threatintel

Cobalt Strike Beacon Detected – 39[.]105[.]8[.]82:12345

January 27, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2024-13370

January 26, 2025

Vulnerability Summary: CVE-2024-13370 The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress...

CVE Alert: CVE-2024-12113

January 26, 2025

Vulnerability Summary: CVE-2024-12113 The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress...

CVE Alert: CVE-2024-12076

January 26, 2025

Vulnerability Summary: CVE-2024-12076 The Target Video Easy Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...

CVE Alert: CVE-2024-12512

January 26, 2025

Vulnerability Summary: CVE-2024-12512 The Ask Me Anything (Anonymously) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...

CVE Alert: CVE-2024-11825

January 26, 2025

Vulnerability Summary: CVE-2024-11825 The Broadstreet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘zone’ parameter in all...

CVE Alert: CVE-2024-13368

January 26, 2025

Vulnerability Summary: CVE-2024-13368 The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress...

CVE Alert: CVE-2024-12817

January 26, 2025

Vulnerability Summary: CVE-2024-12817 The Etsy Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'product_link' shortcode...

CVE Alert: CVE-2024-12826

January 26, 2025

Vulnerability Summary: CVE-2024-12826 The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due...

CVE Alert: CVE-2024-12816

January 26, 2025

Vulnerability Summary: CVE-2024-12816 The NOTICE BOARD BY TOWKIR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...

CVE Alert: CVE-2024-12885

January 26, 2025

Vulnerability Summary: CVE-2024-12885 The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file...

[GDLOCKERSEC] – Ransomware Victim: www[.]fgse[.]cu[.]edu[.]eg

January 26, 2025

Ransomware Group: GDLOCKERSEC VICTIM NAME: wwwfgsecuedueg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[SPACEBEARS] – Ransomware Victim: Metro Wire & Cable

January 26, 2025

Ransomware Group: SPACEBEARS VICTIM NAME: Metro Wire & Cable NOTE: No files or stolen information are by RedPacket Security. Any...

[KILLSEC] – Ransomware Victim: Let’s Secure Insurance

January 26, 2025

Ransomware Group: KILLSEC VICTIM NAME: Let’s Secure Insurance NOTE: No files or stolen information are by RedPacket Security. Any legal...

[FUNKSEC] – Ransomware Victim: punjab[.]gov[.]in

January 26, 2025

Ransomware Group: FUNKSEC VICTIM NAME: punjabgovin NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-13441

January 26, 2025

Vulnerability Summary: CVE-2024-13441 The Bilingual Linker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the bl_otherlang_link_1 parameter in...

CVE Alert: CVE-2024-13550

January 26, 2025

Vulnerability Summary: CVE-2024-13550 The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and...

CVE Alert: CVE-2024-13548

January 26, 2025

Vulnerability Summary: CVE-2024-13548 The Power Ups for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...

CVE Alert: CVE-2024-13467

January 26, 2025

Vulnerability Summary: CVE-2024-13467 The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via...

CVE Alert: CVE-2024-13458

January 26, 2025

Vulnerability Summary: CVE-2024-13458 The WordPress SEO Friendly Accordion FAQ with AI assisted content generation plugin for WordPress is vulnerable to...

CVE Alert: CVE-2024-13599

January 26, 2025

Vulnerability Summary: CVE-2024-13599 The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all...

CVE Alert: CVE-2024-13551

January 26, 2025

Vulnerability Summary: CVE-2024-13551 The ABC Notation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'abcjs' shortcode...

CVE Alert: CVE-2024-13586

January 26, 2025

Vulnerability Summary: CVE-2024-13586 The Masy Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'justified-gallery' shortcode...

CVE Alert: CVE-2024-13450

January 26, 2025

Vulnerability Summary: CVE-2024-13450 The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom...

threatintel

Cobalt Strike Beacon Detected – 39[.]105[.]8[.]82:12345

CVE Alert: CVE-2024-13370

CVE Alert: CVE-2024-12113

CVE Alert: CVE-2024-12076

CVE Alert: CVE-2024-12512

CVE Alert: CVE-2024-11825

CVE Alert: CVE-2024-13368

CVE Alert: CVE-2024-12817

CVE Alert: CVE-2024-12826

CVE Alert: CVE-2024-12816

CVE Alert: CVE-2024-12885

[GDLOCKERSEC] – Ransomware Victim: www[.]fgse[.]cu[.]edu[.]eg

[SPACEBEARS] – Ransomware Victim: Metro Wire & Cable

[KILLSEC] – Ransomware Victim: Let’s Secure Insurance

[FUNKSEC] – Ransomware Victim: punjab[.]gov[.]in

CVE Alert: CVE-2024-13441

CVE Alert: CVE-2024-13550

CVE Alert: CVE-2024-13548

CVE Alert: CVE-2024-13467

CVE Alert: CVE-2024-13458

CVE Alert: CVE-2024-13599

CVE Alert: CVE-2024-13551

CVE Alert: CVE-2024-13586

CVE Alert: CVE-2024-13450

Bybit Offers $140 Million Bounty for Recovery of Stolen Cryptocurrency

UK Government Faces Backlash Over Disastrous Apple Encryption Decision

IT/OT Convergence: Addressing Cyber Incidents in Manufacturing

XSS Vulnerability in Essential Addons for Elementor: A Critical Alert

Quantum-Resistant Digital Signatures Now Available in Google Cloud KMS

You may have missed