US-CERT Vulnerability Summary for the Week of June 2, 2025
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some...
[MEDUSA] – Ransomware Victim: Hartwig Mechanical Inc
Ransomware Group: MEDUSA VICTIM NAME: Hartwig Mechanical Inc NOTE: No files or stolen information are by RedPacket Security. Any legal...
[MEDUSA] – Ransomware Victim: San Jose Country Club
Ransomware Group: MEDUSA VICTIM NAME: San Jose Country Club NOTE: No files or stolen information are by RedPacket Security. Any...
[MEDUSA] – Ransomware Victim: Bumfords
Ransomware Group: MEDUSA VICTIM NAME: Bumfords NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[PLAY] – Ransomware Victim: Homestead Gardens
Ransomware Group: PLAY VICTIM NAME: Homestead Gardens NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[PLAY] – Ransomware Victim: Community Choice Credit Union
Ransomware Group: PLAY VICTIM NAME: Community Choice Credit Union NOTE: No files or stolen information are by RedPacket Security. Any...
HackerOne Bug Bounty Disclosure: path-traversal-vulnerability-in-lila-project-immm
Company Name: Lichess Company HackerOne URL: https://hackerone.com/lichess Submitted By:immmLink to Submitters Profile:https://hackerone.com/immm Report Title:Path Traversal Vulnerability in Lila ProjectReport Link:https://hackerone.com/reports/3181066Date...
[QILIN] – Ransomware Victim: dugoni
Ransomware Group: QILIN VICTIM NAME: dugoni NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[QILIN] – Ransomware Victim: girv
Ransomware Group: QILIN VICTIM NAME: girv NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: NyN
Ransomware Group: AKIRA VICTIM NAME: NyN NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[QILIN] – Ransomware Victim: ecoter
Ransomware Group: QILIN VICTIM NAME: ecoter NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-20063
Vulnerability Summary: CVE-2025-20063 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. Affected...
CVE Alert: CVE-2025-23235
Vulnerability Summary: CVE-2025-23235 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read. Affected Endpoints:...
CVE Alert: CVE-2025-24493
Vulnerability Summary: CVE-2025-24493 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition. Affected...
CVE Alert: CVE-2025-25217
Vulnerability Summary: CVE-2025-25217 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Affected...
CVE Alert: CVE-2025-21082
Vulnerability Summary: CVE-2025-21082 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. Affected...
CVE Alert: CVE-2025-27247
Vulnerability Summary: CVE-2025-27247 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. Affected...
CVE Alert: CVE-2025-27131
Vulnerability Summary: CVE-2025-27131 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Affected Endpoints:...
CVE Alert: CVE-2025-27563
Vulnerability Summary: CVE-2025-27563 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. Affected...
CVE Alert: CVE-2025-26693
Vulnerability Summary: CVE-2025-26693 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. Affected...
CVE Alert: CVE-2025-27242
Vulnerability Summary: CVE-2025-27242 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Affected Endpoints:...
[NIGHTSPIRE] – Ransomware Victim: Al Tadawi Specialty Hospital
Ransomware Group: NIGHTSPIRE VICTIM NAME: Al Tadawi Specialty Hospital NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2025-26691
Vulnerability Summary: CVE-2025-26691 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. Affected...
CVE Alert: CVE-2025-35005
Vulnerability Summary: CVE-2025-35005 Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in...
