[LYNX] – Ransomware Victim: nactarome[.]eu
Ransomware Group: LYNX VICTIM NAME: nactaromeeu NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Month: July 2025
[AKIRA] – Ransomware Victim: Wispone
Ransomware Group: AKIRA VICTIM NAME: Wispone NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-53743
Vulnerability Summary: CVE-2025-53743 Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not mask Applitools API keys displayed on the job...
CVE Alert: CVE-2025-7381
Vulnerability Summary: CVE-2025-7381 ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version...
CVE Alert: CVE-2025-53667
Vulnerability Summary: CVE-2025-53667 Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job...
CVE Alert: CVE-2025-53668
Vulnerability Summary: CVE-2025-53668 Jenkins VAddy Plugin 1.2.8 and earlier stores Vaddy API Auth Keys unencrypted in job config.xml files on...
CVE Alert: CVE-2025-53666
Vulnerability Summary: CVE-2025-53666 Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on...
CVE Alert: CVE-2025-53678
Vulnerability Summary: CVE-2025-53678 Jenkins User1st uTester Plugin 1.1 and earlier stores the uTester JWT token unencrypted in its global configuration...
CVE Alert: CVE-2025-53742
Vulnerability Summary: CVE-2025-53742 Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on...
CVE Alert: CVE-2025-53676
Vulnerability Summary: CVE-2025-53676 Jenkins Xooa Plugin 0.0.7 and earlier stores the Xooa Deployment Token unencrypted in its global configuration file...
CVE Alert: CVE-2025-53675
Vulnerability Summary: CVE-2025-53675 Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins...
CVE Alert: CVE-2025-53677
Vulnerability Summary: CVE-2025-53677 Jenkins Xooa Plugin 0.0.7 and earlier does not mask the Xooa Deployment Token on the global configuration...
[HANDALA] – Ransomware Victim: Yinon Magal
Ransomware Group: HANDALA VICTIM NAME: Yinon Magal NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Ubuntu Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in Ubuntu Linux Kernel. An attacker could exploit some of these vulnerabilities to trigger security restriction bypass, denial...
CVE Alert: CVE-2025-53548
Vulnerability Summary: CVE-2025-53548 Clerk helps developers build user management. Applications that use the verifyWebhook() helper to verify incoming Clerk webhooks...
CVE Alert: CVE-2025-44525
Vulnerability Summary: CVE-2025-44525 Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on...
CVE Alert: CVE-2025-36599
Vulnerability Summary: CVE-2025-36599 Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File...
CVE Alert: CVE-2025-53645
Vulnerability Summary: CVE-2025-53645 Zimbra Collaboration Suite (ZCS) before 9.0.0 Patch 46, 10.0.x before 10.0.15, and 10.1.x before 10.1.9 is vulnerable...
CVE Alert: CVE-2021-27961
Vulnerability Summary: CVE-2021-27961 evesys 7.1 (2152) through 8.0 (2202) allows Reflected XSS via the indexeva.php action parameter. Affected Endpoints: No...
CVE Alert: CVE-2025-6976
Vulnerability Summary: CVE-2025-6976 The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site...
CVE Alert: CVE-2025-6970
Vulnerability Summary: CVE-2025-6970 The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL...
CVE Alert: CVE-2025-6975
Vulnerability Summary: CVE-2025-6975 The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site...
CVE Alert: CVE-2025-53624
Vulnerability Summary: CVE-2025-53624 The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a...
CVE Alert: CVE-2025-52357
Vulnerability Summary: CVE-2025-52357 Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing...
