OSINT

CVE Alert: CVE-2024-54840

February 4, 2025

Vulnerability Summary: CVE-2024-54840 PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address...

CVE Alert: CVE-2024-56161

February 4, 2025

Vulnerability Summary: CVE-2024-56161 Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator...

CVE Alert: CVE-2024-57967

February 4, 2025

Vulnerability Summary: CVE-2024-57967 PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 has potentially elevated privileges...

CVE Alert: CVE-2024-12510

February 4, 2025

Vulnerability Summary: CVE-2024-12510 If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires...

CVE Alert: CVE-2024-57175

February 4, 2025

Vulnerability Summary: CVE-2024-57175 A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via...

CVE Alert: CVE-2024-12859

February 4, 2025

Vulnerability Summary: CVE-2024-12859 The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up...

CVE Alert: CVE-2024-12511

February 4, 2025

Vulnerability Summary: CVE-2024-12511 With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires...

CVE Alert: CVE-2024-11134

February 4, 2025

Vulnerability Summary: CVE-2024-11134 The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability...

CVE Alert: CVE-2024-11133

February 4, 2025

Vulnerability Summary: CVE-2024-11133 The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability...

CVE Alert: CVE-2024-11132

February 4, 2025

Vulnerability Summary: CVE-2024-11132 The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to,...

[CACTUS] – Ransomware Victim: cornwelltools[.]com

February 4, 2025

Ransomware Group: CACTUS VICTIM NAME: cornwelltoolscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[CACTUS] – Ransomware Victim: rashtiandrashti[.]com

February 4, 2025

Ransomware Group: CACTUS VICTIM NAME: rashtiandrashticom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: gaheritagefcu[.]org

February 4, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: gaheritagefcuorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: heartlandrvs[.]com

February 4, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: heartlandrvscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: alojaimi[.]com

February 4, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: alojaimicom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]aswgr[.]com

February 4, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwaswgrcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-57968

February 4, 2025

Vulnerability Summary: CVE-2024-57968 Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that...

CVE Alert: CVE-2024-56946

February 4, 2025

Vulnerability Summary: CVE-2024-56946 Denial of service in DNS-over-QUIC in Technitium DNS Server

CVE Alert: CVE-2025-25181

February 4, 2025

Vulnerability Summary: CVE-2025-25181 A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary...

CVE Alert: CVE-2024-57097

February 4, 2025

Vulnerability Summary: CVE-2024-57097 ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php. Affected Endpoints: No affected endpoints listed....

CVE Alert: CVE-2025-24960

February 4, 2025

Vulnerability Summary: CVE-2025-24960 Jellystat is a free and open source Statistics App for Jellyfin. In affected versions Jellystat is directly...

CVE Alert: CVE-2025-0148

February 4, 2025

Vulnerability Summary: CVE-2025-0148 Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated...

CVE Alert: CVE-2025-24029

February 4, 2025

Vulnerability Summary: CVE-2025-24029 Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous...

CVE Alert: CVE-2025-22129

February 4, 2025

Vulnerability Summary: CVE-2025-22129 Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions...

OSINT

CVE Alert: CVE-2024-54840

CVE Alert: CVE-2024-56161

CVE Alert: CVE-2024-57967

CVE Alert: CVE-2024-12510

CVE Alert: CVE-2024-57175

CVE Alert: CVE-2024-12859

CVE Alert: CVE-2024-12511

CVE Alert: CVE-2024-11134

CVE Alert: CVE-2024-11133

CVE Alert: CVE-2024-11132

[CACTUS] – Ransomware Victim: cornwelltools[.]com

[CACTUS] – Ransomware Victim: rashtiandrashti[.]com

[RANSOMHUB] – Ransomware Victim: gaheritagefcu[.]org

[RANSOMHUB] – Ransomware Victim: heartlandrvs[.]com

[RANSOMHUB] – Ransomware Victim: alojaimi[.]com

[RANSOMHUB] – Ransomware Victim: www[.]aswgr[.]com

CVE Alert: CVE-2024-57968

CVE Alert: CVE-2024-56946

CVE Alert: CVE-2025-25181

CVE Alert: CVE-2024-57097

CVE Alert: CVE-2025-24960

CVE Alert: CVE-2025-0148

CVE Alert: CVE-2025-24029

CVE Alert: CVE-2025-22129

[RANSOMHUB] – Ransomware Victim: steveallcorn[.]remax[.]com

[RANSOMHUB] – Ransomware Victim: alderconstruction[.]com

[FLOCKER] – Ransomware Victim: E*******s[.]gov[.]zm

[QILIN] – Ransomware Victim: Quality Home Health Care

[RANSOMHUB] – Ransomware Victim: columbiacabinets[.]com

You may have missed