CVE Alert: CVE-2025-47660
Vulnerability Summary: CVE-2025-47660 Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate allows Object Injection. This issue affects WC...
CVE Alert: CVE-2025-47663
Vulnerability Summary: CVE-2025-47663 Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web...
CVE Alert: CVE-2025-48245
Vulnerability Summary: CVE-2025-48245 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fullworks Quick Contact Form allows...
CVE Alert: CVE-2025-47678
Vulnerability Summary: CVE-2025-47678 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelCockpit FunnelCockpit allows Reflected XSS....
CVE Alert: CVE-2025-48241
Vulnerability Summary: CVE-2025-48241 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soft8Soft LLC Verge3D allows Reflected...
CVE Alert: CVE-2025-47687
Vulnerability Summary: CVE-2025-47687 Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce allows Upload a...
CVE Alert: CVE-2025-47680
Vulnerability Summary: CVE-2025-47680 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-tidy-tags...
CVE Alert: CVE-2025-47690
Vulnerability Summary: CVE-2025-47690 Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows Privilege Escalation. This issue affects...
HackerOne Bug Bounty Disclosure: wasi-sandbox-escape-via-symlink-jessewilson
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:jessewilsonLink to Submitters Profile:https://hackerone.com/jessewilson Report Title:WASI sandbox escape via symlinkReport Link:https://hackerone.com/reports/2084280Date Submitted:24...
[AKIRA] – Ransomware Victim: Insight PipeContracting
Ransomware Group: AKIRA VICTIM NAME: Insight PipeContracting NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-48286
Vulnerability Summary: CVE-2025-48286 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catkin ReDi Restaurant Reservation allows...
CVE Alert: CVE-2025-48287
Vulnerability Summary: CVE-2025-48287 Deserialization of Untrusted Data vulnerability in Pagaleve Pix 4x sem juros - Pagaleve allows Object Injection.This issue...
CVE Alert: CVE-2025-48289
Vulnerability Summary: CVE-2025-48289 Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet allows Object Injection. This issue affects Kids Planet:...
CVE Alert: CVE-2025-48275
Vulnerability Summary: CVE-2025-48275 Missing Authorization vulnerability in dastan800 Visual Header allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-48283
Vulnerability Summary: CVE-2025-48283 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Majestic Support Majestic...
CVE Alert: CVE-2025-5107
Vulnerability Summary: CVE-2025-5107 A vulnerability was found in Fujian Kelixun 1.0. It has been declared as critical. This vulnerability affects...
CVE Alert: CVE-2025-48273
Vulnerability Summary: CVE-2025-48273 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpjobportal WP Job Portal...
CVE Alert: CVE-2025-48292
Vulnerability Summary: CVE-2025-48292 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GoodLayers...
CVE Alert: CVE-2025-5108
Vulnerability Summary: CVE-2025-5108 A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue affects...
CVE Alert: CVE-2025-5109
Vulnerability Summary: CVE-2025-5109 A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown...
[QILIN] – Ransomware Victim: elitavia[.]com
Ransomware Group: QILIN VICTIM NAME: elitaviacom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 123[.]207[.]66[.]232:8081
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 43[.]133[.]41[.]106:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 5[.]58[.]172[.]98:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
