CVE Alert: CVE-2024-49608
Vulnerability Summary: CVE-2024-49608 : Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows Privilege Escalation.This issue affects...
Month: October 2024
CVE Alert: CVE-2024-49332
Vulnerability Summary: CVE-2024-49332 Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a...
CVE Alert: CVE-2024-49331
Vulnerability Summary: CVE-2024-49331 Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload...
CVE Alert: CVE-2024-49622
Vulnerability Summary: CVE-2024-49622 Cross-Site Request Forgery (CSRF) vulnerability in Apa Apa Banner Slider allows SQL Injection.This issue affects Apa Banner...
CVE Alert: CVE-2024-49623
Vulnerability Summary: CVE-2024-49623 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hasan Movahed Duplicate...
CVE Alert: CVE-2024-49330
Vulnerability Summary: CVE-2024-49330 Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell...
[BLACKSUIT] – Ransomware Victim: Teddy SpA
Ransomware Group: BLACKSUIT VICTIM NAME: Teddy SpA NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
HackerOne Bug Bounty Disclosure: reflected-xss-mathara
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:matharaLink to Submitters Profile:https://hackerone.com/mathara Report Title:Reflected - XSSReport Link:https://hackerone.com/reports/1779447Date Submitted:21 October...
HackerOne Bug Bounty Disclosure: no-rate-limit-in-otp-code-sending-mathara
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:matharaLink to Submitters Profile:https://hackerone.com/mathara Report Title:No rate limit in OTP code...
[FOG] – Ransomware Victim: Schweiger Transport (schweiger-gmbh[.]de)
Ransomware Group: FOG VICTIM NAME: Schweiger Transport (schweiger-gmbhde) NOTE: No files or stolen information are by RedPacket Security. Any legal...
[RANSOMHUB] – Ransomware Victim: www[.]stivo[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: wwwstivocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FOG] – Ransomware Victim: Philadelphia Macaroni (philamacaroni[.]com)
Ransomware Group: FOG VICTIM NAME: Philadelphia Macaroni (philamacaronicom) NOTE: No files or stolen information are by RedPacket Security. Any legal...
[RANSOMHUB] – Ransomware Victim: yorozu-corp[.]co[.]jp
Ransomware Group: RANSOMHUB VICTIM NAME: yorozu-corpcojp NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[HUNTERS] – Ransomware Victim: Mercury Theatre
Ransomware Group: HUNTERS VICTIM NAME: Mercury Theatre NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed...
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 – Oct 20)
Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems...
Guide:Â The Ultimate Pentest Checklist for Full-Stack Security
Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics...
CVE Alert: CVE-2024-44061
Vulnerability Summary: CVE-2024-44061 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT...
CVE Alert: CVE-2024-49625
Vulnerability Summary: CVE-2024-49625 Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder...
CVE Alert: CVE-2024-49621
Vulnerability Summary: CVE-2024-49621 Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA...
CVE Alert: CVE-2024-49610
Vulnerability Summary: CVE-2024-49610 Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to...
CVE Alert: CVE-2024-49624
Vulnerability Summary: CVE-2024-49624 Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising...
CVE Alert: CVE-2024-49609
Vulnerability Summary: CVE-2024-49609 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author...
CVE Alert: CVE-2024-49335
Vulnerability Summary: CVE-2024-49335 Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive...
