RedPacket Security - InfoSec News & Tutorials

[QILIN] – Ransomware Victim: capmark[.]org

July 1, 2025

Ransomware Group: QILIN VICTIM NAME: capmarkorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

HackerOne Bug Bounty Disclosure: curl-easy-header-runs-at-o-n-or-worse-and-can-be-abused-to-use-minute-s-of-cpu-time-wolfsage

July 1, 2025

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:wolfsageLink to Submitters Profile:https://hackerone.com/wolfsage Report Title:curl_easy_header runs at O(N) or worse and...

HackerOne Bug Bounty Disclosure: curl-oj-allows-creating-custom-curlrc-file-which-allows-exfiltrating-private-data-among-other-things-wolfsage

July 1, 2025

HackerOne Bug Bounty Disclosure: heap-buffer-overflow-vulnerability-in-conncache-c-incorrect-use-of-pointer-arrays-resulting-in-out-of-bounds-memory-writes-freak-coding

July 1, 2025

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:freak_codingLink to Submitters Profile:https://hackerone.com/freak_coding Report Title:Heap buffer overflow vulnerability in conncachec: incorrect...

HackerOne Bug Bounty Disclosure: http-proxy-bypass-via-curlopt-customrequest-verb-tunneling-alphox

July 1, 2025

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:alphoxLink to Submitters Profile:https://hackerone.com/alphox Report Title:HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb TunnelingReport...

HackerOne Bug Bounty Disclosure: arbitrary-file-read-via-file-path-traversal-with-path-as-is-demsese

July 1, 2025

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:demseseLink to Submitters Profile:https://hackerone.com/demsese Report Title:arbitrary file read via `file://` path traversal...

HackerOne Bug Bounty Disclosure: speculative-execution-side-channel-in-curl-evilginx

July 1, 2025

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:evilginx1Link to Submitters Profile:https://hackerone.com/evilginx1 Report Title:Speculative Execution Side-Channel in `curl` Report Link:https://hackerone.com/reports/3124490Date...

HackerOne Bug Bounty Disclosure: memory-leak-of-ftp-with-proxy-reuse-catenacyber

July 1, 2025

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:catenacyberLink to Submitters Profile:https://hackerone.com/catenacyber Report Title:Memory leak of ftp (with proxy reuse)Report...

[QILIN] – Ransomware Victim: Alert Medical Alarms

July 1, 2025

Ransomware Group: QILIN VICTIM NAME: Alert Medical Alarms NOTE: No files or stolen information are by RedPacket Security. Any legal...

[QILIN] – Ransomware Victim: LP Charpente

July 1, 2025

Ransomware Group: QILIN VICTIM NAME: LP Charpente NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[AKIRA] – Ransomware Victim: Watermark Marine Systems

July 1, 2025

Ransomware Group: AKIRA VICTIM NAME: Watermark Marine Systems NOTE: No files or stolen information are by RedPacket Security. Any legal...

[KAWA4096] – Ransomware Victim: tokiomarine-nichido[.]co[.]jp

July 1, 2025

Ransomware Group: KAWA4096 VICTIM NAME: tokiomarine-nichidocojp NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[KAWA4096] – Ransomware Victim: www[.]ogr-jp[.]com

July 1, 2025

Ransomware Group: KAWA4096 VICTIM NAME: wwwogr-jpcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[QILIN] – Ransomware Victim: exhibits-intl[.]com

July 1, 2025

Ransomware Group: QILIN VICTIM NAME: exhibits-intlcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-12915

July 1, 2025

Vulnerability Summary: CVE-2024-12915 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Devinim Software Library...

CVE Alert: CVE-2025-2895

July 1, 2025

Vulnerability Summary: CVE-2025-2895 IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, 2.3.4.1, and 2.3.4.1 iFix1 is vulnerable...

CVE Alert: CVE-2025-6911

July 1, 2025

Vulnerability Summary: CVE-2025-6911 A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This...

CVE Alert: CVE-2025-6912

July 1, 2025

Vulnerability Summary: CVE-2025-6912 A vulnerability was found in PHPGurukul Student Record System 3.2. It has been rated as critical. This...

CVE Alert: CVE-2025-6913

July 1, 2025

Vulnerability Summary: CVE-2025-6913 A vulnerability classified as critical has been found in PHPGurukul Student Record System 3.2. Affected is an...

CVE Alert: CVE-2025-47871

July 1, 2025

Vulnerability Summary: CVE-2025-47871 Mattermost versions 10.5.x

CVE Alert: CVE-2025-46702

July 1, 2025

Vulnerability Summary: CVE-2025-46702 Mattermost versions 10.5.x

CVE Alert: CVE-2025-45931

July 1, 2025

Vulnerability Summary: CVE-2025-45931 An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in...

CVE Alert: CVE-2025-26074

July 1, 2025

Vulnerability Summary: CVE-2025-26074 Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes....

CVE Alert: CVE-2025-6914

July 1, 2025

Vulnerability Summary: CVE-2025-6914 A vulnerability classified as critical was found in PHPGurukul Student Record System 3.2. Affected by this vulnerability...

Main Story

Security Awareness Training that Works for Changing Employee Behavior

Editor’s Picks

Trending Story

Featured Story

You may have missed