RedPacket Security - InfoSec News & Tutorials

BlackCat/ALPHV Ransomware Victim: Jewish Home Lifecare

February 8, 2024

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

CISA: CISA Partners With OpenSSF Securing Software Repositories Working Group to Release Principles for Package Repository Security

February 8, 2024

CISA Partners With OpenSSF Securing Software Repositories Working Group to Release Principles for Package Repository Security Today, CISA partnered with...

HackerOne Bug Bounty Disclosure: idor-on-graphql-queries-billingdocumentdownload-and-billdetails-blaklis

February 8, 2024

Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:blaklisLink to Submitters Profile:https://hackerone.com/blaklis Report Title:IDOR on GraphQL queries BillingDocumentDownload and BillDetailsReport...

HackerOne Bug Bounty Disclosure: xmlrpc-php-wp-cron-php-files-are-enabled-and-will-used-for-ddos-dos-and-broutforce-users-attack-cyber-tech

February 8, 2024

Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:cyber-techLink to Submitters Profile:https://hackerone.com/cyber-tech Report Title:xmlrpcphp &wp-cronphp files are enabled, and will...

HackerOne Bug Bounty Disclosure: blind-stored-xss-in-shopify-internal-parquet-viewer-testingforbugs

February 8, 2024

Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:testingforbugsLink to Submitters Profile:https://hackerone.com/testingforbugs Report Title:Blind Stored XSS in shopify internal Parquet...

CISA: Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series

February 8, 2024

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series Cisco released a security advisory to address vulnerabilities affecting Cisco...

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade

February 8, 2024

The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some...

Akira Ransomware Victim: AVer Information

February 8, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Akira Ransomware Victim: TeraGo

February 8, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Akira Ransomware Victim: Celeste

February 8, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

February 8, 2024

The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues...

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

February 8, 2024

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse...

Unified Identity – look for the meaning behind the hype!

February 8, 2024

If you've listened to software vendors in the identity space lately, you will have noticed that "unified" has quickly become...

Structured Content plugin for WordPress cross-site scripting | CVE-2024-24839

February 8, 2024

NAME__________Structured Content plugin for WordPress cross-site scriptingPlatforms Affected:Gordon Böhme Structured Content plugin for WordPress 1.6.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Structured Content plugin...

Five Star Restaurant Reviews plugin for WordPress cross-site scripting | CVE-2024-24838

February 8, 2024

NAME__________Five Star Restaurant Reviews plugin for WordPress cross-site scriptingPlatforms Affected:Five Star Plugins Five Star Restaurant Reviews plugin for WordPress 2.3.5Risk...

Add Customer for WooCommerce plugin for WordPress cross-site scripting | CVE-2024-24841

February 8, 2024

NAME__________Add Customer for WooCommerce plugin for WordPress cross-site scriptingPlatforms Affected:Dan's Art Add Customer for WooCommerce plugin for WordPress 1.7Risk Level:6.1Exploitability:HighConsequences:Cross-Site...

PT Sign Ups plugin for WordPress cross-site scripting | CVE-2024-24848

February 8, 2024

NAME__________PT Sign Ups plugin for WordPress cross-site scriptingPlatforms Affected:MJS Software PT Sign Ups plugin for WordPress 1.0.4Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PT...

CalculatorPro Calculators plugin for WordPress cross-site scripting | CVE-2024-24847

February 8, 2024

NAME__________CalculatorPro Calculators plugin for WordPress cross-site scriptingPlatforms Affected:jgadbois CalculatorPro Calculators plugin for WordPress 1.1.7Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CalculatorPro Calculators plugin for...

QNAP QTS, QuTS hero and QuTScloud buffer overflow | CVE-2023-45037

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud buffer overflowPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:3.8Exploitability:UnprovenConsequences:Gain Access...

Mighty Addons for Elementor plugin for WordPress cross-site scripting | CVE-2024-24846

February 8, 2024

NAME__________Mighty Addons for Elementor plugin for WordPress cross-site scriptingPlatforms Affected:MightyThemes Mighty Addons for Elementor plugin for WordPress 1.9.3Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting...

QNAP QTS, QuTS hero and QuTScloud directory traversal | CVE-2023-45026

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud directory traversalPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information...

Biteship plugin for WordPress cross-site scripting | CVE-2024-24866

February 8, 2024

NAME__________Biteship plugin for WordPress cross-site scriptingPlatforms Affected:Biteship Biteship plugin for WordPress 2.2.24Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Biteship plugin for WordPress is vulnerable...

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41281

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud command executionPlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP QTS, QuTS hero and QuTScloud could allow a...

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41282

February 8, 2024

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed