[LYNX] – Ransomware Victim: R&N Manufacturing
Ransomware Group: LYNX VICTIM NAME: R&N Manufacturing NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[QILIN] – Ransomware Victim: parrishleasing[.]com
Ransomware Group: QILIN VICTIM NAME: parrishleasingcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-43963
Vulnerability Summary: CVE-2025-43963 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not...
CVE Alert: CVE-2025-43973
Vulnerability Summary: CVE-2025-43973 An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds...
CVE Alert: CVE-2025-43964
Vulnerability Summary: CVE-2025-43964 In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and...
CVE Alert: CVE-2025-43962
Vulnerability Summary: CVE-2025-43962 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large...
CVE Alert: CVE-2025-43972
Vulnerability Summary: CVE-2025-43972 An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go...
CVE Alert: CVE-2025-43971
Vulnerability Summary: CVE-2025-43971 An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a...
CVE Alert: CVE-2025-32408
Vulnerability Summary: CVE-2025-32408 In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled. Affected Endpoints: No...
CVE Alert: CVE-2024-41446
Vulnerability Summary: CVE-2024-41446 A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts...
CVE Alert: CVE-2025-43970
Vulnerability Summary: CVE-2025-43970 An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.,...
CVE Alert: CVE-2025-43916
Vulnerability Summary: CVE-2025-43916 Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the...
Ghost-Route – Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
A Python script to check Next.js sites for corrupt middleware vulnerability (CVE-2025-29927). The corrupt middleware vulnerability allows an attacker to...
Cobalt Strike Beacon Detected – 115[.]120[.]232[.]177:4444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 39[.]105[.]197[.]12:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-29287
Vulnerability Summary: CVE-2025-29287 An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary...
CVE Alert: CVE-2025-29659
Vulnerability Summary: CVE-2025-29659 Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the...
CVE Alert: CVE-2025-28121
Vulnerability Summary: CVE-2025-28121 code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the...
CVE Alert: CVE-2024-42699
Vulnerability Summary: CVE-2024-42699 Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject...
CVE Alert: CVE-2025-29660
Vulnerability Summary: CVE-2025-29660 A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP...
CVE Alert: CVE-2025-3857
Vulnerability Summary: CVE-2025-3857 When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number...
CVE Alert: CVE-2025-32793
Vulnerability Summary: CVE-2025-32793 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0...
CVE Alert: CVE-2025-28367
Vulnerability Summary: CVE-2025-28367 mojoPortal
CVE Alert: CVE-2025-43922
Vulnerability Summary: CVE-2025-43922 The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate...
