CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on February 20, 2025. These...
Month: February 2025
CISA: CISA and Partners Release Advisory on Ghost (Cring) Ransomware
CISA and Partners Release Advisory on Ghost (Cring) Ransomware Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
[Palo Alto Networks Security Advisories] CVE-2024-5921 GlobalProtect App: Insufficient Certificate Validation Leads toPrivilege Escalation
Palo Alto Networks Security Advisories /CVE-2024-5921CVE-2024-5921 GlobalProtect App: Insufficient Certificate Validation Leads to Privilege EscalationUrgencyMODERATE047910Severity5.6 ·MEDIUMExploit MaturityPOCResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorADJACENTAttack...
[QILIN] – Ransomware Victim: palauhealth
Ransomware Group: QILIN VICTIM NAME: palauhealth NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]okddsi[.]net
Ransomware Group: RANSOMHUB VICTIM NAME: wwwokddsinet NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[KILLSEC] – Ransomware Victim: Medical File
Ransomware Group: KILLSEC VICTIM NAME: Medical File NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[SAFEPAY] – Ransomware Victim: conduent[.]com
Ransomware Group: SAFEPAY VICTIM NAME: conduentcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-13478
Vulnerability Summary: CVE-2024-13478 The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via the...
CVE Alert: CVE-2024-13481
Vulnerability Summary: CVE-2024-13481 The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection via...
CVE Alert: CVE-2025-0968
Vulnerability Summary: CVE-2025-0968 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up...
CVE Alert: CVE-2024-13483
Vulnerability Summary: CVE-2024-13483 The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the...
CVE Alert: CVE-2024-13479
Vulnerability Summary: CVE-2024-13479 The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the...
CVE Alert: CVE-2024-13485
Vulnerability Summary: CVE-2024-13485 The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via...
CVE Alert: CVE-2025-0916
Vulnerability Summary: CVE-2025-0916 The YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP Service plugin...
CVE Alert: CVE-2024-13534
Vulnerability Summary: CVE-2024-13534 The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via...
CVE Alert: CVE-2024-13491
Vulnerability Summary: CVE-2024-13491 The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL Injection...
CVE Alert: CVE-2024-13533
Vulnerability Summary: CVE-2024-13533 The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via the...
[CACTUS] – Ransomware Victim: newhorizonsbaking[.]com
Ransomware Group: CACTUS VICTIM NAME: newhorizonsbakingcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
HackerOne Bug Bounty Disclosure: format-string-vulnerability-curl-msnprintf-function-orcahack
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:orcahackLink to Submitters Profile:https://hackerone.com/orcahack Report Title:Format string vulnerability, curl_msnprintf() function Report Link:https://hackerone.com/reports/2990139Date...
HackerOne Bug Bounty Disclosure: unauthenticated-phpinfo-files-could-lead-to-ability-file-read-at-h-f-n-ips-mtn-co-ug-dashboard-offensiveops
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:offensiveopsLink to Submitters Profile:https://hackerone.com/offensiveops Report Title:Unauthenticated phpinfo()files could lead to ability...
HackerOne Bug Bounty Disclosure: uncontrolled-resource-consumption-when-parsing-maliciously-crafted-xml-with-rexml-l-thaxor
Company Name: Ruby Company HackerOne URL: https://hackerone.com/ruby Submitted By:l33thaxorLink to Submitters Profile:https://hackerone.com/l33thaxor Report Title:Uncontrolled Resource Consumption when parsing maliciously crafted...
[QILIN] – Ransomware Victim: Andover Family Medicine
Ransomware Group: QILIN VICTIM NAME: Andover Family Medicine NOTE: No files or stolen information are by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Mac Jee
Ransomware Group: AKIRA VICTIM NAME: Mac Jee NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
