CVE Alert: CVE-2024-47831
Vulnerability Summary: CVE-2024-47831 Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x...
CVE Alert: CVE-2024-47885
Vulnerability Summary: CVE-2024-47885 The Astro web framework has a DOM Clobbering gadget in the client-side router starting in version 3.0.0...
CVE Alert: CVE-2024-46988
Vulnerability Summary: CVE-2024-46988 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...
CVE Alert: CVE-2024-6207
Vulnerability Summary: CVE-2024-6207 CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat...
CVE Alert: CVE-2024-35519
Vulnerability Summary: CVE-2024-35519 Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi...
CVE Alert: CVE-2024-48909
Vulnerability Summary: CVE-2024-48909 SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version...
CVE Alert: CVE-2024-35518
Vulnerability Summary: CVE-2024-35518 Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter. Affected Endpoints: No...
CVE Alert: CVE-2024-35520
Vulnerability Summary: CVE-2024-35520 Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter. Affected Endpoints: No affected...
CVE Alert: CVE-2024-30117
Vulnerability Summary: CVE-2024-30117 A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the...
[PLAY] – Ransomware Victim: OzarksGo
Ransomware Group: PLAY VICTIM NAME: OzarksGo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[PLAY] – Ransomware Victim: Byerly Aviation
Ransomware Group: PLAY VICTIM NAME: Byerly Aviation NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[PLAY] – Ransomware Victim: Nora Biscuits
Ransomware Group: PLAY VICTIM NAME: Nora Biscuits NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[PLAY] – Ransomware Victim: Rescar Companies
Ransomware Group: PLAY VICTIM NAME: Rescar Companies NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[PLAY] – Ransomware Victim: Concord
Ransomware Group: PLAY VICTIM NAME: Concord NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 193[.]164[.]155[.]250:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 4[.]234[.]110[.]221:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CISA: CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities
CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities Today, CISA and FBI released a Secure...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple released security updates to address vulnerabilities in multiple Apple products. A cyber...
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA Adds Five Known Exploited Vulnerabilities to Catalog CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on September 19, 2024. These...
CISA: Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance
Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance Ivanti has released a security update to address an admin...
CISA: Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means
Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means CISA continues to respond to active exploitation of internet-accessible operational technology...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server
VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server VMware released a security advisory addressing vulnerabilities in the...
