CVE Alert: CVE-2024-12749
Vulnerability Summary: CVE-2024-12749 The Competition Form WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it...
CVE Alert: CVE-2021-3978
Vulnerability Summary: CVE-2021-3978 When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries...
CVE Alert: CVE-2024-57965
Vulnerability Summary: CVE-2024-57965 In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has...
CVE Alert: CVE-2025-0617
Vulnerability Summary: CVE-2025-0617 An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the...
CVE Alert: CVE-2024-41140
Vulnerability Summary: CVE-2024-41140 Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update...
CVE Alert: CVE-2024-13561
Vulnerability Summary: CVE-2024-13561 The Target Video Easy Publish plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE Alert: CVE-2025-0762
Vulnerability Summary: CVE-2025-0762 Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially...
CVE Alert: CVE-2025-0353
Vulnerability Summary: CVE-2025-0353 The Divi Torque Lite – Best Divi Addon, Extensions, Modules & Social Modules plugin for WordPress is...
[MONTI] – Ransomware Victim: nenok[.]de
Ransomware Group: MONTI VICTIM NAME: nenokde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[PLAY] – Ransomware Victim: Night Hawk
Ransomware Group: PLAY VICTIM NAME: Night Hawk NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[CLOAK] – Ransomware Victim: Centromedicoenova
Ransomware Group: CLOAK VICTIM NAME: Centromedicoenova NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These...
CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware CISA released a fact sheet, , detailing an...
[AKIRA] – Ransomware Victim: Perfect Plastic
Ransomware Group: AKIRA VICTIM NAME: Perfect Plastic NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[QILIN] – Ransomware Victim: Ottawa Family Physicians
Ransomware Group: QILIN VICTIM NAME: Ottawa Family Physicians NOTE: No files or stolen information are by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Benuta
Ransomware Group: AKIRA VICTIM NAME: Benuta NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[MONTI] – Ransomware Victim: FENSTERMAKER
Ransomware Group: MONTI VICTIM NAME: FENSTERMAKER NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-24374
Vulnerability Summary: CVE-2025-24374 Twig is a template language for PHP. When using the ?? operator, output escaping was missing for...
CVE Alert: CVE-2025-24792
Vulnerability Summary: CVE-2025-24792 Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects (PDO) extension to connect...
CVE Alert: CVE-2024-57439
Vulnerability Summary: CVE-2024-57439 An issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause...
CVE Alert: CVE-2023-37413
Vulnerability Summary: CVE-2023-37413 IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy....
CVE Alert: CVE-2024-57436
Vulnerability Summary: CVE-2024-57436 RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in...
CVE Alert: CVE-2025-24527
Vulnerability Summary: CVE-2025-24527 An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another...
CVE Alert: CVE-2023-35907
Vulnerability Summary: CVE-2023-35907 IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default,...
