CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: 2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that you can start preparing to counter
Source: TheHackerNews
January 8th, 2025 (6 months ago)
Description: Hackers claim to have breached Gravy Analytics, a major player in the collection and sale of smartphone location data. The attackers allege they have stolen sensitive data, including customer lists, industry insights, and precise location data tied to individuals’ smartphone movements. The breach is poised to have far-reaching consequences as the hackers threaten to publicly … The post Hackers Claim Breach of Location Data Giant Gravy Analytics appeared first on CyberInsider.
Source: CyberInsider
January 8th, 2025 (6 months ago)
Description: After the excitement of our .MOBI research, we were left twiddling our thumbs. As you may recall, in 2024, we demonstrated the impact of an unregistered domain when we subverted the TLS/SSL CA process for verifying domain ownership to give ourselves the ability to issue valid and trusted TLS/
Source: Watchtower Labs
January 8th, 2025 (6 months ago)
Description: A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
Source: TheHackerNews
January 8th, 2025 (6 months ago)
Description: The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission (FCC) said. "Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear
Source: TheHackerNews
January 8th, 2025 (6 months ago)
Description: The southern African telco is the latest entity on the continent to have its critical infrastructure hacked, and attackers release sensitive info online when Telecom Namibia refuses to negotiate.
Source: Dark Reading
January 8th, 2025 (6 months ago)

CVE-2024-41713

Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-41713 (CVSS score: 9.1) - A path traversal vulnerability in Mitel MiCollab that could allow an attacker

EPSS Score: 95.44%

Source: TheHackerNews
January 8th, 2025 (6 months ago)
Description: Education software giant PowerSchool has confirmed it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform. [...]
Source: BleepingComputer
January 8th, 2025 (6 months ago)
Description: MZK-DP300N provided by PLANEX COMMUNICATIONS INC. contains a cross-site scripting vulnerability.
Source: Japan Vulnerability Notes (JVN)
January 8th, 2025 (6 months ago)
Description: Xerox FreeFlow Core, part of the Xerox FreeFlow Digital Workflow Collection provided by FUJIFILM Business Innovation Corp. contains multiple vulnerabilities.
Source: Japan Vulnerability Notes (JVN)
January 8th, 2025 (6 months ago)