CVE Alert: CVE-2024-10559
Vulnerability Summary: CVE-2024-10559 A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by...
Month: November 2024
CVE Alert: CVE-2024-21537
Vulnerability Summary: CVE-2024-21537 Versions of the package lilconfig from 3.1.0 and before 3.1.1 are vulnerable to Arbitrary Code Execution due...
CVE Alert: CVE-2024-10544
Vulnerability Summary: CVE-2024-10544 The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions...
CVE Alert: CVE-2024-9708
Vulnerability Summary: CVE-2024-9708 The Easy SVG Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads...
[MEDUSA] – Ransomware Victim: United Sleep Diagnostics
Ransomware Group: MEDUSA VICTIM NAME: United Sleep Diagnostics NOTE: No files or stolen information are by RedPacket Security. Any legal...
[HUNTERS] – Ransomware Victim: Cerp Bretagne Nord
Ransomware Group: HUNTERS VICTIM NAME: Cerp Bretagne Nord NOTE: No files or stolen information are by RedPacket Security. Any legal...
[LOCKBIT3] – Ransomware Victim: vikurverk[.]is
Ransomware Group: LOCKBIT3 VICTIM NAME: vikurverkis NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LOCKBIT3] – Ransomware Victim: mirandaproduce[.]com[.]ve
Ransomware Group: LOCKBIT3 VICTIM NAME: mirandaproducecomve NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CACTUS] – Ransomware Victim: lumiplan[.]com
Ransomware Group: CACTUS VICTIM NAME: lumiplancom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: eap[.]gr
Ransomware Group: RANSOMHUB VICTIM NAME: eapgr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer...
CVE Alert: CVE-2024-10392
Vulnerability Summary: CVE-2024-10392 The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to...
CVE Alert: CVE-2024-9434
Vulnerability Summary: CVE-2024-9434 The WPGlobus Translate Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up...
CVE Alert: CVE-2024-9700
Vulnerability Summary: CVE-2024-9700 The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable...
CVE Alert: CVE-2024-9446
Vulnerability Summary: CVE-2024-9446 The WP Simple Anchors Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE Alert: CVE-2024-9165
Vulnerability Summary: CVE-2024-9165 The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to Stored Cross-Site...
CVE Alert: CVE-2024-9430
Vulnerability Summary: CVE-2024-9430 The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-43930
Vulnerability Summary: CVE-2024-43930 Cross-Site Request Forgery (CSRF) vulnerability in eyecix JobSearch allows Cross Site Request Forgery.This issue affects JobSearch: from...
CVE Alert: CVE-2024-43383
Vulnerability Summary: CVE-2024-43383 Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005...
CVE Alert: CVE-2024-30149
Vulnerability Summary: CVE-2024-30149 HCL AppScan Source
CVE Alert: CVE-2024-49685
Vulnerability Summary: CVE-2024-49685 Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) allows Cross Site Request...
CVE Alert: CVE-2024-49674
Vulnerability Summary: CVE-2024-49674 Cross-Site Request Forgery (CSRF) vulnerability in Lukas Huser EKC Tournament Manager allows Upload a Web Shell to...
CVE Alert: CVE-2024-10454
Vulnerability Summary: CVE-2024-10454 Clickjacking vulnerability in Clibo Manager v1.1.9.12 in the '/public/login' directory, a login panel. This vulnerability occurs due...
CVE Alert: CVE-2024-43984
Vulnerability Summary: CVE-2024-43984 Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher allows Code Injection.This issue affects Podlove Podcast...
