CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. "Attackers can take control of a malicious server and read/write arbitrary files of any connected client," the CERT Coordination Center (CERT/CC) said in an advisory. "Sensitive data, such as SSH keys,
Source: TheHackerNews
January 15th, 2025 (6 months ago)
Description: ExpressVPN has integrated ML-KEM, the newly established NIST standard for post-quantum encryption, into its proprietary Lightway VPN protocol. This move solidifies ExpressVPN’s commitment to future-proofing user data against the risks posed by quantum computers, which could render traditional encryption methods obsolete. The transition to ML-KEM follows the release of NIST’s first quantum-resistant encryption standards in … The post ExpressVPN Adopts NIST-Approved Post-Quantum Encryption appeared first on CyberInsider.
Source: CyberInsider
January 15th, 2025 (6 months ago)
Description: The U.S. Department of Justice (DoJ) and the FBI, in coordination with French law enforcement and cybersecurity firm Sekoia.io, have successfully dismantled a widespread PlugX malware operation orchestrated by Chinese state-backed hacking groups, Mustang Panda and Twill Typhoon. This international effort has resulted in the deletion of the malware from over 4,200 infected U.S. computers. … The post FBI Neutralizes PlugX Malware on 4,200 Computers in the U.S. appeared first on CyberInsider.
Source: CyberInsider
January 15th, 2025 (6 months ago)
Description: The merits of choosing passkeys over passwords to help keep your online accounts more secure, and explaining how the technology promises to do this
Source: NCSC Alerts and Advisories
January 15th, 2025 (6 months ago)
Description: Passkeys are the future of authentication, offering enhanced security and convenience over passwords, but widespread adoption faces challenges that the NCSC is working to resolve.
Source: NCSC Alerts and Advisories
January 15th, 2025 (6 months ago)
Description: The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a "multi-month law enforcement operation." PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People's Republic of China (PRC
Source: TheHackerNews
January 15th, 2025 (6 months ago)
Description: Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution. Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the "vulnerabilities are trivial to reverse and exploit." The list of identified flaws is as follows -
Source: TheHackerNews
January 15th, 2025 (6 months ago)

CVE-2024-7344

Description: Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks. Of the 161 flaws, 11 are rated Critical, and 149 are rated Important in severity. One other flaw, a non-Microsoft CVE related to a Windows Secure Boot bypass (CVE-2024-7344), has not been assigned

EPSS Score: 0.04%

Source: TheHackerNews
January 15th, 2025 (6 months ago)
Description: In 2024, the Taiwanese government saw the daily average of attempted attacks by China double to 2.4 million, with a focus on government targets and telecommunications firms.
Source: Dark Reading
January 15th, 2025 (6 months ago)
Description: Linux Ratfor provided by the Dimensional Gate contains a stack-based buffer overflow vulnerability.
Source: Japan Vulnerability Notes (JVN)
January 15th, 2025 (6 months ago)