[AKIRA] – Ransomware Victim: Princeton Hydro
Ransomware Group: AKIRA VICTIM NAME: Princeton Hydro NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[INCRANSOM] – Ransomware Victim: Essex County OB/GYN Associates
Ransomware Group: INCRANSOM VICTIM NAME: Essex County OB/GYN Associates NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2024-12604
Vulnerability Summary: CVE-2024-12604 Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability...
CVE Alert: CVE-2025-26933
Vulnerability Summary: CVE-2025-26933 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nitin...
CVE Alert: CVE-2025-26910
Vulnerability Summary: CVE-2025-26910 Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit allows Stored XSS. This issue affects WPBookit: from...
CVE Alert: CVE-2025-26916
Vulnerability Summary: CVE-2025-26916 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in EPC...
CVE Alert: CVE-2025-25620
Vulnerability Summary: CVE-2025-25620 Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. Affected Endpoints: No...
CVE Alert: CVE-2024-52905
Vulnerability Summary: CVE-2024-52905 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database...
CVE Alert: CVE-2025-26936
Vulnerability Summary: CVE-2025-26936 Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Fresh Framework allows Code Injection. This...
CVE Alert: CVE-2024-47109
Vulnerability Summary: CVE-2024-47109 IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path...
CVE Alert: CVE-2024-55199
Vulnerability Summary: CVE-2024-55199 A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker...
CVE Alert: CVE-2025-25614
Vulnerability Summary: CVE-2025-25614 Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal...
CVE Alert: CVE-2024-53307
Vulnerability Summary: CVE-2024-53307 A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to...
CVE Alert: CVE-2025-1296
Vulnerability Summary: CVE-2025-1296 Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and...
CVE Alert: CVE-2025-27615
Vulnerability Summary: CVE-2025-27615 umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The...
CVE Alert: CVE-2025-25306
Vulnerability Summary: CVE-2025-25306 Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate...
CVE Alert: CVE-2024-52812
Vulnerability Summary: CVE-2024-52812 LF Edge eKuiper is an internet-of-things data analytics and stream processing engine. Prior to version 2.0.8, auser...
CVE Alert: CVE-2025-27616
Vulnerability Summary: CVE-2025-27616 Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Prior to...
CVE Alert: CVE-2025-27925
Vulnerability Summary: CVE-2025-27925 Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input. Affected Endpoints: No affected...
CVE Alert: CVE-2025-27926
Vulnerability Summary: CVE-2025-27926 In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config)...
CVE Alert: CVE-2025-27924
Vulnerability Summary: CVE-2025-27924 Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to...
CVE Alert: CVE-2025-27610
Vulnerability Summary: CVE-2025-27610 Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12,...
[BABUK2] – Ransomware Victim: wapda[.]gov[.]pk By Babuk Locker 2[.]0
Ransomware Group: BABUK2 VICTIM NAME: wapdagovpk By Babuk Locker 20 NOTE: No files or stolen information are by RedPacket Security....
[BABUK2] – Ransomware Victim: lexmark[.]com Company
Ransomware Group: BABUK2 VICTIM NAME: lexmarkcom Company NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
