RedPacket Security - InfoSec News & Tutorials

CVE Alert: CVE-2025-1319

March 1, 2025

Vulnerability Summary: CVE-2025-1319 The Site Mailer – SMTP Replacement, Email API Deliverability & Email Log plugin for WordPress is vulnerable...

CVE Alert: CVE-2025-1748

March 1, 2025

Vulnerability Summary: CVE-2025-1748 HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify...

CVE Alert: CVE-2025-1746

March 1, 2025

Vulnerability Summary: CVE-2025-1746 Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript...

CVE Alert: CVE-2025-1749

March 1, 2025

Vulnerability Summary: CVE-2025-1749 HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify...

CVE Alert: CVE-2025-1300

March 1, 2025

Vulnerability Summary: CVE-2025-1300 CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang...

CVE Alert: CVE-2025-1776

March 1, 2025

Vulnerability Summary: CVE-2025-1776 Cross-Site Scripting (XSS) vulnerability in Soteshop, versions prior to 8.3.4, which could allow remote attackers to execute...

Cobalt Strike Beacon Detected – 101[.]126[.]87[.]67:8001

March 1, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2025-0985

March 1, 2025

Vulnerability Summary: CVE-2025-0985 IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment...

CVE Alert: CVE-2025-1747

March 1, 2025

Vulnerability Summary: CVE-2025-1747 HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify...

CVE Alert: CVE-2025-25461

March 1, 2025

Vulnerability Summary: CVE-2025-25461 A Stored Cross-Site Scripting (XSS) vulnerability exists in SeedDMS 6.0.29. A user or rogue admin with the...

CVE Alert: CVE-2025-25916

March 1, 2025

Vulnerability Summary: CVE-2025-25916 wuzhicms v4.1.0 has a Cross Site Scripting (XSS) vulnerability in del function in \coreframe\app\member\admin\group.php. Affected Endpoints: No...

CVE Alert: CVE-2025-27400

March 1, 2025

Vulnerability Summary: CVE-2025-27400 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community...

CVE Alert: CVE-2024-54175

March 1, 2025

Vulnerability Summary: CVE-2024-54175 IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow a local user to...

CVE Alert: CVE-2025-24318

March 1, 2025

Vulnerability Summary: CVE-2025-24318 Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to...

CVE Alert: CVE-2025-24316

March 1, 2025

Vulnerability Summary: CVE-2025-24316 The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could...

CVE Alert: CVE-2025-20060

March 1, 2025

Vulnerability Summary: CVE-2025-20060 An attacker could expose cross-user personal identifiable information (PII) and personal health information transmitted to the Android...

CVE Alert: CVE-2025-23405

March 1, 2025

Vulnerability Summary: CVE-2025-23405 Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks (ex log...

[RHYSIDA] – Ransomware Victim: Newton & Associates, Inc

March 1, 2025

Ransomware Group: RHYSIDA VICTIM NAME: Newton & Associates, Inc NOTE: No files or stolen information are by RedPacket Security. Any...

CVE Alert: CVE-2025-25429

March 1, 2025

Vulnerability Summary: CVE-2025-25429 Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name...

CVE Alert: CVE-2025-27408

March 1, 2025

Vulnerability Summary: CVE-2025-27408 Manifest offers users a one-file micro back end. Prior to version 4.9.1, Manifest employs a weak password...

CVE Alert: CVE-2025-20049

March 1, 2025

Vulnerability Summary: CVE-2025-20049 The Dario Health portal service application is vulnerable to XSS, which could allow an attacker to obtain...

CVE Alert: CVE-2025-24849

March 1, 2025

Vulnerability Summary: CVE-2025-24849 Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data manipulation or exposure. Affected...

CVE Alert: CVE-2025-24843

March 1, 2025

Vulnerability Summary: CVE-2025-24843 Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity,...

CVE Alert: CVE-2025-27410

March 1, 2025

Vulnerability Summary: CVE-2025-27410 PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed