CVE Alert: CVE-2025-25015
Vulnerability Summary: CVE-2025-25015 Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted...
Month: March 2025
CVE Alert: CVE-2025-0956
Vulnerability Summary: CVE-2025-0956 The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection in all versions...
CVE Alert: CVE-2024-11153
Vulnerability Summary: CVE-2024-11153 The Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More plugin...
CVE Alert: CVE-2024-12650
Vulnerability Summary: CVE-2024-12650 An attacker with low privileges can manipulate the requested memory size, causing the application to use an...
CVE Alert: CVE-2024-13423
Vulnerability Summary: CVE-2024-13423 The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check...
CVE Alert: CVE-2024-11951
Vulnerability Summary: CVE-2024-11951 The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
CVE Alert: CVE-2024-12281
Vulnerability Summary: CVE-2024-12281 The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including,...
CVE Alert: CVE-2025-1702
Vulnerability Summary: CVE-2025-1702 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for...
[QILIN] – Ransomware Victim: Ministry of Foreign Affairs of Ukraine
Ransomware Group: QILIN VICTIM NAME: Ministry of Foreign Affairs of Ukraine NOTE: No files or stolen information are by RedPacket...
[FOG] – Ransomware Victim: Oberlin Cable Co-op (oberlin[.]net)
Ransomware Group: FOG VICTIM NAME: Oberlin Cable Co-op (oberlinnet) NOTE: No files or stolen information are by RedPacket Security. Any...
Cobalt Strike Beacon Detected – 162[.]128[.]74[.]109:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 120[.]24[.]62[.]81:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 162[.]128[.]74[.]109:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 156[.]245[.]28[.]97:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 23[.]27[.]48[.]179:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 139[.]59[.]182[.]127:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 190[.]54[.]3[.]244:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 190[.]54[.]3[.]244:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-1463
Vulnerability Summary: CVE-2025-1463 The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,...
CVE Alert: CVE-2024-13471
Vulnerability Summary: CVE-2024-13471 The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a...
CVE Alert: CVE-2024-11216
Vulnerability Summary: CVE-2024-11216 Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK...
CVE Alert: CVE-2024-12097
Vulnerability Summary: CVE-2024-12097 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Boceksoft Informatics E-Travel...
CVE Alert: CVE-2024-13147
Vulnerability Summary: CVE-2024-13147 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Merkur Software B2B...
CVE Alert: CVE-2025-22212
Vulnerability Summary: CVE-2025-22212 A SQL injection vulnerability in the ConvertForms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers...
