CyberAlerts

SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks

Description: SonicWall is warning about a pre-authentication deserialization vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), with reports that it has been exploited as a zero-day in attacks. [...]

Source: BleepingComputer

January 23rd, 2025 (6 months ago)

Meta's pay-or-consent model under fire from EU consumer group

Source: TheRegister

January 23rd, 2025 (6 months ago)

CVE-2020-11023

JQuery Cross-Site Scripting (XSS) Vulnerability

Description: JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser.

CVSS: MEDIUM (6.9)

Source: CISA KEV

January 23rd, 2025 (6 months ago)

A Threat Actor is Allegedly Selling Data from Coinbase and Gemini

Description: A Threat Actor is Allegedly Selling Data from Coinbase and Gemini

Source: DarkWebInformer

January 23rd, 2025 (6 months ago)

Tesla EV charger hacked twice on second day of Pwn2Own Tokyo

Description: Security researchers hacked Tesla's Wall Connector electric vehicle charger twice on the second day of the Pwn2Own Automotive 2025 hacking contest. [...]

Source: BleepingComputer

January 23rd, 2025 (6 months ago)

Stealthy 'Magic Packet' malware targets Juniper VPN gateways

Description: A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a "magic packet" in the network traffic. [...]

Source: BleepingComputer

January 23rd, 2025 (6 months ago)

Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks

Description: Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer. "The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world," Leandro Fróes, senior threat research engineer at

Source: TheHackerNews

January 23rd, 2025 (6 months ago)

Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits

Description: An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features. "These weren't obscure, corner-case vulnerabilities," security vendor Eclypsium said in a report shared with The Hacker News. "Instead these were very well-known issues that we wouldn't expect to see

Source: TheHackerNews

January 23rd, 2025 (6 months ago)

Black 'Magic' Targets Enterprise Juniper Routers With Backdoor

Description: Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don't run monitoring software like Sysmon, making the attacks harder to detect.

Source: Dark Reading

January 23rd, 2025 (6 months ago)

Developer Creates Infinite Maze That Traps AI Training Bots

Description: "Nepenthes generates random links that always point back to itself - the crawler downloads those new links. Nepenthes happily just returns more and more lists of links pointing back to itself."

Source: 404 Media

January 23rd, 2025 (6 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: