Year: 2025

CVE Alert: CVE-2024-13648

February 22, 2025

Vulnerability Summary: CVE-2024-13648 The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint'...

CVE Alert: CVE-2024-13353

February 22, 2025

Vulnerability Summary: CVE-2024-13353 The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is...

CVE Alert: CVE-2024-13461

February 22, 2025

Vulnerability Summary: CVE-2024-13461 The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...

CVE Alert: CVE-2024-12452

February 22, 2025

Vulnerability Summary: CVE-2024-12452 The Ziggeo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ziggeo_event' shortcode in...

CVE Alert: CVE-2024-13455

February 22, 2025

Vulnerability Summary: CVE-2024-13455 The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'igumbi_calendar'...

CVE Alert: CVE-2025-1535

February 22, 2025

Vulnerability Summary: CVE-2025-1535 A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. It has been classified as critical....

CVE Alert: CVE-2024-12276

February 22, 2025

Vulnerability Summary: CVE-2024-12276 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for...

CVE Alert: CVE-2025-1402

February 22, 2025

Vulnerability Summary: CVE-2025-1402 The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to...

CVE Alert: CVE-2025-1489

February 22, 2025

Vulnerability Summary: CVE-2025-1489 The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's appbox shortcode in...

[MEDUSA] – Ransomware Victim: Benton Police Department

February 22, 2025

Ransomware Group: MEDUSA VICTIM NAME: Benton Police Department NOTE: No files or stolen information are by RedPacket Security. Any legal...

[MEDUSA] – Ransomware Victim: Metropolitan Borough of Gateshead

February 22, 2025

Ransomware Group: MEDUSA VICTIM NAME: Metropolitan Borough of Gateshead NOTE: No files or stolen information are by RedPacket Security. Any...

[MEDUSA] – Ransomware Victim: G&S Electric LLC

February 22, 2025

Ransomware Group: MEDUSA VICTIM NAME: G&S Electric LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...

[MEDUSA] – Ransomware Victim: Martin Energy Group Services

February 22, 2025

Ransomware Group: MEDUSA VICTIM NAME: Martin Energy Group Services NOTE: No files or stolen information are by RedPacket Security. Any...

[HUNTERS] – Ransomware Victim: CCOO Servicios

February 22, 2025

Ransomware Group: HUNTERS VICTIM NAME: CCOO Servicios NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[DRAGONFORCE] – Ransomware Victim: Tristram European

February 22, 2025

Ransomware Group: DRAGONFORCE VICTIM NAME: Tristram European NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[HUNTERS] – Ransomware Victim: SPEED Co

February 22, 2025

Ransomware Group: HUNTERS VICTIM NAME: SPEED Co NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[RHYSIDA] – Ransomware Victim: Peter Glenn Ski Sport

February 22, 2025

Ransomware Group: RHYSIDA VICTIM NAME: Peter Glenn Ski Sport NOTE: No files or stolen information are by RedPacket Security. Any...

CVE Alert: CVE-2024-13713

February 22, 2025

Vulnerability Summary: CVE-2024-13713 The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter...

CVE Alert: CVE-2024-13900

February 22, 2025

Vulnerability Summary: CVE-2024-13900 The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in all...

CVE Alert: CVE-2024-13846

February 22, 2025

Vulnerability Summary: CVE-2024-13846 The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’...

CVE Alert: CVE-2020-6158

February 22, 2025

Vulnerability Summary: CVE-2020-6158 Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The vulnerability...

CVE Alert: CVE-2025-26794

February 22, 2025

Vulnerability Summary: CVE-2025-26794 Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Affected...

CVE Alert: CVE-2025-1539

February 22, 2025

Vulnerability Summary: CVE-2025-1539 A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this...

CVE Alert: CVE-2024-10222

February 22, 2025

Vulnerability Summary: CVE-2024-10222 The SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in...

Year: 2025

CVE Alert: CVE-2024-13648

CVE Alert: CVE-2024-13353

CVE Alert: CVE-2024-13461

CVE Alert: CVE-2024-12452

CVE Alert: CVE-2024-13455

CVE Alert: CVE-2025-1535

CVE Alert: CVE-2024-12276

CVE Alert: CVE-2025-1402

CVE Alert: CVE-2025-1489

[MEDUSA] – Ransomware Victim: Benton Police Department

[MEDUSA] – Ransomware Victim: Metropolitan Borough of Gateshead

[MEDUSA] – Ransomware Victim: G&S Electric LLC

[MEDUSA] – Ransomware Victim: Martin Energy Group Services

[HUNTERS] – Ransomware Victim: CCOO Servicios

[DRAGONFORCE] – Ransomware Victim: Tristram European

[HUNTERS] – Ransomware Victim: SPEED Co

[RHYSIDA] – Ransomware Victim: Peter Glenn Ski Sport

CVE Alert: CVE-2024-13713

CVE Alert: CVE-2024-13900

CVE Alert: CVE-2024-13846

CVE Alert: CVE-2020-6158

CVE Alert: CVE-2025-26794

CVE Alert: CVE-2025-1539

CVE Alert: CVE-2024-10222

Cobalt Strike Beacon Detected – 111[.]229[.]187[.]190:9443

Cobalt Strike Beacon Detected – 43[.]138[.]0[.]179:9443

Cobalt Strike Beacon Detected – 113[.]45[.]232[.]73:9443

Cobalt Strike Beacon Detected – 1[.]95[.]0[.]62:8888

Cobalt Strike Beacon Detected – 47[.]109[.]201[.]173:8888

You may have missed