CVE Alert: CVE-2025-25614
Vulnerability Summary: CVE-2025-25614 Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal...
Month: March 2025
CVE Alert: CVE-2024-53307
Vulnerability Summary: CVE-2024-53307 A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to...
CVE Alert: CVE-2025-1296
Vulnerability Summary: CVE-2025-1296 Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and...
CVE Alert: CVE-2025-27615
Vulnerability Summary: CVE-2025-27615 umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The...
CVE Alert: CVE-2025-25306
Vulnerability Summary: CVE-2025-25306 Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate...
CVE Alert: CVE-2024-52812
Vulnerability Summary: CVE-2024-52812 LF Edge eKuiper is an internet-of-things data analytics and stream processing engine. Prior to version 2.0.8, auser...
CVE Alert: CVE-2025-27616
Vulnerability Summary: CVE-2025-27616 Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Prior to...
CVE Alert: CVE-2025-27925
Vulnerability Summary: CVE-2025-27925 Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input. Affected Endpoints: No affected...
CVE Alert: CVE-2025-27926
Vulnerability Summary: CVE-2025-27926 In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config)...
CVE Alert: CVE-2025-27924
Vulnerability Summary: CVE-2025-27924 Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to...
CVE Alert: CVE-2025-27610
Vulnerability Summary: CVE-2025-27610 Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12,...
[BABUK2] – Ransomware Victim: wapda[.]gov[.]pk By Babuk Locker 2[.]0
Ransomware Group: BABUK2 VICTIM NAME: wapdagovpk By Babuk Locker 20 NOTE: No files or stolen information are by RedPacket Security....
[BABUK2] – Ransomware Victim: lexmark[.]com Company
Ransomware Group: BABUK2 VICTIM NAME: lexmarkcom Company NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[BABUK2] – Ransomware Victim: fnde[.]gov[.]br brazilian government
Ransomware Group: BABUK2 VICTIM NAME: fndegovbr brazilian government NOTE: No files or stolen information are by RedPacket Security. Any legal...
[FUNKSEC] – Ransomware Victim: isee-eg[.]com
Ransomware Group: FUNKSEC VICTIM NAME: isee-egcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Copies Decline 80% Due to Enhanced Security Measures
The number of unauthorized Cobalt Strike copies has seen an impressive 80% drop thanks to intensified security efforts. Efforts to...
Cyber-Attack Reporting Mandate Introduced for Switzerland’s Critical Infrastructure
In Switzerland, operators of critical infrastructure will soon face legal obligations to report cyber-attacks, enhancing national cybersecurity measures. Operators of...
Texas Developer Sentenced for Intentional Computer Damage in Kill Switch Sabotage
A Texas developer faces a potential decade-long prison sentence after being convicted of intentional damage to protected computers at his...
Nation-State Hackers Threaten UK AI Research Progress
The UK AI research sector is increasingly at risk from nation-state hackers aiming to exploit groundbreaking advancements in artificial intelligence....
Malicious Software Packages Surge: Exploiting System Vulnerabilities
A significant surge in malicious software packages exploiting system vulnerabilities has raised alarm bells among cybersecurity experts. A rise in...
SIM Swapping Fraud in the Middle East: Tactics and Prevention
SIM swapping fraud is surging in the Middle East, revealing alarming strategies that cybercriminals employ to target victims. A surge...
[BABUK2] – Ransomware Victim: forvismazars[.]com[.]fr ( mazars[.]fr ) By Babuk Locker 2[.]0
Ransomware Group: BABUK2 VICTIM NAME: forvismazarscomfr ( mazarsfr ) By Babuk Locker 20 NOTE: No files or stolen information are...
[FOG] – Ransomware Victim: Wilkinson Rogers (wilkinsonrogers[.]com)
Ransomware Group: FOG VICTIM NAME: Wilkinson Rogers (wilkinsonrogerscom) NOTE: No files or stolen information are by RedPacket Security. Any legal...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
