CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2025-5748.
EPSS Score: 0.17%
June 6th, 2025 (about 1 month ago)
|
|
|
Description: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.3. The following CVEs are assigned: CVE-2025-5749.
EPSS Score: 0.02%
June 6th, 2025 (about 1 month ago)
|
|
|
Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2025-5750.
EPSS Score: 0.09%
June 6th, 2025 (about 1 month ago)
|
|
|
Description: This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.6. The following CVEs are assigned: CVE-2025-5751.
EPSS Score: 0.03%
June 6th, 2025 (about 1 month ago)
|
|
Description: Alleged data breach of Ministry of Health of Peru
June 6th, 2025 (about 1 month ago)
|
|
Description: The group was arrested in December as part of a raid that included 599 Nigerians and 193 other foreign nationals, many of them Chinese, on suspicion of being involved in a range of online crimes.
June 6th, 2025 (about 1 month ago)
|
|
Description: A new wave of Mirai botnet activity is exploiting a recently disclosed vulnerability in TBK DVR devices, CVE-2024-3721, to infect internet-connected systems with a custom ARM32 malware variant designed to evade analysis and sustain persistent remote control. Kaspersky uncovered the exploitation attempt while monitoring honeypots. The campaign targets a command injection flaw in TBK DVR-4104 …
The post New Mirai Botnet Variant Targets Flaw in 50,000 Exposed TBK DVRs appeared first on CyberInsider.
CVSS: MEDIUM (6.3)
June 6th, 2025 (about 1 month ago)
|
|
Description: A new data wiper malware named 'PathWiper' is being used in targeted attacks against critical infrastructure in Ukraine, aimed at disrupting operations in the country. [...]
June 6th, 2025 (about 1 month ago)
|
|
Description: State-backed threat actors from a handful of countries are using ChatGPT for a range of malicious purposes ranging from malware refinement to employment scams and social media disinformation campaigns.
June 6th, 2025 (about 1 month ago)
|
CVE-2025-5806 |
Description: Jenkins Gatling Plugin 136.vb_9009b_3d33a_e serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and 1.625, resulting in a cross-site scripting (XSS) vulnerability exploitable by users able to change report content.
CVSS: HIGH (8.0) EPSS Score: 0.04% SSVC Exploitation: none
June 6th, 2025 (about 1 month ago)
|