CISA: CISA Releases Thirteen Industrial Control Systems Advisories
CISA Releases Thirteen Industrial Control Systems Advisories CISA released thirteen Industrial Control Systems (ICS) advisories on March 13, 2025. These...
Month: March 2025
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on March 18, 2025. These...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066
Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066 A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on March 20, 2025. These...
Cobalt Strike Beacon Detected – 129[.]204[.]254[.]108:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 82[.]156[.]206[.]157:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-0454
Vulnerability Summary: CVE-2025-0454 A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to...
CVE Alert: CVE-2025-0655
Vulnerability Summary: CVE-2025-0655 A vulnerability in man-group/dtale versions 3.15.1 allows an attacker to override global state settings to enable the...
CVE Alert: CVE-2025-0508
Vulnerability Summary: CVE-2025-0508 A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions...
CVE Alert: CVE-2025-1040
Vulnerability Summary: CVE-2025-1040 AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to...
CVE Alert: CVE-2025-0628
Vulnerability Summary: CVE-2025-0628 An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role...
CVE Alert: CVE-2025-0453
Vulnerability Summary: CVE-2025-0453 In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker...
CVE Alert: CVE-2024-13923
Vulnerability Summary: CVE-2024-13923 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery...
CVE Alert: CVE-2024-13922
Vulnerability Summary: CVE-2024-13922 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion...
CVE Alert: CVE-2025-1796
Vulnerability Summary: CVE-2025-1796 A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by...
CVE Alert: CVE-2025-1474
Vulnerability Summary: CVE-2025-1474 In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a...
CVE Alert: CVE-2024-13921
Vulnerability Summary: CVE-2024-13921 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection...
CVE Alert: CVE-2025-2539
Vulnerability Summary: CVE-2025-2539 The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
CVE Alert: CVE-2024-13920
Vulnerability Summary: CVE-2024-13920 The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in...
CVE Alert: CVE-2024-13558
Vulnerability Summary: CVE-2024-13558 The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in...
CVE Alert: CVE-2025-2311
Vulnerability Summary: CVE-2025-2311 Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Nebula Informatics...
CVE Alert: CVE-2025-0254
Vulnerability Summary: CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to...
