CVE Alert: CVE-2025-53650
Vulnerability Summary: CVE-2025-53650 Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present...
CVE Alert: CVE-2025-53652
Vulnerability Summary: CVE-2025-53652 Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to...
CVE Alert: CVE-2025-49604
Vulnerability Summary: CVE-2025-49604 For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and...
CVE Alert: CVE-2025-53651
Vulnerability Summary: CVE-2025-53651 Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files...
CVE Alert: CVE-2025-53665
Vulnerability Summary: CVE-2025-53665 Jenkins Apica Loadtest Plugin 1.10 and earlier does not mask Apica Loadtest LTP authentication tokens displayed on...
CVE Alert: CVE-2025-53663
Vulnerability Summary: CVE-2025-53663 Jenkins IBM Cloud DevOps Plugin 2.0.16 and earlier stores SonarQube authentication tokens unencrypted in job config.xml files...
CVE Alert: CVE-2025-53661
Vulnerability Summary: CVE-2025-53661 Jenkins Testsigma Test Plan run Plugin 1.6 and earlier does not mask Testsigma API keys displayed on...
CVE Alert: CVE-2025-53660
Vulnerability Summary: CVE-2025-53660 Jenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on...
CVE Alert: CVE-2025-53662
Vulnerability Summary: CVE-2025-53662 Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml...
CVE Alert: CVE-2025-53664
Vulnerability Summary: CVE-2025-53664 Jenkins Apica Loadtest Plugin 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml...
[LYNX] – Ransomware Victim: Nactarome
Ransomware Group: LYNX VICTIM NAME: Nactarome NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: Tara Pac
Ransomware Group: AKIRA VICTIM NAME: Tara Pac NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[AKIRA] – Ransomware Victim: SPANN Roofing & Sheet Metal
Ransomware Group: AKIRA VICTIM NAME: SPANN Roofing & Sheet Metal NOTE: No files or stolen information are by RedPacket Security....
CVE Alert: CVE-2025-53658
Vulnerability Summary: CVE-2025-53658 Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not escape the Applitools URL on the build page,...
CVE Alert: CVE-2025-53659
Vulnerability Summary: CVE-2025-53659 Jenkins QMetry Test Management Plugin 1.13 and earlier stores Qmetry Automation API Keys unencrypted in job config.xml...
CVE Alert: CVE-2025-53674
Vulnerability Summary: CVE-2025-53674 Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on...
CVE Alert: CVE-2025-53656
Vulnerability Summary: CVE-2025-53656 Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords...
CVE Alert: CVE-2025-53657
Vulnerability Summary: CVE-2025-53657 Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets,...
CVE Alert: CVE-2025-53673
Vulnerability Summary: CVE-2025-53673 Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its...
CVE Alert: CVE-2025-53670
Vulnerability Summary: CVE-2025-53670 Jenkins Nouvola DiveCloud Plugin 1.08 and earlier stores DiveCloud API Keys and Credentials Encryption Keys unencrypted in...
CVE Alert: CVE-2025-53671
Vulnerability Summary: CVE-2025-53671 Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys...
CVE Alert: CVE-2025-53669
Vulnerability Summary: CVE-2025-53669 Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job...
CVE Alert: CVE-2025-53672
Vulnerability Summary: CVE-2025-53672 Jenkins Kryptowire Plugin 0.2 and earlier stores the Kryptowire API key unencrypted in its global configuration file...
[LYNX] – Ransomware Victim: nactarome[.]eu
Ransomware Group: LYNX VICTIM NAME: nactaromeeu NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
