Month: February 2025

CVE Alert: CVE-2025-1328

February 21, 2025

Vulnerability Summary: CVE-2025-1328 The Typed JS: A typewriter style animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...

CVE Alert: CVE-2024-49779

February 21, 2025

Vulnerability Summary: CVE-2024-49779 IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security...

[LYNX] – Ransomware Victim: planetone-asia[.]com

February 21, 2025

Ransomware Group: LYNX VICTIM NAME: planetone-asiacom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[AKIRA] – Ransomware Victim: Luminus Management

February 21, 2025

Ransomware Group: AKIRA VICTIM NAME: Luminus Management NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[INTERLOCK] – Ransomware Victim: Siegel Group

February 21, 2025

Ransomware Group: INTERLOCK VICTIM NAME: Siegel Group NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

February 21, 2025

Palo Alto Networks Security Advisories /CVE-2025-0110CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig PluginUrgencyMODERATE047910Severity7.3 ·HIGHExploit MaturityPOCResponse EffortMODERATERecoveryUSERValue DensityCONCENTRATEDAttack VectorNETWORKAttack...

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

February 21, 2025

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

February 21, 2025

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

February 21, 2025

[INCRANSOM] – Ransomware Victim: statesideseattle[.]com

February 21, 2025

Ransomware Group: INCRANSOM VICTIM NAME: statesideseattlecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: headcount[.]com

February 21, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: headcountcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: jindalgroup[.]com

February 21, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: jindalgroupcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[AKIRA] – Ransomware Victim: Barhite & Holzinger Inc[.]

February 21, 2025

Ransomware Group: AKIRA VICTIM NAME: Barhite & Holzinger Inc NOTE: No files or stolen information are by RedPacket Security. Any...

[AKIRA] – Ransomware Victim: Insyst GmbH

February 21, 2025

Ransomware Group: AKIRA VICTIM NAME: Insyst GmbH NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[RANSOMHUB] – Ransomware Victim: guadeloupeformation[.]com

February 21, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: guadeloupeformationcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[AKIRA] – Ransomware Victim: Paratus

February 21, 2025

Ransomware Group: AKIRA VICTIM NAME: Paratus NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2025-21105

February 21, 2025

Vulnerability Summary: CVE-2025-21105 Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with...

CVE Alert: CVE-2025-21106

February 21, 2025

Vulnerability Summary: CVE-2025-21106 Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged...

CVE Alert: CVE-2025-1039

February 21, 2025

Vulnerability Summary: CVE-2025-1039 The Lenix Elementor Leads addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a URL...

CVE Alert: CVE-2024-49344

February 21, 2025

Vulnerability Summary: CVE-2024-49344 IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application...

CVE Alert: CVE-2025-1043

February 21, 2025

Vulnerability Summary: CVE-2025-1043 The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable...

CVE Alert: CVE-2023-51315

February 21, 2025

Vulnerability Summary: CVE-2023-51315 PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "seat_name, plugin_sms_api_key,...

CVE Alert: CVE-2023-51312

February 21, 2025

Vulnerability Summary: CVE-2023-51312 PHPJabbers Restaurant Booking System v3.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in Reservations menu, Schedule section...

CVE Alert: CVE-2023-51306

February 21, 2025

Vulnerability Summary: CVE-2023-51306 PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "name, title"...

Month: February 2025

CVE Alert: CVE-2025-1328

CVE Alert: CVE-2024-49779

[LYNX] – Ransomware Victim: planetone-asia[.]com

[AKIRA] – Ransomware Victim: Luminus Management

[INTERLOCK] – Ransomware Victim: Siegel Group

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

[Palo Alto Networks Security Advisories] CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability inOpenConfig Plugin

[INCRANSOM] – Ransomware Victim: statesideseattle[.]com

[RANSOMHUB] – Ransomware Victim: headcount[.]com

[RANSOMHUB] – Ransomware Victim: jindalgroup[.]com

[AKIRA] – Ransomware Victim: Barhite & Holzinger Inc[.]

[AKIRA] – Ransomware Victim: Insyst GmbH

[RANSOMHUB] – Ransomware Victim: guadeloupeformation[.]com

[AKIRA] – Ransomware Victim: Paratus

CVE Alert: CVE-2025-21105

CVE Alert: CVE-2025-21106

CVE Alert: CVE-2025-1039

CVE Alert: CVE-2024-49344

CVE Alert: CVE-2025-1043

CVE Alert: CVE-2023-51315

CVE Alert: CVE-2023-51312

CVE Alert: CVE-2023-51306

BianLian Ransom Notes: New Extortion Tactics Target Organizations

Silk Typhoon Exploits Common IT Solutions: New Tactics Revealed

OT Security Incidents: Over Half of Organizations Report Serious Challenges

Cybersecurity Challenges: Nonprofits Encounter 35% Rise in Email Threats

Stress and Burnout Among IT Professionals: The Alarming Reality

You may have missed