CVE Alert: CVE-2024-26271
Vulnerability Summary: CVE-2024-26271 Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and...
OSINT
CVE Alert: CVE-2024-43173
Vulnerability Summary: CVE-2024-43173 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the...
CVE Alert: CVE-2024-26272
Vulnerability Summary: CVE-2024-26272 Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and...
CVE Alert: CVE-2024-8980
Vulnerability Summary: CVE-2024-8980 The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA...
CVE Alert: CVE-2024-38002
Vulnerability Summary: CVE-2024-38002 The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through...
CVE Alert: CVE-2022-23861
Vulnerability Summary: CVE-2022-23861 Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in...
CVE Alert: CVE-2024-43177
Vulnerability Summary: CVE-2024-43177 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the...
CVE Alert: CVE-2022-23862
Vulnerability Summary: CVE-2022-23862 A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX...
[MEOW] – Ransomware Victim: By Design LLC
Ransomware Group: MEOW VICTIM NAME: By Design LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...
[INTERLOCK] – Ransomware Victim: Wayne County
Ransomware Group: INTERLOCK VICTIM NAME: Wayne County NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection
New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass...
[FOG] – Ransomware Victim: Goshen Central School District (gcsny[.]org)
Ransomware Group: FOG VICTIM NAME: Goshen Central School District (gcsnyorg) NOTE: No files or stolen information are by RedPacket Security....
[FOG] – Ransomware Victim: Mar-Bal (mar-bal[.]com)
Ransomware Group: FOG VICTIM NAME: Mar-Bal (mar-balcom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[MEOW] – Ransomware Victim: Youngs Timber Builders Merchants
Ransomware Group: MEOW VICTIM NAME: Youngs Timber Builders Merchants NOTE: No files or stolen information are by RedPacket Security. Any...
Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large
Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name...
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity...
CVE Alert: CVE-2024-48925
Vulnerability Summary: CVE-2024-48925 Umbraco, a free and open source .NET content management system, has an improper access control issue starting...
CVE Alert: CVE-2024-47819
Vulnerability Summary: CVE-2024-47819 Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in...
CVE Alert: CVE-2024-49373
Vulnerability Summary: CVE-2024-49373 No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1,...
CVE Alert: CVE-2024-46240
Vulnerability Summary: CVE-2024-46240 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact...
CVE Alert: CVE-2024-48605
Vulnerability Summary: CVE-2024-48605 An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the...
CVE Alert: CVE-2024-45518
Vulnerability Summary: CVE-2024-45518 An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch...
CVE Alert: CVE-2024-48926
Vulnerability Summary: CVE-2024-48926 Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in...
CVE Alert: CVE-2024-48927
Vulnerability Summary: CVE-2024-48927 Umbraco, a free and open source .NET content management system, has a remote code execution issue in...
