[SPACEBEARS] – Ransomware Victim: PINELAND BHDD COMMUNITY SERVICES
Ransomware Group: SPACEBEARS VICTIM NAME: PINELAND BHDD COMMUNITY SERVICES NOTE: No files or stolen information are by RedPacket Security. Any...
Cisco ClamAV Denial of Service Vulnerability
A vulnerability was identified in Cisco ClamAV. A remote attacker could exploit this vulnerability to trigger denial of service condition...
CVE Alert: CVE-2025-23949
Vulnerability Summary: CVE-2025-23949 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mihajlovic...
CVE Alert: CVE-2025-23966
Vulnerability Summary: CVE-2025-23966 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlaFalaki a Gateway for Pasargad...
CVE Alert: CVE-2025-23959
Vulnerability Summary: CVE-2025-23959 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linus Lundahl Good Old Gallery...
CVE Alert: CVE-2025-23953
Vulnerability Summary: CVE-2025-23953 Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files allows Upload a Web...
CVE Alert: CVE-2025-23948
Vulnerability Summary: CVE-2025-23948 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebArea...
CVE Alert: CVE-2025-23944
Vulnerability Summary: CVE-2025-23944 Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a...
CVE Alert: CVE-2025-23942
Vulnerability Summary: CVE-2025-23942 Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows Upload a Web...
CVE Alert: CVE-2025-24027
Vulnerability Summary: CVE-2025-24027 ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions...
CVE Alert: CVE-2025-0638
Vulnerability Summary: CVE-2025-0638 The initial code parsing the manifest did not check the content of the file names yet later...
CVE Alert: CVE-2024-31903
Vulnerability Summary: CVE-2024-31903 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on...
CVE Alert: CVE-2025-23809
Vulnerability Summary: CVE-2025-23809 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Blue Wrench Video Widget...
CVE Alert: CVE-2025-23914
Vulnerability Summary: CVE-2025-23914 Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows Object Injection. This issue affects...
CVE Alert: CVE-2025-20156
Vulnerability Summary: CVE-2025-20156 A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with...
CVE Alert: CVE-2025-23992
Vulnerability Summary: CVE-2025-23992 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leetoo Toocheke Companion allows Stored...
CVE Alert: CVE-2025-20128
Vulnerability Summary: CVE-2025-20128 A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an...
CVE Alert: CVE-2025-20165
Vulnerability Summary: CVE-2025-20165 A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to...
CVE Alert: CVE-2025-23047
Vulnerability Summary: CVE-2025-23047 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default `Access-Control-Allow-Origin` header...
CVE Alert: CVE-2025-23028
Vulnerability Summary: CVE-2025-23028 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability...
CVE Alert: CVE-2024-51457
Vulnerability Summary: CVE-2024-51457 IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 is vulnerable to...
CVE Alert: CVE-2024-12477
Vulnerability Summary: CVE-2024-12477 The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in...
Frame & Optic – 15,678 breached accounts
HIBP In January 2025, the eyewear seller Frame & Optic suffered a data breach. The incident exposed almost 16k unique...
Welhof – 107,292 breached accounts
HIBP In August 2024, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email...
