CVE Alert: CVE-2025-26527
Vulnerability Summary: CVE-2025-26527 Tags not expected to be visible to a user could still be discovered by them via the...
Month: February 2025
CVE Alert: CVE-2025-26526
Vulnerability Summary: CVE-2025-26526 Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses...
CVE Alert: CVE-2025-26532
Vulnerability Summary: CVE-2025-26532 Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored. Affected...
CVE Alert: CVE-2025-27137
Vulnerability Summary: CVE-2025-27137 Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software...
CVE Alert: CVE-2025-26525
Vulnerability Summary: CVE-2025-26525 Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where...
CVE Alert: CVE-2025-26533
Vulnerability Summary: CVE-2025-26533 An SQL injection risk was identified in the module list filter within course search. Affected Endpoints: No...
[LYNX] – Ransomware Victim: pacresmortgage[.]com
Ransomware Group: LYNX VICTIM NAME: pacresmortgagecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CICADA3301] – Ransomware Victim: Birdsall Muller LLC
Ransomware Group: CICADA3301 VICTIM NAME: Birdsall Muller LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...
[CICADA3301] – Ransomware Victim: Executive Agenda
Ransomware Group: CICADA3301 VICTIM NAME: Executive Agenda NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Bybit Offers $140 Million Bounty for Recovery of Stolen Cryptocurrency
Bybit is offering a 10% reward on recovered funds in its efforts to reclaim $1.4 billion lost in a massive...
UK Government Faces Backlash Over Disastrous Apple Encryption Decision
Security and consumer rights experts are calling for accountability from the UK government after the alarming removal of end-to-end encryption...
IT/OT Convergence: Addressing Cyber Incidents in Manufacturing
The integration of IT and operational technology (OT) is essential for modern manufacturing, but it has also resulted in increased...
XSS Vulnerability in Essential Addons for Elementor: A Critical Alert
A significant XSS vulnerability has emerged in Essential Addons for Elementor, affecting over 2 million WordPress sites and demanding immediate...
Quantum-Resistant Digital Signatures Now Available in Google Cloud KMS
Google Cloud has introduced quantum-safe digital signatures within its Cloud Key Management Service (Cloud KMS), ensuring enhanced security against quantum...
Michigan Man Indicted for Dark Web Credential Fraud: A Look into Cybercrime Tactics
A Michigan man has been indicted for wire fraud and identity theft after allegedly acquiring nearly 2,500 stolen login credentials...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...
CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications CISA, in partnership with...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on January 28, 2025. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These...
CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware CISA released a fact sheet, Contec CMS8000 Contains...
