CVE Alert: CVE-2025-2133
Vulnerability Summary: CVE-2025-2133 A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown...
Month: March 2025
CVE Alert: CVE-2024-41724
Vulnerability Summary: CVE-2024-41724 Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the...
CVE Alert: CVE-2024-43107
Vulnerability Summary: CVE-2024-43107 Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events)...
CVE Alert: CVE-2025-1926
Vulnerability Summary: CVE-2025-1926 The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site...
CVE Alert: CVE-2025-27253
Vulnerability Summary: CVE-2025-27253 An improper input validation in GE Vernova UR IED family devices from version 7.0 up to 8.60...
CVE Alert: CVE-2025-27257
Vulnerability Summary: CVE-2025-27257 Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user...
CVE Alert: CVE-2025-2150
Vulnerability Summary: CVE-2025-2150 The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges...
CVE Alert: CVE-2025-27255
Vulnerability Summary: CVE-2025-27255 Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user...
CVE Alert: CVE-2025-27256
Vulnerability Summary: CVE-2025-27256 Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due...
[LYNX] – Ransomware Victim: Springfield Water and Sewer Commission
Ransomware Group: LYNX VICTIM NAME: Springfield Water and Sewer Commission NOTE: No files or stolen information are by RedPacket Security....
[LYNX] – Ransomware Victim: Longue Vue Club
Ransomware Group: LYNX VICTIM NAME: Longue Vue Club NOTE: No files or stolen information are by RedPacket Security. Any legal...
[QILIN] – Ransomware Victim: Suder&Suder
Ransomware Group: QILIN VICTIM NAME: Suder&Suder NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[INCRANSOM] – Ransomware Victim: wmk-hvb[.]de
Ransomware Group: INCRANSOM VICTIM NAME: wmk-hvbde NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LYNX] – Ransomware Victim: ciscientific[.]com[.]au
Ransomware Group: LYNX VICTIM NAME: ciscientificcomau NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[BABUK2] – Ransomware Victim: airexplore[.]aero Company
Ransomware Group: BABUK2 VICTIM NAME: airexploreaero Company NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[FUNKSEC] – Ransomware Victim: France Universités
Ransomware Group: FUNKSEC VICTIM NAME: France Universités NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[FUNKSEC] – Ransomware Victim: Urgent Warning to University of Rennes – Negotiate Now!
Ransomware Group: FUNKSEC VICTIM NAME: Urgent Warning to University of Rennes – Negotiate Now! NOTE: No files or stolen information...
[AKIRA] – Ransomware Victim: Taking stock of February 2025
Ransomware Group: AKIRA VICTIM NAME: Taking stock of February 2025 NOTE: No files or stolen information are by RedPacket Security....
[AKIRA] – Ransomware Victim: WAUGH & GOODWIN, LLP
Ransomware Group: AKIRA VICTIM NAME: WAUGH & GOODWIN, LLP NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Veristat
Ransomware Group: AKIRA VICTIM NAME: Veristat NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-13919
Vulnerability Summary: CVE-2024-13919 The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an...
CVE Alert: CVE-2024-13918
Vulnerability Summary: CVE-2024-13918 The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an...
CVE Alert: CVE-2025-27254
Vulnerability Summary: CVE-2025-27254 Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can...
CVE Alert: CVE-2025-24387
Vulnerability Summary: CVE-2025-24387 A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings...
