CyberAlerts

Alleged sale of 0-day SonicWall SRA 4600 Preauth RCE

Description: Alleged sale of 0-day SonicWall SRA 4600 Preauth RCE

Source: DarkWebInformer

June 9th, 2025 (17 days ago)

CVE-2025-5880

Description: A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. In Whistle 2.9.98 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /cgi-bin/sessions/get-temp-file. Durch Manipulieren des Arguments filename mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE

June 9th, 2025 (17 days ago)

CVE-2025-5879

WuKongOpenSource WukongCRM File Upload AdminSysConfigController.java cross site scripting

Description: A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine problematische Schwachstelle in WuKongOpenSource WukongCRM 9.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei AdminSysConfigController.java der Komponente File Upload. Durch das Manipulieren des Arguments File mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.1)

EPSS Score: 0.03%

SSVC Exploitation: poc

Source: CVE

June 9th, 2025 (17 days ago)

Next-Gen Developers Are a Cybersecurity Powder Keg

Description: AI coding tools promise productivity but deliver security problems, too. As developers embrace "vibe coding," enterprises face mounting risks from insecure code generation that security teams can't keep pace with.

Source: Dark Reading

June 9th, 2025 (18 days ago)

Designing Blue Team playbooks with Wazuh for proactive cyber defense

Description: Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response. [...]

Source: BleepingComputer

June 9th, 2025 (18 days ago)

United Natural Foods Hit by Cyberattack Causing Business Disruptions

Description: United Natural Foods, Inc. (UNFI) disclosed that it had detected unauthorized activity on its IT systems, prompting the company to initiate its incident response plan and take systems offline. The disruption has impacted its ability to fulfill and distribute customer orders and is expected to continue affecting operations. The incident was reported in an SEC … The post United Natural Foods Hit by Cyberattack Causing Business Disruptions appeared first on CyberInsider.

Source: CyberInsider

June 9th, 2025 (18 days ago)

New hacker group uses LockBit ransomware variant to target Russian companies

Description: In its latest campaign this spring, DarkGaboon was observed deploying LockBit 3.0 ransomware against victims in Russia, Positive Technologies said in a report last week.

Source: The Record

June 9th, 2025 (18 days ago)

[barryvdh/laravel-translation-manager] Laravel Translation Manager Vulnerable to Stored Cross-site Scripting

Description: Impact The application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page processed by the user's browser, allowing them to steal sensitive data, hijack user sessions, or conduct other malicious activities. Patches The issue is fixed in https://github.com/barryvdh/laravel-translation-manager/pull/475 which is released in version 0.6.8 Workarounds Only authenticated users with access to the translation manager are impacted. References [PT-2025-04] laravel translation manager.pdf Reported by Positive Technologies (Artem Deikov, Ilya Tsaturov, Daniil Satyaev, Roman Cheremnykh, Artem Danilov, Stanislav Gleym) References https://github.com/barryvdh/laravel-translation-manager/security/advisories/GHSA-j226-63j7-qrqh https://github.com/barryvdh/laravel-translation-manager/pull/475 https://github.com/barryvdh/laravel-translation-manager/commit/527446ed419f90f2319675fc5211cb8f851d7a1f https://github.com/barryvdh/laravel-translation-manager/releases/tag/v0.6.8 https://github.com/advisories/GHSA-j226-63j7-qrqh

Source: Github Advisory Database (Composer)

June 9th, 2025 (18 days ago)

A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account

Description: Phone numbers are a goldmine for SIM swappers. A researcher found how to get this precious piece of information from any Google account.

Source: 404 Media

June 9th, 2025 (18 days ago)

Grocery wholesale giant United Natural Foods hit by cyberattack

Description: United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. [...]

Source: BleepingComputer

June 9th, 2025 (18 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Alleged sale of 0-day SonicWall SRA 4600 Preauth RCE Description: Alleged sale of 0-day SonicWall SRA 4600 Preauth RCE Source: DarkWebInformer June 9th, 2025 (17 days ago)
CVE-2025-5880	Whistle get-temp-file path traversal Description: A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. In Whistle 2.9.98 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /cgi-bin/sessions/get-temp-file. Durch Manipulieren des Arguments filename mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. CVSS: MEDIUM (4.3) EPSS Score: 0.03% Source: CVE June 9th, 2025 (17 days ago)
CVE-2025-5879	WuKongOpenSource WukongCRM File Upload AdminSysConfigController.java cross site scripting Description: A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine problematische Schwachstelle in WuKongOpenSource WukongCRM 9.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei AdminSysConfigController.java der Komponente File Upload. Durch das Manipulieren des Arguments File mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. CVSS: MEDIUM (5.1) EPSS Score: 0.03% SSVC Exploitation: poc Source: CVE June 9th, 2025 (17 days ago)
	Next-Gen Developers Are a Cybersecurity Powder Keg Description: AI coding tools promise productivity but deliver security problems, too. As developers embrace "vibe coding," enterprises face mounting risks from insecure code generation that security teams can't keep pace with. Source: Dark Reading June 9th, 2025 (18 days ago)
	Designing Blue Team playbooks with Wazuh for proactive cyber defense Description: Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response. [...] Source: BleepingComputer June 9th, 2025 (18 days ago)
	United Natural Foods Hit by Cyberattack Causing Business Disruptions Description: United Natural Foods, Inc. (UNFI) disclosed that it had detected unauthorized activity on its IT systems, prompting the company to initiate its incident response plan and take systems offline. The disruption has impacted its ability to fulfill and distribute customer orders and is expected to continue affecting operations. The incident was reported in an SEC … The post United Natural Foods Hit by Cyberattack Causing Business Disruptions appeared first on CyberInsider. Source: CyberInsider June 9th, 2025 (18 days ago)
	New hacker group uses LockBit ransomware variant to target Russian companies Description: In its latest campaign this spring, DarkGaboon was observed deploying LockBit 3.0 ransomware against victims in Russia, Positive Technologies said in a report last week. Source: The Record June 9th, 2025 (18 days ago)
	[barryvdh/laravel-translation-manager] Laravel Translation Manager Vulnerable to Stored Cross-site Scripting Description: Impact The application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page processed by the user's browser, allowing them to steal sensitive data, hijack user sessions, or conduct other malicious activities. Patches The issue is fixed in https://github.com/barryvdh/laravel-translation-manager/pull/475 which is released in version 0.6.8 Workarounds Only authenticated users with access to the translation manager are impacted. References [PT-2025-04] laravel translation manager.pdf Reported by Positive Technologies (Artem Deikov, Ilya Tsaturov, Daniil Satyaev, Roman Cheremnykh, Artem Danilov, Stanislav Gleym) References https://github.com/barryvdh/laravel-translation-manager/security/advisories/GHSA-j226-63j7-qrqh https://github.com/barryvdh/laravel-translation-manager/pull/475 https://github.com/barryvdh/laravel-translation-manager/commit/527446ed419f90f2319675fc5211cb8f851d7a1f https://github.com/barryvdh/laravel-translation-manager/releases/tag/v0.6.8 https://github.com/advisories/GHSA-j226-63j7-qrqh Source: Github Advisory Database (Composer) June 9th, 2025 (18 days ago)
	A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account Description: Phone numbers are a goldmine for SIM swappers. A researcher found how to get this precious piece of information from any Google account. Source: 404 Media June 9th, 2025 (18 days ago)
	Grocery wholesale giant United Natural Foods hit by cyberattack Description: United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. [...] Source: BleepingComputer June 9th, 2025 (18 days ago)