CVE Alert: CVE-2024-49311
Vulnerability Summary: CVE-2024-49311 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WisdmLabs Edwiser Bridge...
CVE Alert: CVE-2024-49296
Vulnerability Summary: CVE-2024-49296 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Coder426 Custom Add...
CVE Alert: CVE-2024-49298
Vulnerability Summary: CVE-2024-49298 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pepro Dev. Group...
CVE Alert: CVE-2024-49309
Vulnerability Summary: CVE-2024-49309 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Digitally allows Reflected...
CVE Alert: CVE-2024-49310
Vulnerability Summary: CVE-2024-49310 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesflat Themesflat Addons...
[BLACKSUIT] – Ransomware Victim: Neighbors Credit Union
Ransomware Group: BLACKSUIT VICTIM NAME: Neighbors Credit Union NOTE: No files or stolen information are by RedPacket Security. Any legal...
[FOG] – Ransomware Victim: Fromm (FrommBeauty[.]com)
Ransomware Group: FOG VICTIM NAME: Fromm (FrommBeautycom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
HackerOne Bug Bounty Disclosure: race-condition-leads-to-add-more-than-email-at-data-breaches-monitor-system-at-hxxps-stage-firefoxmonitor-nonprod-cloudops-mozgcp-net-sushantd
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:sushantd19Link to Submitters Profile:https://hackerone.com/sushantd19 Report Title:Race condition leads to add more than...
HackerOne Bug Bounty Disclosure: paypal-cleient-id-and-stripe-api-key-indexed-on-web-arcive-ghaazy
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:ghaazyLink to Submitters Profile:https://hackerone.com/ghaazy Report Title:paypal cleient_id And stripe api key indexed...
HackerOne Bug Bounty Disclosure: unauthenticated-wordpress-database-repair-dos-wshadow
Company Name: WordPress Company HackerOne URL: https://hackerone.com/wordpress Submitted By:wshadowLink to Submitters Profile:https://hackerone.com/wshadow Report Title:Unauthenticated WordPress Database Repair DoSReport Link:https://hackerone.com/reports/2786591Date Submitted:18...
HackerOne Bug Bounty Disclosure: two-aws-access-key-and-secret-key-and-database-username-and-password-exposed-ghaazy
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:ghaazyLink to Submitters Profile:https://hackerone.com/ghaazy Report Title:two aws access key and secret key...
HackerOne Bug Bounty Disclosure: sentry-auth-token-exposed-publicly-in-docker-hub-image-ghaazy
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:ghaazyLink to Submitters Profile:https://hackerone.com/ghaazy Report Title:sentry Auth Token exposed publicly in docker...
[FOG] – Ransomware Victim: Ultra Tune (ultratune[.]com[.]au)
Ransomware Group: FOG VICTIM NAME: Ultra Tune (ultratunecomau) NOTE: No files or stolen information are by RedPacket Security. Any legal...
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual...
The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture
Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some...
CVE Alert: CVE-2024-49316
Vulnerability Summary: CVE-2024-49316 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in zodiac Akismet htaccess...
CVE Alert: CVE-2024-49307
Vulnerability Summary: CVE-2024-49307 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oliver Schlöbe Admin...
CVE Alert: CVE-2024-7755
Vulnerability Summary: CVE-2024-7755 The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present...
CVE Alert: CVE-2024-49308
Vulnerability Summary: CVE-2024-49308 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Toast Plugins Animator...
CVE Alert: CVE-2024-49319
Vulnerability Summary: CVE-2024-49319 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in B.M. Rafiul Alam...
CVE Alert: CVE-2024-49248
Vulnerability Summary: CVE-2024-49248 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Igor Funa Ad...
CVE Alert: CVE-2024-49263
Vulnerability Summary: CVE-2024-49263 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Takashi Matsuyama My...
CVE Alert: CVE-2024-49259
Vulnerability Summary: CVE-2024-49259 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Primary Addon...
CVE Alert: CVE-2024-49261
Vulnerability Summary: CVE-2024-49261 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LOOS,Inc. Arkhe Blocks...
