[KAIROS] – Ransomware Victim: nightingalehammerson[.]org
Ransomware Group: KAIROS VICTIM NAME: nightingalehammersonorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LYNX] – Ransomware Victim: Gossett Motor Cars
Ransomware Group: LYNX VICTIM NAME: Gossett Motor Cars NOTE: No files or stolen information are by RedPacket Security. Any legal...
[FUNKSEC] – Ransomware Victim: funkforum
Ransomware Group: FUNKSEC VICTIM NAME: funkforum NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-23922
Vulnerability Summary: CVE-2025-23922 Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web...
CVE Alert: CVE-2025-23919
Vulnerability Summary: CVE-2025-23919 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Ella van Durpe...
CVE Alert: CVE-2025-23907
Vulnerability Summary: CVE-2025-23907 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in closed SOCIAL.NINJA allows Stored XSS....
CVE Alert: CVE-2025-23902
Vulnerability Summary: CVE-2025-23902 Cross-Site Request Forgery (CSRF) vulnerability in Taras Dashkevych Error Notification allows Cross Site Request Forgery.This issue affects...
CVE Alert: CVE-2025-23901
Vulnerability Summary: CVE-2025-23901 Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal GravatarLocalCache allows Cross Site Request Forgery.This issue affects GravatarLocalCache:...
CVE Alert: CVE-2025-23915
Vulnerability Summary: CVE-2025-23915 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roninwp...
CVE Alert: CVE-2025-23917
Vulnerability Summary: CVE-2025-23917 Missing Authorization vulnerability in Chandrika Guntur, Morgan Kay Chamber Dashboard Business Directory allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-23916
Vulnerability Summary: CVE-2025-23916 Missing Authorization vulnerability in Nuanced Media WP Meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...
CVE Alert: CVE-2025-23930
Vulnerability Summary: CVE-2025-23930 Missing Authorization vulnerability in iTechArt-Group PayPal Marketing Solutions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...
CVE Alert: CVE-2025-23913
Vulnerability Summary: CVE-2025-23913 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pankajpragma, rahulpragma WordPress...
[APT73] – Ransomware Victim: fol-23[.]fr
Ransomware Group: APT73 VICTIM NAME: fol-23fr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
[FUNKSEC] – Ransomware Victim: aquamanaesp[.]gov[.]co
Ransomware Group: FUNKSEC VICTIM NAME: aquamanaespgovco NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: Divimast
Ransomware Group: AKIRA VICTIM NAME: Divimast NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: VODOTEHNIKA D[.]D[.]
Ransomware Group: AKIRA VICTIM NAME: VODOTEHNIKA DD NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-23929
Vulnerability Summary: CVE-2025-23929 Missing Authorization vulnerability in wishfulthemes Email Capture & Lead Generation allows Exploiting Incorrectly Configured Access Control Security...
CVE Alert: CVE-2025-23926
Vulnerability Summary: CVE-2025-23926 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TC Ajax WP Query Search...
CVE Alert: CVE-2025-23928
Vulnerability Summary: CVE-2025-23928 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Arsovski Google Org Chart...
CVE Alert: CVE-2025-23927
Vulnerability Summary: CVE-2025-23927 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Massimo Serpilli Incredible Font Awesome...
CVE Alert: CVE-2025-23925
Vulnerability Summary: CVE-2025-23925 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jimmy Peña Feedburner Optin Form...
CVE Alert: CVE-2025-23939
Vulnerability Summary: CVE-2025-23939 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiem Khan Image Switcher allows...
