RedPacket Security - InfoSec News & Tutorials

CVE Alert: CVE-2025-5190

June 1, 2025

Vulnerability Summary: CVE-2025-5190 The Browse As plugin for WordPress is vulnerable to authentication bypass in versions up to, and including,...

CVE Alert: CVE-2025-2500

June 1, 2025

Vulnerability Summary: CVE-2025-2500 A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully...

CVE Alert: CVE-2025-40909

June 1, 2025

Vulnerability Summary: CVE-2025-40909 Perl threads have a working directory race condition where file operations may target unintended paths. If a...

CVE Alert: CVE-2025-1484

June 1, 2025

Vulnerability Summary: CVE-2025-1484 A vulnerability exists in the media upload component of the Asset Suite versions listed below. If successfully...

CVE Alert: CVE-2025-4433

June 1, 2025

Vulnerability Summary: CVE-2025-4433 Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user...

[SAFEPAY] – Ransomware Victim: universityacademy[.]org

June 1, 2025

Ransomware Group: SAFEPAY VICTIM NAME: universityacademyorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CovenantC2 Detected – 150[.]241[.]69[.]126:7443

June 1, 2025

The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...

CVE Alert: CVE-2025-2571

May 31, 2025

Vulnerability Summary: CVE-2025-2571 Mattermost versions 10.7.x

CVE Alert: CVE-2025-1792

May 31, 2025

Vulnerability Summary: CVE-2025-1792 Mattermost versions 10.7.x

CVE Alert: CVE-2025-4598

May 31, 2025

Vulnerability Summary: CVE-2025-4598 A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to...

CVE Alert: CVE-2025-0602

May 31, 2025

Vulnerability Summary: CVE-2025-0602 A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through...

CVE Alert: CVE-2025-48331

May 31, 2025

Vulnerability Summary: CVE-2025-48331 Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders & Customers Exporter allows Retrieve...

CVE Alert: CVE-2024-7097

May 31, 2025

Vulnerability Summary: CVE-2024-7097 An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin...

CVE Alert: CVE-2025-4984

May 31, 2025

Vulnerability Summary: CVE-2025-4984 A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x...

CVE Alert: CVE-2025-4983

May 31, 2025

Vulnerability Summary: CVE-2025-4983 A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x...

CVE Alert: CVE-2025-3611

May 31, 2025

Vulnerability Summary: CVE-2025-3611 Mattermost versions 10.7.x

CVE Alert: CVE-2024-7096

May 31, 2025

Vulnerability Summary: CVE-2024-7096 A privilege escalation vulnerability exists in multiple products due to a business logic flaw in SOAP admin...

[DEVMAN] – Ransomware Victim: lantro[.]com

May 31, 2025

Ransomware Group: DEVMAN VICTIM NAME: lantrocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

HackerOne Bug Bounty Disclosure: public-github-repositories-for-multiple-hackerone-managed-triage-team-profiles-contain-private-hackerone-reports-information-w-w

May 31, 2025

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:w2wLink to Submitters Profile:https://hackerone.com/w2w Report Title:Public GitHub repositories for multiple HackerOne managed...

[QILIN] – Ransomware Victim: radicon

May 31, 2025

Ransomware Group: QILIN VICTIM NAME: radicon NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[STORMOUS] – Ransomware Victim: Volkswagen Group

May 31, 2025

Ransomware Group: STORMOUS VICTIM NAME: Volkswagen Group NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – RXSS On https://www1-2-pz.sewp.nasa.gov/ – asjadbutt

May 31, 2025

RXSS On https://www1-2-pz.sewp.nasa.gov/ RXSS On https://www1-2-pz.sewp.nasa.gov/ Researcher: asjadbutt Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program Disclosed...

Bug Bounty

BugCrowd Bug Bounty Disclosure: P5 – Apollo 13 Onboard Voice Transcription for Potential Data Exposure – suyashksawant

May 31, 2025

Apollo 13 Onboard Voice Transcription for Potential Data Exposure Apollo 13 Onboard Voice Transcription for Potential Data Exposure Researcher: suyashksawant...

CVE Alert: CVE-2025-4989

May 31, 2025

Vulnerability Summary: CVE-2025-4989 A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed