Year: 2025

CISA: CISA Releases Seven Industrial Control Systems Advisories

January 31, 2025

CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on January 28, 2025. These...

CISA: CISA Releases Eight Industrial Control Systems Advisories

January 31, 2025

CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These...

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

January 31, 2025

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware CISA released a fact sheet, Contec CMS8000 Contains...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 31, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 31, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

[FOG] – Ransomware Victim: Gitlabs: Professional Computer, X-Pans, Propulsion Academy AG

January 30, 2025

Ransomware Group: FOG VICTIM NAME: Gitlabs: Professional Computer, X-Pans, Propulsion Academy AG NOTE: No files or stolen information are by...

CVE Alert: CVE-2024-7695

January 30, 2025

Vulnerability Summary: CVE-2024-7695 Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation,...

CVE Alert: CVE-2024-13696

January 30, 2025

Vulnerability Summary: CVE-2024-13696 The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable...

CVE Alert: CVE-2024-12749

January 30, 2025

Vulnerability Summary: CVE-2024-12749 The Competition Form WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it...

CVE Alert: CVE-2021-3978

January 30, 2025

Vulnerability Summary: CVE-2021-3978 When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries...

CVE Alert: CVE-2024-57965

January 30, 2025

Vulnerability Summary: CVE-2024-57965 In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has...

CVE Alert: CVE-2025-0617

January 30, 2025

Vulnerability Summary: CVE-2025-0617 An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the...

CVE Alert: CVE-2024-41140

January 30, 2025

Vulnerability Summary: CVE-2024-41140 Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update...

CVE Alert: CVE-2024-13561

January 30, 2025

Vulnerability Summary: CVE-2024-13561 The Target Video Easy Publish plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...

CVE Alert: CVE-2025-0762

January 30, 2025

Vulnerability Summary: CVE-2025-0762 Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially...

CVE Alert: CVE-2025-0353

January 30, 2025

Vulnerability Summary: CVE-2025-0353 The Divi Torque Lite – Best Divi Addon, Extensions, Modules & Social Modules plugin for WordPress is...

[MONTI] – Ransomware Victim: nenok[.]de

January 30, 2025

Ransomware Group: MONTI VICTIM NAME: nenokde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[PLAY] – Ransomware Victim: Night Hawk

January 30, 2025

Ransomware Group: PLAY VICTIM NAME: Night Hawk NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[CLOAK] – Ransomware Victim: Centromedicoenova

January 30, 2025

Ransomware Group: CLOAK VICTIM NAME: Centromedicoenova NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CISA: CISA Releases Eight Industrial Control Systems Advisories

January 30, 2025

CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These...

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

January 30, 2025

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware CISA released a fact sheet, , detailing an...

[AKIRA] – Ransomware Victim: Perfect Plastic

January 30, 2025

Ransomware Group: AKIRA VICTIM NAME: Perfect Plastic NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[QILIN] – Ransomware Victim: Ottawa Family Physicians

January 30, 2025

Ransomware Group: QILIN VICTIM NAME: Ottawa Family Physicians NOTE: No files or stolen information are by RedPacket Security. Any legal...

[AKIRA] – Ransomware Victim: Benuta

January 30, 2025

Ransomware Group: AKIRA VICTIM NAME: Benuta NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Year: 2025

CISA: CISA Releases Seven Industrial Control Systems Advisories

CISA: CISA Releases Eight Industrial Control Systems Advisories

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

[FOG] – Ransomware Victim: Gitlabs: Professional Computer, X-Pans, Propulsion Academy AG

CVE Alert: CVE-2024-7695

CVE Alert: CVE-2024-13696

CVE Alert: CVE-2024-12749

CVE Alert: CVE-2021-3978

CVE Alert: CVE-2024-57965

CVE Alert: CVE-2025-0617

CVE Alert: CVE-2024-41140

CVE Alert: CVE-2024-13561

CVE Alert: CVE-2025-0762

CVE Alert: CVE-2025-0353

[MONTI] – Ransomware Victim: nenok[.]de

[PLAY] – Ransomware Victim: Night Hawk

[CLOAK] – Ransomware Victim: Centromedicoenova

CISA: CISA Releases Eight Industrial Control Systems Advisories

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

[AKIRA] – Ransomware Victim: Perfect Plastic

[QILIN] – Ransomware Victim: Ottawa Family Physicians

[AKIRA] – Ransomware Victim: Benuta

CISA: Microsoft Releases January 2025 Security Updates

CISA: Fortinet Releases Security Updates for Multiple Products

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: Ivanti Releases Security Updates for Multiple Products

CISA: CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators

You may have missed