CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
UK floats ransomware payout ban for public sector
Source: TheRegister
January 14th, 2025 (6 months ago)
One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks
Description: Graph neural networks aid in analyzing domains linked to known attack indicators, effectively uncovering new malicious domains and cybercrime campaigns. The post One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks appeared first on Unit 42.
Source: Palo Alto Unit42
January 14th, 2025 (6 months ago)
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
Description: What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party
Source: TheHackerNews
January 14th, 2025 (6 months ago)
Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces
Description: Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes," cybersecurity firm
Source: TheHackerNews
January 14th, 2025 (6 months ago)
Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions
Description: The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated. The figures, released by blockchain analytics firm Elliptic, show that monthly inflows have increased by 51% since July 2024. Huione Guarantee, part
Source: TheHackerNews
January 14th, 2025 (6 months ago)
OMRON NJ/NX series vulnerable to path traversal
Description: OMRON NJ/NX series contain a path traversal vulnerability.
Source: Japan Vulnerability Notes (JVN)
January 14th, 2025 (6 months ago)
Improper restriction of XML external entity reference (XXE) vulnerability in OMRON NB-Designer
Description: OMRON NB-Designer contains an improper restriction of XML external entity reference (XXE) vulnerability.
Source: Japan Vulnerability Notes (JVN)
January 14th, 2025 (6 months ago)
Multiple vulnerabilities in STEALTHONE D220/D340/D440
Description: STEALTHONE D220/D340/D440 provided by Y'S corporation contain multiple vulnerabilities.
Source: Japan Vulnerability Notes (JVN)
January 14th, 2025 (6 months ago)

CVE-2024-12686
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could

CVSS: MEDIUM (6.6)

EPSS Score: 6.18%

Source: TheHackerNews
January 14th, 2025 (6 months ago)
Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used
Source: TheRegister
January 14th, 2025 (6 months ago)