CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: Russian internet service provider Nodex confirmed on Tuesday that its network was "destroyed" in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance [...]
Source: BleepingComputer
January 8th, 2025 (6 months ago)
Description: viceCoolMan Claims to have Leaked the Data of Everyday Health
Source: DarkWebInformer
January 8th, 2025 (6 months ago)
Description: Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious. While there are safeguards such as DomainKeys
Source: TheHackerNews
January 8th, 2025 (6 months ago)
Description: LordVoldemort Claims to have Leaked the Data of Hollywood Hair
Source: DarkWebInformer
January 8th, 2025 (6 months ago)
Description: [Darknetlive Archive] Man Sentenced in SLO Murder-for-Hire Case
Source: DarkWebInformer
January 8th, 2025 (6 months ago)
Description: "Where Warlocks Stay Up Late" project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map.
Source: Dark Reading
January 8th, 2025 (6 months ago)
Description: ​Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. [...]
Source: BleepingComputer
January 8th, 2025 (6 months ago)
Description: Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. [...]
Source: BleepingComputer
January 8th, 2025 (6 months ago)
Description: Albanian Hacking Tool: Ethical Hacking, Social Media Hacks, Phone Info, and More
Source: DarkWebInformer
January 8th, 2025 (6 months ago)

CVE-2023-40273

Description: Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from CVE-2023-40273 which was addressed in Apache-Airflow 2.7.0 Users are recommended to upgrade to version 1.5.2, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2024-45033 https://github.com/apache/airflow/pull/45139 https://lists.apache.org/thread/yw535346rk766ybzpqtvrl36sjj789st https://github.com/advisories/GHSA-8863-4qmg-fr45
Source: Github Advisory Database (PIP)
January 8th, 2025 (6 months ago)