New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies
Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered – Patch Now!
Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting...
LockBit 3.0 Ransomware Victim: wsisd[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gruppomercurio[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 114[.]115[.]185[.]41:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]4[.]154[.]20:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]138[.]166:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]35[.]141[.]80:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 130[.]61[.]95[.]82:8085
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Advent/SSC Tamale RMS directory traversal | CVE-2023-33524
NAME__________Advent/SSC Tamale RMS directory traversalPlatforms Affected:Advent/SSC Tamale RMS 23.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Advent/SSC Tamale RMS could allow a remote attacker to...
Page Builder: KingComposer plugin for WordPress cross-site scripting | CVE-2020-36709
NAME__________Page Builder: KingComposer plugin for WordPress cross-site scriptingPlatforms Affected:King-Theme Page Builder: KingComposer plugin for WordPress 2.9.3Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Page Builder:...
ListingPro theme for WordPress information disclosure | CVE-2020-36723
NAME__________ListingPro theme for WordPress information disclosurePlatforms Affected:CridioStudio ListingPro theme for WordPress 2.6.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________ListingPro theme for WordPress could allow...
Gatsby local file include | CVE-2023-34238
NAME__________Gatsby local file includePlatforms Affected:Gatsby Gatsby 4.25.6 Gatsby Gatsby 5.9.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gatsby could allow a remote attacker to include...
zxcvbn-ts denial of service | CVE-2023-34109
NAME__________zxcvbn-ts denial of servicePlatforms Affected:zxcvbn-ts zxcvbn-ts 3.0.1Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________zxcvbn-ts is vulnerable to a denial of service, caused by...
Trellix Agent for macOS code execution | CVE-2023-0976
NAME__________Trellix Agent for macOS code executionPlatforms Affected:Trellix Agent for macOS 5.7.8Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Trellix Agent for macOS could allow a...
Activello plugin for WordPress security bypass | CVE-2020-36721
NAME__________Activello plugin for WordPress security bypassPlatforms Affected:Silkalns Activello plugin for WordPress 1.4.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Activello plugin for WordPress could allow...
Slideshow, Image Slider by 2J plugin for WordPress security bypass | CVE-2020-36729
NAME__________Slideshow, Image Slider by 2J plugin for WordPress security bypassPlatforms Affected:2J Slideshow Team Slideshow Image Slider by 2J plugin for...
OpenZeppelin Contracts denial of service | CVE-2023-34234
NAME__________OpenZeppelin Contracts denial of servicePlatforms Affected:OpenZeppelin OpenZeppelin Contracts 4.9.0Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenZeppelin Contracts is vulnerable to a denial of...
Kali Forms plugin for WordPress security bypass | CVE-2020-36720
NAME__________Kali Forms plugin for WordPress security bypassPlatforms Affected:Kali Forms Kali Forms plugin for WordPress 2.1.1Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Kali Forms plugin...
Gradio security bypass | CVE-2023-34239
NAME__________Gradio security bypassPlatforms Affected:Gradio Gradio 3.33.1Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Gradio could allow a remote attacker to bypass security restrictions, caused by...
Online Discussion Forum Site cross-site scripting | CVE-2023-3143
NAME__________Online Discussion Forum Site cross-site scriptingPlatforms Affected:Sourcecodester Online Discussion Forum Site 1.0Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Discussion Forum Site is vulnerable...
Avada plugin for WordPress cross-site scripting | CVE-2020-36711
NAME__________Avada plugin for WordPress cross-site scriptingPlatforms Affected:Avada Avada plugin for WordPress 6.2.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Avada plugin for WordPress is vulnerable...
