CVE Alert: CVE-2024-8553
Vulnerability Summary: CVE-2024-8553 A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an...
OSINT
CVE Alert: CVE-2024-48910
Vulnerability Summary: CVE-2024-48910 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to...
CVE Alert: CVE-2024-51259
Vulnerability Summary: CVE-2024-51259 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
[CACTUS] – Ransomware Victim: lsst[.]ac
Ransomware Group: CACTUS VICTIM NAME: lsstac NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RHYSIDA] – Ransomware Victim: Hope Valley Recovery
Ransomware Group: RHYSIDA VICTIM NAME: Hope Valley Recovery NOTE: No files or stolen information are by RedPacket Security. Any legal...
Cobalt Strike Beacon Detected – 121[.]40[.]69[.]150:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns
Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time...
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk...
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
CovenantC2 Detected – 195[.]7[.]5[.]233:7443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
CVE Alert: CVE-2024-51260
Vulnerability Summary: CVE-2024-51260 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-50354
Vulnerability Summary: CVE-2024-50354 gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0...
CVE Alert: CVE-2024-8185
Vulnerability Summary: CVE-2024-8185 Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service...
CVE Alert: CVE-2024-51255
Vulnerability Summary: CVE-2024-51255 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-51478
Vulnerability Summary: CVE-2024-51478 YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic...
CVE Alert: CVE-2024-50356
Vulnerability Summary: CVE-2024-50356 Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The...
CVE Alert: CVE-2024-10573
Vulnerability Summary: CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123...
CVE Alert: CVE-2024-51430
Vulnerability Summary: CVE-2024-51430 Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker...
CVE Alert: CVE-2024-7883
Vulnerability Summary: CVE-2024-7883 When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via...
CVE Alert: CVE-2024-51482
Vulnerability Summary: CVE-2024-51482 ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.*
[SPACEBEARS] – Ransomware Victim: MENZIES CNAC (Jardine Aviation Services)
Ransomware Group: SPACEBEARS VICTIM NAME: MENZIES CNAC (Jardine Aviation Services) NOTE: No files or stolen information are by RedPacket Security....
Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar
Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within...
CVE Alert: CVE-2024-10595
Vulnerability Summary: CVE-2024-10595 A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this...