LockBit 3.0 Ransomware Victim: mipe[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gsaenz[.]com[.]mx
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Medusa Locker Ransomware Victim: Auckland Transport
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Financially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks
The financially motivated threat actor known as UNC3944 is pivoting to ransomware deployment as part of an expansion to its...
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services
A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify,...
Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data
Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38...
Think Your MFA and PAM Solutions Protect You? Think Again
When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out...
Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients
Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted...
Hook: New Android Banking Trojan That Expands on ERMAC’s Legacy
A new analysis of the Android banking trojan known as Hook has revealed that it's based on its predecessor called...
Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware
The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT...
Earth Lusca’s New SprySOCKS Linux Backdoor Targets Government Entities
The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called...
Inside the Code of a New XWorm Variant
XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the...
Live Webinar: Overcoming Generative AI Data Leakage Risks
As the adoption of generative AI tools, like ChatGPT, continues to surge, so does the risk of data exposure. According...
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code...
Akira Ransomware Victim: Fuji Seal Internatio nal (US branch)
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Glovis America
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Discourse denial of service | CVE-2023-41043
NAME__________Discourse denial of servicePlatforms Affected:Discourse Discourse 3.1.0.beta8 Discourse Discourse 3.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of...
Booster for WooCommerce plugin for WordPress cross-site scripting | CVE-2023-4945
NAME__________Booster for WooCommerce plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Booster for WooCommerce Plugin for WordPress 3.0.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Booster for...
Feeds for YouTube Plugin for WordPress cross-site scripting | CVE-2023-4841
NAME__________Feeds for YouTube Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Feeds for YouTube Plugin for WordPress 2.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Feeds for...
OpenKnowledgeMaps cross-site scripting | CVE-2023-40617
NAME__________OpenKnowledgeMaps cross-site scriptingPlatforms Affected:OpenKnowledgeMaps Head Start 7Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OpenKnowledgeMaps is vulnerable to cross-site scripting, caused by improper validation of...
NCR Teller web app cross-site scripting | CVE-2023-42362
NAME__________NCR Teller web app cross-site scriptingPlatforms Affected:NCR Teller Web App 4.4.0Risk Level:7.2Exploitability:HighConsequences:Gain Access DESCRIPTION__________NCR Teller web app is vulnerable to...
Discourse denial of service | CVE-2023-41042
NAME__________Discourse denial of servicePlatforms Affected:Discourse Discourse 3.1.0.beta8 Discourse Discourse 3.1.0Risk Level:4.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of...
Razer Synapse privilege escalation | CVE-2022-47631
NAME__________Razer Synapse privilege escalationPlatforms Affected:Razer Synapse 3.8.0228.022313Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Razer Synapse could allow a local authenticated attacker to gain elevated...
Strapi information disclosure | CVE-2023-37263
NAME__________Strapi information disclosurePlatforms Affected:Strapi Strapi 4.12.0Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Strapi could allow a remote authenticated attacker to obtain sensitive information, caused...
