NAME__________Redmine cross-site scriptingPlatforms Affected:Redmine Redmine 5.0.6Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Redmine is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________Login Screen Manager Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Login Screen Manager Plugin for WordPress 3.5.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Login...
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting...
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which...
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Migrating to post-quantum cryptography In 2020, the NCSC published a white paper on https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography" target="_self">Preparing for Quantum-Safe Cryptography. This paper...
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced...
QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system...
A new dropper-as-a-service (DaaS) cybercrime operation named 'SecuriDropper' has emerged, using a method that bypasses the 'Restricted Settings' feature in Android...
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified...
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously...
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber...
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions...
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two...
Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
A security breach at identity and access management (IAM) specialist Okta impacted over 130 of its customers, a handful of...
The UK’s National Cyber Security Centre (NCSC) has released more information designed to help organizations migrate their systems to post-quantum...
Cloud native development practices are creating dangerous new security blind spots for organizations in the US, UK, France and Germany,...
The US, Japan and South Korea have established a high-level consultative body designed to counter North Korea’s cyber activities.A key...
The SpyNote Trojan, camouflaged as a mod for the game Roblox, has been observed targeting Android users. This mobile malware can...
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a Russian national for her involvement...
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
A cutting-edge utility designed exclusively for web security aficionados, penetration testers, and system administrators. WebSecProbe is your advanced toolkit for...
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced...
