CVE Alert: CVE-2024-5667
Vulnerability Summary: CVE-2024-5667 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library...
Month: March 2025
CVE Alert: CVE-2024-13839
Vulnerability Summary: CVE-2024-13839 The Staff Directory Plugin: Company Directory plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
CVE Alert: CVE-2024-13810
Vulnerability Summary: CVE-2024-13810 The Zass - WooCommerce Theme for Handmade Artists and Artisans theme for WordPress is vulnerable to unauthorized...
CVE Alert: CVE-2024-13809
Vulnerability Summary: CVE-2024-13809 The Hero Slider - WordPress Slider Plugin plugin for WordPress is vulnerable to SQL Injection via several...
CVE Alert: CVE-2024-13815
Vulnerability Summary: CVE-2024-13815 The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to,...
[RANSOMHUB] – Ransomware Victim: www[.]hinton[.]ca
Ransomware Group: RANSOMHUB VICTIM NAME: wwwhintonca NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]portlandschools[.]org
Ransomware Group: RANSOMHUB VICTIM NAME: wwwportlandschoolsorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
HackerOne Bug Bounty Disclosure: use-after-free-read-in-curl-multi-perform-with-doh-and-proxy-options-and-resolve-timeouts-catenacyber
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:catenacyberLink to Submitters Profile:https://hackerone.com/catenacyber Report Title:Use after free (read) in curl_multi_perform with...
HackerOne Bug Bounty Disclosure: sqli-in-url-paths-almuntadhar
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:almuntadharLink to Submitters Profile:https://hackerone.com/almuntadhar Report Title:SQLi | in URL pathsReport Link:https://hackerone.com/reports/2958619Date...
HackerOne Bug Bounty Disclosure: exposing-debug-log-file-leads-to-server-full-path-disclosure-kanon
Company Name: Autodesk Company HackerOne URL: https://hackerone.com/autodesk Submitted By:kanon4Link to Submitters Profile:https://hackerone.com/kanon4 Report Title:Exposing debuglog file leads to server full...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on March 6, 2025. These...
[RANSOMHUB] – Ransomware Victim: www[.]centersheetmetal[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: wwwcentersheetmetalcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]convention[.]qc[.]ca
Ransomware Group: RANSOMHUB VICTIM NAME: wwwconventionqcca NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: hickorylaw[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: hickorylawcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: lovesac[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: lovesaccom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LYNX] – Ransomware Victim: Tugwell Pump & Supply
Ransomware Group: LYNX VICTIM NAME: Tugwell Pump & Supply NOTE: No files or stolen information are by RedPacket Security. Any...
[LYNX] – Ransomware Victim: Adval Tech
Ransomware Group: LYNX VICTIM NAME: Adval Tech NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[MONTI] – Ransomware Victim: agi[.]net
Ransomware Group: MONTI VICTIM NAME: aginet NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[INCRANSOM] – Ransomware Victim: Naples Heritage Golf & Country Club
Ransomware Group: INCRANSOM VICTIM NAME: Naples Heritage Golf & Country Club NOTE: No files or stolen information are by RedPacket...
[LYNX] – Ransomware Victim: Dynamic Closures
Ransomware Group: LYNX VICTIM NAME: Dynamic Closures NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[QILIN] – Ransomware Victim: Connekted, Inc[.]
Ransomware Group: QILIN VICTIM NAME: Connekted, Inc NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[FOG] – Ransomware Victim: WJCC Public Schools (wjccschools[.]org)
Ransomware Group: FOG VICTIM NAME: WJCC Public Schools (wjccschoolsorg) NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2025-0954
Vulnerability Summary: CVE-2025-0954 The WP Online Contract plugin for WordPress is vulnerable to unauthorized access due to a missing capability...
CVE Alert: CVE-2025-1515
Vulnerability Summary: CVE-2025-1515 The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up...
