Year: 2025

[KAIROS] – Ransomware Victim: combinedpoolandspa[.]com

January 15, 2025

Ransomware Group: KAIROS VICTIM NAME: combinedpoolandspacom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: AKConstructors[.]com

January 15, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: AKConstructorscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook

January 15, 2025

CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...

CVE Alert: CVE-2024-48854

January 15, 2025

Vulnerability Summary: CVE-2024-48854 Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow...

CVE Alert: CVE-2024-48856

January 15, 2025

Vulnerability Summary: CVE-2024-48856 Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow...

CVE Alert: CVE-2024-48857

January 15, 2025

Vulnerability Summary: CVE-2024-48857 NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could...

CVE Alert: CVE-2024-48855

January 15, 2025

Vulnerability Summary: CVE-2024-48855 Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow...

CVE Alert: CVE-2025-0474

January 15, 2025

Vulnerability Summary: CVE-2025-0474 Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network...

CVE Alert: CVE-2025-21131

January 15, 2025

Vulnerability Summary: CVE-2025-21131 Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result...

CVE Alert: CVE-2024-56374

January 15, 2025

Vulnerability Summary: CVE-2024-56374 An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack...

CVE Alert: CVE-2025-21128

January 15, 2025

Vulnerability Summary: CVE-2025-21128 Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could...

CVE Alert: CVE-2025-21130

January 15, 2025

Vulnerability Summary: CVE-2025-21130 Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result...

CVE Alert: CVE-2025-21129

January 15, 2025

Vulnerability Summary: CVE-2025-21129 Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could...

[APT73] – Ransomware Victim: betclic[.]com

January 15, 2025

Ransomware Group: APT73 VICTIM NAME: betcliccom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[LYNX] – Ransomware Victim: Lowe Engineers

January 15, 2025

Ransomware Group: LYNX VICTIM NAME: Lowe Engineers NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

HackerOne Bug Bounty Disclosure: netrc-and-redirect-credential-leak-nyymi

January 15, 2025

Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:nyymiLink to Submitters Profile:https://hackerone.com/nyymi Report Title:netrc and redirect credential leakReport...

[LYNX] – Ransomware Victim: Woodport Doors

January 15, 2025

Ransomware Group: LYNX VICTIM NAME: Woodport Doors NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[FUNKSEC] – Ransomware Victim: barilga[.]gov[.]mn

January 15, 2025

Ransomware Group: FUNKSEC VICTIM NAME: barilgagovmn NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2025-21133

January 15, 2025

Vulnerability Summary: CVE-2025-21133 Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability...

CVE Alert: CVE-2025-21127

January 15, 2025

Vulnerability Summary: CVE-2025-21127 Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path Element vulnerability that...

CVE Alert: CVE-2025-21134

January 15, 2025

Vulnerability Summary: CVE-2025-21134 Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability...

CVE Alert: CVE-2025-21132

January 15, 2025

Vulnerability Summary: CVE-2025-21132 Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result...

CVE Alert: CVE-2025-21122

January 15, 2025

Vulnerability Summary: CVE-2025-21122 Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability...

CVE Alert: CVE-2025-23041

January 15, 2025

Vulnerability Summary: CVE-2025-23041 Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for...

Year: 2025

[KAIROS] – Ransomware Victim: combinedpoolandspa[.]com

[RANSOMHUB] – Ransomware Victim: AKConstructors[.]com

CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook

CVE Alert: CVE-2024-48854

CVE Alert: CVE-2024-48856

CVE Alert: CVE-2024-48857

CVE Alert: CVE-2024-48855

CVE Alert: CVE-2025-0474

CVE Alert: CVE-2025-21131

CVE Alert: CVE-2024-56374

CVE Alert: CVE-2025-21128

CVE Alert: CVE-2025-21130

CVE Alert: CVE-2025-21129

[APT73] – Ransomware Victim: betclic[.]com

[LYNX] – Ransomware Victim: Lowe Engineers

HackerOne Bug Bounty Disclosure: netrc-and-redirect-credential-leak-nyymi

[LYNX] – Ransomware Victim: Woodport Doors

[FUNKSEC] – Ransomware Victim: barilga[.]gov[.]mn

CVE Alert: CVE-2025-21133

CVE Alert: CVE-2025-21127

CVE Alert: CVE-2025-21134

CVE Alert: CVE-2025-21132

CVE Alert: CVE-2025-21122

CVE Alert: CVE-2025-23041

[FOG] – Ransomware Victim: University Diagnostic Medical Imaging, PC (udmi[.]net)

Microsoft Edge Multiple Vulnerabilities

CVE Alert: CVE-2025-20177

CVE Alert: CVE-2025-20209

CVE Alert: CVE-2025-20146

You may have missed