45339

Description: When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists. References https://nvd.nist.gov/vuln/detail/CVE-2024-45339 https://github.com/golang/glog/pull/74 https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2 https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File https://pkg.go.dev/vuln/GO-2025-3372 https://github.com/advisories/GHSA-6wxm-mpqj-6jpf

EPSS Score: 0.05%

Source: Github Advisory Database (Go)
January 28th, 2025 (5 months ago)