CVE Alert: CVE-2025-46528
Vulnerability Summary: CVE-2025-46528 Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar:...
Year: 2025
CVE Alert: CVE-2025-46538
Vulnerability Summary: CVE-2025-46538 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webplanetsoft Inline Text Popup allows...
CVE Alert: CVE-2025-43858
Vulnerability Summary: CVE-2025-43858 YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4...
CVE Alert: CVE-2024-30114
Vulnerability Summary: CVE-2024-30114 Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment. Affected Endpoints: No affected...
CVE Alert: CVE-2025-46540
Vulnerability Summary: CVE-2025-46540 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Mok GNA Search Shortcode...
CVE Alert: CVE-2025-43859
Vulnerability Summary: CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of...
[INTERLOCK] – Ransomware Victim: Madison School District Schools
Ransomware Group: INTERLOCK VICTIM NAME: Madison School District Schools NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Cohn Lifland Pearlman Herrmann and Knopf
Ransomware Group: AKIRA VICTIM NAME: Cohn Lifland Pearlman Herrmann and Knopf NOTE: No files or stolen information are by RedPacket...
[AKIRA] – Ransomware Victim: Santa Cruz Properties
Ransomware Group: AKIRA VICTIM NAME: Santa Cruz Properties NOTE: No files or stolen information are by RedPacket Security. Any legal...
[DEVMAN] – Ransomware Victim: EU victim
Ransomware Group: DEVMAN VICTIM NAME: EU victim NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[INTERLOCK] – Ransomware Victim: DaVita
Ransomware Group: INTERLOCK VICTIM NAME: DaVita NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
PEGASUS-NEO – A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More
____ _ _ | _ \ ___ __ _ __ _ ___ _ _ ___| \ | | | |_)...
CVE Alert: CVE-2023-37534
Vulnerability Summary: CVE-2023-37534 Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters. Affected Endpoints: No affected...
CVE Alert: CVE-2025-31324
Vulnerability Summary: CVE-2025-31324 SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to...
CVE Alert: CVE-2024-30113
Vulnerability Summary: CVE-2024-30113 Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML...
CVE Alert: CVE-2023-45720
Vulnerability Summary: CVE-2023-45720 Insufficient default configuration in HCL Leap allows anonymous access to directory information. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2024-30147
Vulnerability Summary: CVE-2024-30147 Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications. Affected...
CVE Alert: CVE-2022-44759
Vulnerability Summary: CVE-2022-44759 Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications. Affected Endpoints:...
CVE Alert: CVE-2022-44760
Vulnerability Summary: CVE-2022-44760 Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications....
Try Hack Me: Fixit Splunk Walkthrough
FIXIT Challenge: ADHD-Friendly Walkthrough for SOC-L2 Hopefuls Welcome to the FIXIT Splunk challenge! This is the final SOC Level 2...
Who Needs Phishing When Your Login’s Already In The Wild?
Criminals used stolen credentials more frequently than email phishing to gain access into their victims' IT systems last year, marking...
Blue Shield Says It Shared Health Info On Up To 4.7m Patients With Google Ads
US health insurance giant Blue Shield of California handed sensitive health information belonging to as many as 4.7 million members...
Booby Trapped Alpine Quest Android App Geolocates Russian Soldiers
Russian soldiers are being targeted with an Android app specially altered to pinpoint their location and scan their phones for...
America’s Cyber Defenses Are Being Dismantled From The Inside
Opinion We almost lost the Common Vulnerabilities and Exposures (CVE) database system, but that's only the tip of the iceberg...
