CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software CISA is collaborating with private industry partners to respond...
Month: February 2025
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software
CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software CISA and the Federal Bureau...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Twenty Industrial Control Systems Advisories
CISA Releases Twenty Industrial Control Systems Advisories CISA released twenty Industrial Control Systems (ICS) advisories on February 13, 2025. These...
[FOG] – Ransomware Victim: Pamrya[.]de
Ransomware Group: FOG VICTIM NAME: Pamryade NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FOG] – Ransomware Victim: Acqua development
Ransomware Group: FOG VICTIM NAME: Acqua development NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[FOG] – Ransomware Victim: QBurst
Ransomware Group: FOG VICTIM NAME: QBurst NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-21401
Vulnerability Summary: CVE-2025-21401 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Affected Endpoints: No affected endpoints listed. Published Date: 2/15/2025, 12:15:27...
CVE Alert: CVE-2025-26819
Vulnerability Summary: CVE-2025-26819 Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections. Affected Endpoints: No...
CVE Alert: CVE-2025-1302
Vulnerability Summary: CVE-2025-1302 Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper...
CVE Alert: CVE-2024-13525
Vulnerability Summary: CVE-2024-13525 The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
CVE Alert: CVE-2024-13513
Vulnerability Summary: CVE-2024-13513 The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to Sensitive...
CVE Alert: CVE-2024-13563
Vulnerability Summary: CVE-2024-13563 The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's forgot-password...
[FOG] – Ransomware Victim: Gitlabs: Acqua development, QBurst, Pamyra[.]de
Ransomware Group: FOG VICTIM NAME: Gitlabs: Acqua development, QBurst, Pamyrade NOTE: No files or stolen information are by RedPacket Security....
CVE Alert: CVE-2025-0935
Vulnerability Summary: CVE-2025-0935 The Media Library Folders plugin for WordPress is vulnerable to unauthorized plugin settings change due to a...
CVE Alert: CVE-2024-13752
Vulnerability Summary: CVE-2024-13752 The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts...
CVE Alert: CVE-2025-1005
Vulnerability Summary: CVE-2025-1005 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image...
CVE Alert: CVE-2024-12562
Vulnerability Summary: CVE-2024-12562 The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,...
CVE Alert: CVE-2024-10581
Vulnerability Summary: CVE-2024-10581 The DirectoryPress Frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,...
CVE Alert: CVE-2024-13834
Vulnerability Summary: CVE-2024-13834 The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress...
CVE Alert: CVE-2024-13488
Vulnerability Summary: CVE-2024-13488 The LTL Freight Quotes – Estes Edition plugin for WordPress is vulnerable to SQL Injection via the...
CVE Alert: CVE-2025-0822
Vulnerability Summary: CVE-2025-0822 Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including,...
