CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Banshee stealer evades detection using Apple XProtect encryption algo
Description: A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple's XProtect. [...]
Source: BleepingComputer
January 9th, 2025 (6 months ago)
[Darknetlive Archive] Italian Man Allegedly Hired a Hitman on the Darkweb
Description: [Darknetlive Archive] Italian Man Allegedly Hired a Hitman on the Darkweb
Source: DarkWebInformer
January 9th, 2025 (6 months ago)
Microsoft fixes OneDrive bug causing macOS app freezes
Description: ​Microsoft has fixed a known issue causing macOS applications to freeze when opening or saving files in OneDrive. [...]
Source: BleepingComputer
January 9th, 2025 (6 months ago)
[github.com/MicahParks/jwkset] JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh
Description: Impact The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal from a JWK Set is equivalent to revocation. Example attack scenario: An attacker has stolen the private key for a key published in JWK Set. The publishers of that JWK Set remove that key from the JWK Set. Enough time has passed that the program using the auto-caching HTTP client found in github.com/MicahParks/jwkset v0.5.0-v0.5.21 has elapsed its HTTPClientStorageOptions.RefreshInterval duration, causing a refresh of the remote JWK Set. The attacker is signing content (such as JWTs) with the stolen private key and the system has no other forms of revocation. Patches The affected auto-caching HTTP client was added in version v0.5.0 and fixed in v0.6.0. Upgrade to v0.6.0 or later. Workarounds The only workaround would be to remove the provided auto-caching HTTP client and replace it with a custom implementation. This involves setting the HTTPClientStorageOptions.RefreshInterval to zero (or not specifying the value). Upgrade to v0.6.0 is advised. References Please see the tracking issue on GitHub for additional details: https://github.com/MicahParks/jwkset/issues/40 References https://github.com/MicahParks/jwkset/security/advisories/GHSA-675f-rq2r-jw82 https://github.com/Micah...
Source: Github Advisory Database (Go)
January 9th, 2025 (6 months ago)

CVE-2025-22449
[github.com/mattermost/mattermost/server/v8] Mattermost Incorrect Authorization vulnerability
Description: Mattermost versions 9.11.x <= 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allow_open_invite" field via making their team public. References https://nvd.nist.gov/vuln/detail/CVE-2025-22449 https://mattermost.com/security-updates https://github.com/advisories/GHSA-q8fg-cp3q-5jwm

CVSS: LOW (3.8)

EPSS Score: 0.04%

Source: Github Advisory Database (Go)
January 9th, 2025 (6 months ago)

CVE-2023-1907
[pgadmin4] pgAdmin has Incorrect Default Permissions
Description: A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously. References https://nvd.nist.gov/vuln/detail/CVE-2023-1907 https://bugzilla.redhat.com/show_bug.cgi?id=2218384 https://github.com/pgadmin-org/pgadmin4/issues/6100 https://github.com/pgadmin-org/pgadmin4/commit/fa29ba91632634d961f937ce3ed2c3b5a9d78f59 https://github.com/pgadmin-org/pgadmin4/blob/a9974b418c49760d3989b7fb25e052ff16b89ac6/docs/en_US/release_notes_7_0.rst https://github.com/advisories/GHSA-7w6r-748w-mh52

CVSS: HIGH (8.0)

Source: Github Advisory Database (PIP)
January 9th, 2025 (6 months ago)

CVE-2024-50603
Critical Vulnerability Alert: CVE-2024-50603 Critical Command Injection Vulnerability in Aviatrix Controller
Description: Critical Vulnerability Alert: CVE-2024-50603 Critical Command Injection Vulnerability in Aviatrix Controller

CVSS: CRITICAL (10.0)

EPSS Score: 92.43%

Source: DarkWebInformer
January 9th, 2025 (6 months ago)
Proton Mail still down as Proton recovers from worldwide outage
Description: Privacy firm Proton suffered a massive worldwide outage today, taking down most services, with Proton Mail and Calendar users still unable to connect to their accounts. [...]
Source: BleepingComputer
January 9th, 2025 (6 months ago)
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Description: Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. "Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create and
Source: TheHackerNews
January 9th, 2025 (6 months ago)
MirrorFace hackers targeting Japanese govt, politicians since 2019
Description: The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed "MirrorFace" hacking group. [...]
Source: BleepingComputer
January 9th, 2025 (6 months ago)