GitHub Warns Devs of North Korean Attacks
GitHub has warned of a new North Korean threat campaign designed to compromise victims via malicious npm package dependencies.The development...
US DoJ Announces Plan to Shakeup Cybercrime Investigations
The US Department of Justice (DoJ) is doubling the size of the team investigating cryptocurrency crime, with the fight against...
Plurilock Launches Generative AI ‘Guardrails’ Product for Workforces
Generative AI tools have conquered the workplace, especially large language model-based (LLM) chatbots like OpenAI’s ChatGPT and Google’s Bard.These powerful...
Russian Prosecutor Asks for 18 Years in Jail for Group-IB Founder
The Russian state prosecution asked the Moscow City Court to impose 18 years in a strict colony regime on Ilya...
Chinese Hackers Breached Ambassador’s Email
A Chinese cyber-espionage campaign revealed by Microsoft last week compromised the government email account of the US ambassador to China...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These...
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion(link is...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July...
CISA: Citrix Releases Security Updates for NetScaler ADC and Gateway
Citrix Releases Security Updates for NetScaler ADC and Gateway Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
HackerOne Bug Bounty Disclosure: b-password-reset-endpoint-is-not-brute-force-protected-b-rullzer
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'rullzer'Link to Submitters Profile:https://hackerone.com/b'rullzer' Report Title:b'Password reset endpoint is not brute force...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
Posh C2 Detected – 103[.]230[.]142[.]243:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Akira Ransomware Victim: Bright Future Electr ic, LLC
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Yamaha Canada Music Ltd
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
myCred plugin for WordPress cross-site request forgery | CVE-2023-35096
NAME__________myCred plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress myCred plugin for WordPress 2.5Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________myCred plugin for WordPress is...
Recipe Maker For Your Food Blog from Zip Recipes plugin for WordPress cross-site request forgery | CVE-2023-35089
NAME__________Recipe Maker For Your Food Blog from Zip Recipes plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Recipe Maker For Your...
InfoDoc Document On-line Submission and Approval System server-side request forgery | CVE-2023-37290
NAME__________InfoDoc Document On-line Submission and Approval System server-side request forgeryPlatforms Affected:InfoDoc Document On-line Submission and Approval System 22547 InfoDoc Document...
