RedPacket Security - InfoSec News & Tutorials

CVE Alert: CVE-2025-1050

April 24, 2025

Vulnerability Summary: CVE-2025-1050 Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary...

CVE Alert: CVE-2025-2769

April 24, 2025

Vulnerability Summary: CVE-2025-2769 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...

CVE Alert: CVE-2025-2760

April 24, 2025

Vulnerability Summary: CVE-2025-2760 GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

CVE Alert: CVE-2025-29526

April 24, 2025

Vulnerability Summary: CVE-2025-29526 A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows...

CVE Alert: CVE-2025-2768

April 24, 2025

Vulnerability Summary: CVE-2025-2768 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...

Vulnerability Summary: CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication...

CVE Alert: CVE-2025-2767

April 24, 2025

Vulnerability Summary: CVE-2025-2767 Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

CVE Alert: CVE-2025-2764

April 24, 2025

Vulnerability Summary: CVE-2025-2764 CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to...

CVE Alert: CVE-2025-2763

April 24, 2025

Vulnerability Summary: CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to...

CVE Alert: CVE-2025-2762

April 24, 2025

Vulnerability Summary: CVE-2025-2762 CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...

[INCRANSOM] – Ransomware Victim: arkansasprimarycare[.]com

April 24, 2025

Ransomware Group: INCRANSOM VICTIM NAME: arkansasprimarycarecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[SILENT] – Ransomware Victim: Fleet Canada

April 24, 2025

Ransomware Group: SILENT VICTIM NAME: Fleet Canada NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[DEVMAN] – Ransomware Victim: China Harbour Engeneiring Company FILE SAMPLE 1 avaliable /CHEC/CHECsample[.]zip

April 24, 2025

Ransomware Group: DEVMAN VICTIM NAME: China Harbour Engeneiring Company FILE SAMPLE 1 avaliable /CHEC/CHECsamplezip NOTE: No files or stolen information...