CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on March 6, 2025. These...
threatintel
CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog
CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CVE Alert: CVE-2025-1926
Vulnerability Summary: CVE-2025-1926 The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site...
CVE Alert: CVE-2024-43107
Vulnerability Summary: CVE-2024-43107 Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events)...
CVE Alert: CVE-2024-41724
Vulnerability Summary: CVE-2024-41724 Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the...
CVE Alert: CVE-2025-2133
Vulnerability Summary: CVE-2025-2133 A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown...
CVE Alert: CVE-2024-11638
Vulnerability Summary: CVE-2024-11638 The Gtbabel WordPress plugin before 6.6.9 does not ensure that the URL to perform code analysis upon...
CVE Alert: CVE-2025-27256
Vulnerability Summary: CVE-2025-27256 Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due...
CVE Alert: CVE-2025-27255
Vulnerability Summary: CVE-2025-27255 Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user...
CVE Alert: CVE-2025-2150
Vulnerability Summary: CVE-2025-2150 The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges...
CVE Alert: CVE-2025-27257
Vulnerability Summary: CVE-2025-27257 Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user...
CVE Alert: CVE-2025-27253
Vulnerability Summary: CVE-2025-27253 An improper input validation in GE Vernova UR IED family devices from version 7.0 up to 8.60...
[LYNX] – Ransomware Victim: Springfield Water and Sewer Commission
Ransomware Group: LYNX VICTIM NAME: Springfield Water and Sewer Commission NOTE: No files or stolen information are by RedPacket Security....
[LYNX] – Ransomware Victim: Longue Vue Club
Ransomware Group: LYNX VICTIM NAME: Longue Vue Club NOTE: No files or stolen information are by RedPacket Security. Any legal...
[LYNX] – Ransomware Victim: ciscientific[.]com[.]au
Ransomware Group: LYNX VICTIM NAME: ciscientificcomau NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[INCRANSOM] – Ransomware Victim: wmk-hvb[.]de
Ransomware Group: INCRANSOM VICTIM NAME: wmk-hvbde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[QILIN] – Ransomware Victim: Suder&Suder
Ransomware Group: QILIN VICTIM NAME: Suder&Suder NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[BABUK2] – Ransomware Victim: airexplore[.]aero Company
Ransomware Group: BABUK2 VICTIM NAME: airexploreaero Company NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[AKIRA] – Ransomware Victim: Veristat
Ransomware Group: AKIRA VICTIM NAME: Veristat NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: WAUGH & GOODWIN, LLP
Ransomware Group: AKIRA VICTIM NAME: WAUGH & GOODWIN, LLP NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Taking stock of February 2025
Ransomware Group: AKIRA VICTIM NAME: Taking stock of February 2025 NOTE: No files or stolen information are by RedPacket Security....
[FUNKSEC] – Ransomware Victim: Urgent Warning to University of Rennes – Negotiate Now!
Ransomware Group: FUNKSEC VICTIM NAME: Urgent Warning to University of Rennes – Negotiate Now! NOTE: No files or stolen information...
[FUNKSEC] – Ransomware Victim: France Universités
Ransomware Group: FUNKSEC VICTIM NAME: France Universités NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-24387
Vulnerability Summary: CVE-2025-24387 A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings...
