Cobalt Strike Beacon Detected – 47[.]238[.]140[.]204:5544
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: April 2025
Cobalt Strike Beacon Detected – 103[.]100[.]209[.]109:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 117[.]72[.]74[.]85:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 185[.]243[.]96[.]104:5556
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 175[.]27[.]137[.]222:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CovenantC2 Detected – 60[.]17[.]15[.]218:7443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
[BLACKSUIT] – Ransomware Victim: The Fortune Society
Ransomware Group: BLACKSUIT VICTIM NAME: The Fortune Society NOTE: No files or stolen information are by RedPacket Security. Any legal...
[BLACKSUIT] – Ransomware Victim: Pacific Metallurgical
Ransomware Group: BLACKSUIT VICTIM NAME: Pacific Metallurgical NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-1048
Vulnerability Summary: CVE-2025-1048 Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-1049
Vulnerability Summary: CVE-2025-1049 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-46394
Vulnerability Summary: CVE-2025-46394 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through...
CVE Alert: CVE-2025-1047
Vulnerability Summary: CVE-2025-1047 Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote...
CVE Alert: CVE-2025-45429
Vulnerability Summary: CVE-2025-45429 In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart,...
CVE Alert: CVE-2025-1045
Vulnerability Summary: CVE-2025-1045 Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote...
CVE Alert: CVE-2025-1046
Vulnerability Summary: CVE-2025-1046 Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-1522
Vulnerability Summary: CVE-2025-1522 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information...
CVE Alert: CVE-2025-1520
Vulnerability Summary: CVE-2025-1520 PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-1521
Vulnerability Summary: CVE-2025-1521 PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information...
[AKIRA] – Ransomware Victim: Dress To
Ransomware Group: AKIRA VICTIM NAME: Dress To NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-ssm-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the ssm...
HackerOne Bug Bounty Disclosure: privilege-escalation-in-edit-and-create-secret-endpoints-leads-to-unauthorized-secret-modification–xsom-a
Company Name: Dust Company HackerOne URL: https://hackerone.com/dust Submitted By:0xsom3aLink to Submitters Profile:https://hackerone.com/0xsom3a Report Title:Privilege Escalation in Edit and Create Secret...
[AKIRA] – Ransomware Victim: Fogelman Management Group
Ransomware Group: AKIRA VICTIM NAME: Fogelman Management Group NOTE: No files or stolen information are by RedPacket Security. Any legal...
[LYNX] – Ransomware Victim: end2endtechnologies
Ransomware Group: LYNX VICTIM NAME: end2endtechnologies NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: Oversea Casing
Ransomware Group: AKIRA VICTIM NAME: Oversea Casing NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
