CVE Alert: CVE-2024-46980
Vulnerability Summary: CVE-2024-46980 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...
threatintel
CVE Alert: CVE-2024-45740
Vulnerability Summary: CVE-2024-45740 In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged...
CVE Alert: CVE-2024-45741
Vulnerability Summary: CVE-2024-45741 In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205,...
WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites
The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow...
Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates
Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates....
CVE Alert: CVE-2024-47831
Vulnerability Summary: CVE-2024-47831 Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x...
CVE Alert: CVE-2024-47766
Vulnerability Summary: CVE-2024-47766 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...
CVE Alert: CVE-2024-6207
Vulnerability Summary: CVE-2024-6207 CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat...
CVE Alert: CVE-2024-46988
Vulnerability Summary: CVE-2024-46988 Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap...
CVE Alert: CVE-2024-47885
Vulnerability Summary: CVE-2024-47885 The Astro web framework has a DOM Clobbering gadget in the client-side router starting in version 3.0.0...
CVE Alert: CVE-2024-30117
Vulnerability Summary: CVE-2024-30117 A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the...
CVE Alert: CVE-2024-35520
Vulnerability Summary: CVE-2024-35520 Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter. Affected Endpoints: No affected...
CVE Alert: CVE-2024-35518
Vulnerability Summary: CVE-2024-35518 Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter. Affected Endpoints: No...
CVE Alert: CVE-2024-48909
Vulnerability Summary: CVE-2024-48909 SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version...
CVE Alert: CVE-2024-35519
Vulnerability Summary: CVE-2024-35519 Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi...
[PLAY] – Ransomware Victim: OzarksGo
Ransomware Group: PLAY VICTIM NAME: OzarksGo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[PLAY] – Ransomware Victim: Concord
Ransomware Group: PLAY VICTIM NAME: Concord NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[PLAY] – Ransomware Victim: Rescar Companies
Ransomware Group: PLAY VICTIM NAME: Rescar Companies NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[PLAY] – Ransomware Victim: Nora Biscuits
Ransomware Group: PLAY VICTIM NAME: Nora Biscuits NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[PLAY] – Ransomware Victim: Byerly Aviation
Ransomware Group: PLAY VICTIM NAME: Byerly Aviation NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Cobalt Strike Beacon Detected – 4[.]234[.]110[.]221:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 193[.]164[.]155[.]250:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CISA: CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities
CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities Today, CISA and FBI released a Secure...
CISA: Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance
Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance Ivanti has released a security update to address an admin...
