RedPacket Security - InfoSec News & Tutorials

CVE Alert: CVE-2025-51464

July 23, 2025

Vulnerability Summary: CVE-2025-51464 Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers...

CVE Alert: CVE-2025-48964

July 23, 2025

Vulnerability Summary: CVE-2025-48964 ping in iputils through 20240905 allows a denial of service (application error in adaptive ping mode or...

[PLAY] – Ransomware Victim: DA Whitacre Construction

July 23, 2025

Ransomware Group: PLAY VICTIM NAME: DA Whitacre Construction NOTE: No files or stolen information are by RedPacket Security. Any legal...

[PLAY] – Ransomware Victim: Ka Logistics

July 23, 2025

Ransomware Group: PLAY VICTIM NAME: Ka Logistics NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[SARCOMA] – Ransomware Victim: Sanderling Healthcare

July 23, 2025

Ransomware Group: SARCOMA VICTIM NAME: Sanderling Healthcare NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[QILIN] – Ransomware Victim: www[.]balkankalip[.]com

July 23, 2025

Ransomware Group: QILIN VICTIM NAME: wwwbalkankalipcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CovenantC2 Detected – 209[.]141[.]47[.]199:7443

July 23, 2025

The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...

CVE Alert: CVE-2025-51471

July 23, 2025

Vulnerability Summary: CVE-2025-51471 Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass...

CVE Alert: CVE-2025-51479

July 23, 2025

Vulnerability Summary: CVE-2025-51479 Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary...

CVE Alert: CVE-2025-31512

July 23, 2025

Vulnerability Summary: CVE-2025-31512 An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a...

CVE Alert: CVE-2025-31511

July 23, 2025

Vulnerability Summary: CVE-2025-31511 An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval by changing the user...

CVE Alert: CVE-2025-51459

July 23, 2025

Vulnerability Summary: CVE-2025-51459 File Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary code via...

Vulnerability Summary: CVE-2025-51475 Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files...

CVE Alert: CVE-2025-51462

July 23, 2025

Vulnerability Summary: CVE-2025-51462 Stored Cross-site Scripting (XSS) vulnerability in api.apps.dialog_app.set_dialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript...

CVE Alert: CVE-2025-51458

July 23, 2025

Vulnerability Summary: CVE-2025-51458 SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL...

CVE Alert: CVE-2025-51472

July 23, 2025

Vulnerability Summary: CVE-2025-51472 Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via...

CVE Alert: CVE-2025-31513

July 23, 2025

Vulnerability Summary: CVE-2025-31513 An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover...

Microsoft Monthly Security Update (July 2025)

July 23, 2025

Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesWindows Medium RiskInformation Disclosure Spoofing Elevation of Privilege Remote Code...

Ubuntu Linux Kernel Multiple Vulnerabilities

July 23, 2025

Multiple vulnerabilities were identified in Ubuntu Linux Kernel. An attacker could exploit some of these vulnerabilities to trigger elevation of privilege,...

0c98b52206218911346fe6d64e43a709c620f996fe961aa9fe61d7ce1e8f2c9a

The Real Reason Why Trump Is Killing The Mauna Loa Observatory In Hawai’i

July 23, 2025

Column When you don't like the message, what do you do? You shoot the messenger, of course.That's the strategy being...

c8fa4e1e7ba6a6ff82c824682ceded1390c8b09d1b2099995fc8d756de3d3ae3

Silicon Valley Engineer Admits Theft Of Us Missile Tech Secrets

July 23, 2025

A Silicon Valley engineer has pleaded guilty to stealing thousands of trade secrets worth hundreds of millions of dollars, including...

CVE Alert: CVE-2025-53538

July 23, 2025

Vulnerability Summary: CVE-2025-53538 Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation)...

CVE Alert: CVE-2025-41425

July 23, 2025

Vulnerability Summary: CVE-2025-41425 DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent...

CVE Alert: CVE-2025-53703

July 23, 2025

Vulnerability Summary: CVE-2025-53703 DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that could be intercepted by attackers....

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed