Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking
Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into...
Year: 2023
Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn
Threat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months....
HackerOne Bug Bounty Disclosure: b-yelp-com-xss-ato-via-login-keylogger-link-google-account-b-lil-endian
Company Name: b'Yelp' Company HackerOne URL: https://hackerone.com/yelp Submitted By:b'lil_endian'Link to Submitters Profile:https://hackerone.com/b'lil_endian' Report Title:b'yelp.com XSS ATO (via login keylogger, link...
HackerOne Bug Bounty Disclosure: b-renaming-aliasing-relative-symbolic-links-potentially-redirects-them-to-supposedly-inaccessible-locations-b-tniessen
Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'tniessen'Link to Submitters Profile:https://hackerone.com/b'tniessen' Report Title:b'Renaming/aliasing relative symbolic links potentially redirects them...
BianLian Ransomware Victim: Armortex
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Report
The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus...
Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the...
Medusa Locker Ransomware Victim: Postel SpA
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Gigabud RAT Android Banking Malware Targets Institutions Across Countries
Account holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an...
LockBit 3.0 Ransomware Victim: haynesintl[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: econsult[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: qbcqatar[.]com[.]qa
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: leecorpinc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: varian[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: jhillburn[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Nozomi Networks Guardian/CMC information disclosure | CVE-2023-24471
NAME__________Nozomi Networks Guardian/CMC information disclosurePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nozomi Networks Guardian/CMC could allow a remote authenticated attacker...
Nozomi Networks Guardian/CMC cross-site scripting | CVE-2023-22843
NAME__________Nozomi Networks Guardian/CMC cross-site scriptingPlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Nozomi Networks Guardian/CMC is vulnerable to cross-site scripting, caused...
EmbedPress plugin for WordPress cross-site scripting | CVE-2023-4283
NAME__________EmbedPress plugin for WordPress cross-site scriptingPlatforms Affected:WordPress EmbedPress plugin for WordPress 3.8.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________EmbedPress plugin for WordPress is vulnerable...
KramerAV VIA Connect (2) and VIA Go (2) devices security bypass | CVE-2023-33468
NAME__________KramerAV VIA Connect (2) and VIA Go (2) devices security bypassPlatforms Affected:KramerAV VIA Connect (2) and VIA Go (2) deviceRisk...
Leyka Plugin for WordPress cross-site scripting | CVE-2023-39314
NAME__________Leyka Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Leyka Plugin for WordPress 3.30.2Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Leyka Plugin for WordPress is vulnerable...
Nozomi Networks Guardian/CMC denial of service | CVE-2023-24015
NAME__________Nozomi Networks Guardian/CMC denial of servicePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nozominetworks Nozomi Networks Guardian/CMC is vulnerable to...
MISP cross-site scripting | CVE-2023-40224
NAME__________MISP cross-site scriptingPlatforms Affected:MISP MISP 2.4.168 MISP MISP 2.4.169 MISP MISP 2.4.174Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________MISP is vulnerable to cross-site scripting,...
Nozomi Networks Guardian/CMC security bypass | CVE-2023-24477
NAME__________Nozomi Networks Guardian/CMC security bypassPlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nozomi Networks Guardian/CMC could allow a remote attacker to...
EmbedPress Plugin for WordPress security bypass | CVE-2023-4282
NAME__________EmbedPress Plugin for WordPress security bypassPlatforms Affected:WordPress EmbedPress plugin for WordPress 3.8.2Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________EmbedPress Plugin for WordPress could allow...
