Cobalt Strike Beacon Detected – 107[.]149[.]192[.]113:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BugCrowd Bug Bounty Disclosure: P5 – Reflected XSS on oceandata.sci.gsfc.nasa.gov – FebriHp
Reflected XSS on oceandata.sci.gsfc.nasa.gov Reflected XSS on oceandata.sci.gsfc.nasa.gov Researcher: FebriHp Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure...
CVE Alert: CVE-2025-27889
Vulnerability Summary: CVE-2025-27889 Wing FTP Server before 7.4.4 does not properly validate and sanitize the url parameter of the downloadpass.html...
CVE Alert: CVE-2025-47811
Vulnerability Summary: CVE-2025-47811 In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs...
CVE Alert: CVE-2025-46789
Vulnerability Summary: CVE-2025-46789 Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a...
CVE Alert: CVE-2025-6395
Vulnerability Summary: CVE-2025-6395 A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). When it reads certain...
CVE Alert: CVE-2025-46788
Vulnerability Summary: CVE-2025-46788 Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to...
CVE Alert: CVE-2025-49463
Vulnerability Summary: CVE-2025-49463 Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated...
CVE Alert: CVE-2025-47813
Vulnerability Summary: CVE-2025-47813 loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when...
CVE Alert: CVE-2025-49464
Vulnerability Summary: CVE-2025-49464 Classic buffer overflow in certain Zoom Clients for Windows may allow an authorised user to conduct a...
CVE Alert: CVE-2025-47812
Vulnerability Summary: CVE-2025-47812 In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing...
CVE Alert: CVE-2025-49462
Vulnerability Summary: CVE-2025-49462 Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a...
CVE Alert: CVE-2025-52521
Vulnerability Summary: CVE-2025-52521 Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could...
CVE Alert: CVE-2025-7410
Vulnerability Summary: CVE-2025-7410 A vulnerability was found in code-projects LifeStyle Store 1.0. It has been classified as critical. Affected is...
CVE Alert: CVE-2025-53371
Vulnerability Summary: CVE-2025-53371 DiscordNotifications is an extension for MediaWiki that sends notifications of actions in your Wiki to a Discord...
CVE Alert: CVE-2025-52837
Vulnerability Summary: CVE-2025-52837 Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation...
CVE Alert: CVE-2025-7409
Vulnerability Summary: CVE-2025-7409 A vulnerability was found in code-projects Mobile Shop 1.0 and classified as critical. This issue affects some...
CVE Alert: CVE-2025-52473
Vulnerability Summary: CVE-2025-52473 liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have...
CVE Alert: CVE-2025-53503
Vulnerability Summary: CVE-2025-53503 Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local...
CVE Alert: CVE-2025-53542
Vulnerability Summary: CVE-2025-53542 Headlamp is an extensible Kubernetes web UI. A command injection vulnerability was discovered in the codeSign.js script...
CVE Alert: CVE-2025-53378
Vulnerability Summary: CVE-2025-53378 A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an...
CVE Alert: CVE-2025-7411
Vulnerability Summary: CVE-2025-7411 A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by...
[DRAGONFORCE] – Ransomware Victim: City of Keene, NH
Ransomware Group: DRAGONFORCE VICTIM NAME: City of Keene, NH NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2025-53709
Vulnerability Summary: CVE-2025-53709 Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service...
