[QILIN] – Ransomware Victim: ZEF’s
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
Year: 2025
[SINOBI] – Ransomware Victim: Newmark Healthcare Services
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[THEGENTLEMEN] – Ransomware Victim: ICET Studios
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[RHYSIDA] – Ransomware Victim: Tex-Tube
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[PLAY] – Ransomware Victim: Cellucap Manufacturing
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[SINOBI] – Ransomware Victim: Core Resources Inc (CRI)
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[PLAY] – Ransomware Victim: Royal Thai
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[PLAY] – Ransomware Victim: Legacy Manufacturing
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
BugCrowd Bug Bounty Disclosure: P4 – Sensitive NASA Jira & Employee Data Exposure via Public JSFiddle –
Sensitive NASA Jira & Employee Data Exposure via Public JSFiddle Sensitive NASA Jira & Employee Data Exposure via Public JSFiddle...
BugCrowd Bug Bounty Disclosure: P4 – Publicly editable Google Slides linked from nasa.gov enables unauthorized content modification (content integrity & brand abuse risk – Epenetus-Matias-Putra
Publicly editable Google Slides linked from nasa.gov enables unauthorized content modification (content integrity & brand abuse risk Publicly editable Google...
BugCrowd Bug Bounty Disclosure: P4 – open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ – uko3211
open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ Researcher: uko3211 Engagement: National Aeronautics and Space Administration...
BugCrowd Bug Bounty Disclosure: P5 – internal IP Disclosure via Public DNS Record (blue.guest.hq.nasa.gov) – Theekshana_kusal
internal IP Disclosure via Public DNS Record (blue.guest.hq.nasa.gov) internal IP Disclosure via Public DNS Record (blue.guest.hq.nasa.gov) Researcher: Theekshana_kusal Engagement: National...
BugCrowd Bug Bounty Disclosure: P5 – Directory Listing Vulnerability – Vinit06
Directory Listing Vulnerability Directory Listing Vulnerability Researcher: Vinit06 Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program Disclosed...
Adobe Monthly Security Update (August 2025)
Adobe has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)Adobe Commerce Medium RiskDenial of Service Elevation of...
CVE Alert: CVE-2025-54479 – F5 – BIG-IP
CVE-2025-54479 HIGHNo exploitation known When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile,...
CVE Alert: CVE-2025-54854 – F5 – BIG-IP
CVE-2025-54854 HIGHNo exploitation known When a BIG-IP APM OAuth access profile (Resource Server or Resource Client) is configured on a...
CVE Alert: CVE-2025-54858 – F5 – BIG-IP
CVE-2025-54858 HIGHNo exploitation known When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content...
CVE Alert: CVE-2025-53868 – F5 – BIG-IP
CVE-2025-53868 HIGHNo exploitation known When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP...
Dgx Spark, Nvidia’s Tiniest Supercomputer, Tackles Large Models At Solid Speeds
hands on Nvidia bills its long-anticipated DGX Spark as the "world's smallest AI supercomputer," and, at $3,000 to $4,000 (depending...
Hello Cake – 22,907 breached accounts
HIBP In July 2025, the sexual healthcare product maker Hello Cake suffered a data breach. The data was subsequently posted...
Prosper – 17,605,276 breached accounts
HIBP In September 2025, Prosper announced that it had detected unauthorised access to their systems, which resulted in the exposure...
CVE Alert: CVE-2025-46706 – F5 – BIG-IP
CVE-2025-46706 HIGHNo exploitation known When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can...
CVE Alert: CVE-2025-53474 – F5 – BIG-IP
CVE-2025-53474 HIGHNo exploitation known When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause...
CVE Alert: CVE-2025-48008 – F5 – BIG-IP
CVE-2025-48008 HIGHNo exploitation known When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed...
