CVE Alert: CVE-2025-24010
Vulnerability Summary: CVE-2025-24010 Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to...
Month: January 2025
CVE Alert: CVE-2024-45647
Vulnerability Summary: CVE-2024-45647 IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could...
CVE Alert: CVE-2025-23044
Vulnerability Summary: CVE-2025-23044 PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to...
CVE Alert: CVE-2025-22620
Vulnerability Summary: CVE-2025-22620 gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when...
CVE Alert: CVE-2024-22348
Vulnerability Summary: CVE-2024-22348 IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing (CORS)...
CVE Alert: CVE-2025-23221
Vulnerability Summary: CVE-2025-23221 Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. This...
CVE Alert: CVE-2024-22347
Vulnerability Summary: CVE-2024-22347 IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic...
CVE Alert: CVE-2024-22349
Vulnerability Summary: CVE-2024-22349 IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be...
CVE Alert: CVE-2025-24014
Vulnerability Summary: CVE-2025-24014 Vim is an open source, command line text editor. A segmentation fault was found in Vim before...
Otelier Breach Exposes Data of Half a Million Hotel Guests
The Otelier breach has compromised the personal data of hotel guests, highlighting vulnerabilities in the hospitality industry. Customers of renowned...
US Sanctions Target Chinese Hackers for Treasury and Telecom Breaches
In response to significant cyber intrusions, the US has imposed sanctions on Chinese state cyber actors involved in breaches of...
Guilty Plea of Former CIA Analyst for Sharing Top Secret Files
A former CIA analyst has admitted to sharing top secret documents on social media, raising serious national security concerns. A...
Restoration of Ukraine’s State Registers After Major Cyber-Attack
Ukraine's state registers have been fully restored following a significant cyber-attack attributed to Russia, ensuring data security and operational integrity....
HPE Investigates Claims of Data Breach by Hacker IntelBroker
Hewlett Packard Enterprise (HPE) is currently investigating serious claims made by hacker IntelBroker, who alleges a data breach involving sensitive...
DONOT APT Group Misuses Android App for Covert Intelligence Gathering
The DONOT APT group from India is exploiting a malicious Android application disguised as a chat platform for intelligence gathering....
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services
CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure...
CISA: CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure
CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure Today, CISA and the Office...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on December 17, 2024. These...
CISA: CISA Releases Best Practice Guidance for Mobile Communications
CISA Releases Best Practice Guidance for Mobile Communications Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted...
CISA: Fortinet Releases Security Updates for FortiManager
Fortinet Releases Security Updates for FortiManager Fortinet released a security update to address a vulnerability in FortiManager. A remote cyber...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 19, 2024. These...
