[FOG] – Ransomware Victim: Dorner (dorner-gmbh[.]de)
Ransomware Group: FOG VICTIM NAME: Dorner (dorner-gmbhde) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
OSINT
[RANSOMHUB] – Ransomware Victim: hanwhacimarron[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: hanwhacimarroncom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-45717
Vulnerability Summary: CVE-2024-45717 The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section...
CVE Alert: CVE-2024-11398
Vulnerability Summary: CVE-2024-11398 Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP reset functionality in...
CVE Alert: CVE-2023-6978
Vulnerability Summary: CVE-2023-6978 The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via...
CVE Alert: CVE-2023-52944
Vulnerability Summary: CVE-2023-52944 Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote...
CVE Alert: CVE-2024-11903
Vulnerability Summary: CVE-2024-11903 The WP eCards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ecard' shortcode...
CVE Alert: CVE-2024-11769
Vulnerability Summary: CVE-2024-11769 The Flower Delivery by Florist One plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
CVE Alert: CVE-2024-11293
Vulnerability Summary: CVE-2024-11293 The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction...
CVE Alert: CVE-2024-10664
Vulnerability Summary: CVE-2024-10664 The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to unauthorized...
CVE Alert: CVE-2024-5020
Vulnerability Summary: CVE-2024-5020 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library...
CVE Alert: CVE-2024-11466
Vulnerability Summary: CVE-2024-11466 The Intro Tour Tutorial DeepPresentation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab'...
CISA: Cisco Releases Security Updates for NX-OS Software
Cisco Releases Security Updates for NX-OS Software Cisco released security updates to address a vulnerability in Cisco NX-OS software. A...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 5, 2024. These...
CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...
CVE Alert: CVE-2024-11814
Vulnerability Summary: CVE-2024-11814 The Additional Custom Order Status for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via...
CVE Alert: CVE-2024-10567
Vulnerability Summary: CVE-2024-10567 The TI WooCommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of data due to a...
CVE Alert: CVE-2024-11880
Vulnerability Summary: CVE-2024-11880 The B Testimonial – testimonial plugin for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
CVE Alert: CVE-2024-10787
Vulnerability Summary: CVE-2024-10787 The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions...
CVE Alert: CVE-2024-11952
Vulnerability Summary: CVE-2024-11952 The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File...
CVE Alert: CVE-2024-8962
Vulnerability Summary: CVE-2024-8962 The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
CVE Alert: CVE-2024-54158
Vulnerability Summary: CVE-2024-54158 In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding Affected Endpoints:...
CVE Alert: CVE-2024-54153
Vulnerability Summary: CVE-2024-54153 In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter Affected Endpoints:...
CVE Alert: CVE-2024-11854
Vulnerability Summary: CVE-2024-11854 The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for WordPress is vulnerable to...
