CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Sorb is Allegedly Selling the Data of TCobro Description: Sorb is Allegedly Selling the Data of TCobro Source: DarkWebInformer January 22nd, 2025 (6 months ago)
	Trump Overturns Biden Rules on AI Development, Security Description: The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture. Source: Dark Reading January 22nd, 2025 (6 months ago)
CVE-2024-56923	[org.silverpeas.core:silverpeas-core] Cross site scripting in Silverpeas Core Description: Stored Cross-Site Scripting (XSS) in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.4.1 allows a remote attacker to execute arbitrary JavaScript code. This is achieved by injecting a malicious payload into the Name field of a subscription. The attack can lead to session hijacking, data theft, or unauthorized actions when an admin user views the affected subscription. References https://nvd.nist.gov/vuln/detail/CVE-2024-56923 https://github.com/Mohamed-Saqib-C/CVEs/blob/main/CVE-2024-56923/README.md https://github.com/Silverpeas/Silverpeas-Core/pull/1373 https://github.com/advisories/GHSA-788m-27g4-cf86 EPSS Score: 0.04% Source: Github Advisory Database (Maven) January 22nd, 2025 (6 months ago)
	Cloudflare CDN flaw leaks user location data, even through secure chat apps Description: A security researcher discovered a flaw in Cloudflare's content delivery network (CDN), which could expose a person's general location by simply sending them an image on platforms like Signal and Discord. [...] Source: BleepingComputer January 22nd, 2025 (6 months ago)
	Trump 'waved a white flag to Chinese hackers' as DHS axed cyber advisory boards Source: TheRegister January 22nd, 2025 (6 months ago)
	WebCopilot: Automating Subdomain Enumeration and Advanced Vulnerability Scanning for XSS, SQLi, Open Redirects, LFI, SSRF, and RCE Description: WebCopilot: Automating Subdomain Enumeration and Advanced Vulnerability Scanning for XSS, SQLi, Open Redirects, LFI, SSRF, and RCE Source: DarkWebInformer January 22nd, 2025 (6 months ago)
	Trump Pardons 'Silk Road' Dark Web Drug Market Creator Description: The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering. Source: Dark Reading January 22nd, 2025 (6 months ago)
	Telegram captcha tricks you into running malicious PowerShell scripts Description: Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. [...] Source: BleepingComputer January 22nd, 2025 (6 months ago)
	A Threat Actor is Selling RDWeb Access to an Unidentified Company in the UK Description: A Threat Actor is Selling RDWeb Access to an Unidentified Company in the UK Source: DarkWebInformer January 22nd, 2025 (6 months ago)
	Supply chain attack hits Chrome extensions, could expose millions Source: TheRegister January 22nd, 2025 (6 months ago)