threatintel

CISA: Ivanti Releases Security Updates for Multiple Products

January 29, 2025

Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Avalanche, Ivanti Application Control...

CISA: CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet

January 29, 2025

CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet Today, CISA released the JCDC AI Cybersecurity Collaboration Playbook...

CISA: Adobe Releases Security Updates for Multiple Products

January 29, 2025

Adobe Releases Security Updates for Multiple Products Adobe released security updates to address vulnerabilities in multiple Adobe software products including...

CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices

January 29, 2025

CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 29, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Releases Twelve Industrial Control Systems Advisories

January 29, 2025

CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 16, 2025. These...

CISA: CISA Releases Three Industrial Control Systems Advisories

January 29, 2025

CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...

CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap

January 29, 2025

CISA and Partners Release Call to Action to Close the National Software Understanding Gap Today, CISA—in partnership with the Defense Advanced...

CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

January 29, 2025

CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications CISA, in partnership with...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 29, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 29, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Releases Six Industrial Control Systems Advisories

January 29, 2025

CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...

CISA: CISA Releases Seven Industrial Control Systems Advisories

January 29, 2025

CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on January 28, 2025. These...

[MONTI] – Ransomware Victim: Acoustiblok

January 28, 2025

Ransomware Group: MONTI VICTIM NAME: Acoustiblok NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[MONTI] – Ransomware Victim: BBLAWFIRM

January 28, 2025

Ransomware Group: MONTI VICTIM NAME: BBLAWFIRM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[MONTI] – Ransomware Victim: metalurgica roma

January 28, 2025

Ransomware Group: MONTI VICTIM NAME: metalurgica roma NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[FUNKSEC] – Ransomware Victim: tsmx[.]net[.]br

January 28, 2025

Ransomware Group: FUNKSEC VICTIM NAME: tsmxnetbr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2025-24653

January 28, 2025

Vulnerability Summary: CVE-2025-24653 Missing Authorization vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Exploiting Incorrectly Configured Access Control...

CVE Alert: CVE-2025-24667

January 28, 2025

Vulnerability Summary: CVE-2025-24667 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eniture Technology Small...

CVE Alert: CVE-2025-24665

January 28, 2025

Vulnerability Summary: CVE-2025-24665 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eniture Technology Small...

CVE Alert: CVE-2025-24662

January 28, 2025

Vulnerability Summary: CVE-2025-24662 Missing Authorization vulnerability in NotFound LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...

CVE Alert: CVE-2025-24743

January 28, 2025

Vulnerability Summary: CVE-2025-24743 Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor. This issue affects RomethemeKit For Elementor: from n/a through...

CVE Alert: CVE-2025-24742

January 28, 2025

Vulnerability Summary: CVE-2025-24742 Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps. This...

CVE Alert: CVE-2025-24741

January 28, 2025

Vulnerability Summary: CVE-2025-24741 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KB Support KB Support. This issue affects KB...

threatintel

CISA: Ivanti Releases Security Updates for Multiple Products

CISA: CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet

CISA: Adobe Releases Security Updates for Multiple Products

CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Twelve Industrial Control Systems Advisories

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap

CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Six Industrial Control Systems Advisories

CISA: CISA Releases Seven Industrial Control Systems Advisories

[MONTI] – Ransomware Victim: Acoustiblok

[MONTI] – Ransomware Victim: BBLAWFIRM

[MONTI] – Ransomware Victim: metalurgica roma

[FUNKSEC] – Ransomware Victim: tsmx[.]net[.]br

CVE Alert: CVE-2025-24653

CVE Alert: CVE-2025-24667

CVE Alert: CVE-2025-24665

CVE Alert: CVE-2025-24662

CVE Alert: CVE-2025-24743

CVE Alert: CVE-2025-24742

CVE Alert: CVE-2025-24741

[CACTUS] – Ransomware Victim: electrocraft[.]com

[CACTUS] – Ransomware Victim: associatedasset[.]com

[CACTUS] – Ransomware Victim: pace-usa[.]com

[LYNX] – Ransomware Victim: Stürmer Maschinen

[CACTUS] – Ransomware Victim: steelwarehouse[.]com

You may have missed