CVE Alert: CVE-2025-26769
Vulnerability Summary: CVE-2025-26769 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilia Inc. Vertex Addons for...
CVE Alert: CVE-2025-26771
Vulnerability Summary: CVE-2025-26771 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg...
[RHYSIDA] – Ransomware Victim: Buanderie Centrale de Montreal
Ransomware Group: RHYSIDA VICTIM NAME: Buanderie Centrale de Montreal NOTE: No files or stolen information are by RedPacket Security. Any...
[INCRANSOM] – Ransomware Victim: pyasolutions[.]com
Ransomware Group: INCRANSOM VICTIM NAME: pyasolutionscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[Palo Alto Networks Security Advisories] CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
Palo Alto Networks Security Advisories /CVE-2025-0108CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web InterfaceUrgencyHIGHEST047910Severity8.8 ·HIGHExploit MaturityATTACKEDResponse EffortMODERATERecoveryUSERValue DensityCONCENTRATEDAttack VectorNETWORKAttack ComplexityLOWAttack...
CVE Alert: CVE-2025-23845
Vulnerability Summary: CVE-2025-23845 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ERA404 ImageMeta allows Reflected XSS....
CVE Alert: CVE-2025-26773
Vulnerability Summary: CVE-2025-26773 Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-26775
Vulnerability Summary: CVE-2025-26775 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 BEAR allows Stored XSS....
CVE Alert: CVE-2025-26754
Vulnerability Summary: CVE-2025-26754 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Timeline Block allows Stored...
CVE Alert: CVE-2025-26778
Vulnerability Summary: CVE-2025-26778 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Gallery allows Stored XSS....
CVE Alert: CVE-2025-21103
Vulnerability Summary: CVE-2025-21103 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization...
CVE Alert: CVE-2024-13879
Vulnerability Summary: CVE-2024-13879 The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and...
CVE Alert: CVE-2025-1391
Vulnerability Summary: CVE-2025-1391 A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization...
CVE Alert: CVE-2025-1392
Vulnerability Summary: CVE-2025-1392 A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability...
CVE Alert: CVE-2024-25066
Vulnerability Summary: CVE-2024-25066 RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a license...
Immediate Action Needed: Palo Alto Networks and SonicWall Firewalls Vulnerabilities Exposed
Palo Alto Networks and SonicWall customers are urged to promptly address critical vulnerabilities affecting their firewall products. Palo Alto Networks...
New XCSSET MacOS Malware Variant Detected by Microsoft
Microsoft has identified a new variant of the XCSSET malware targeting MacOS users, focusing primarily on Xcode projects. This sophisticated...
Crypto Ponzi Scheme: Estonian Duo Plead Guilty to $577 Million Fraud
In a major development, two Estonian nationals have pled guilty to orchestrating a massive cryptocurrency Ponzi scheme, resulting in a...
Pro-Russia Hackers NoName057(16) Launch DDoS Attacks on Italian Banks and Airports
A wave of DDoS attacks by the pro-Russia group NoName057(16) has targeted Italian banks and airports, prompting swift cybersecurity responses....
South Korea Suspends AI Chatbot DeepSeek Due to Data Protection Concerns
South Korea has halted new downloads of the Chinese AI chatbot DeepSeek as it faces scrutiny for violating data protection...
Telegram as a C2 Channel for New Golang Malware: What You Need to Know
Explore how Telegram is being utilized as a command and control (C2) channel for a newly discovered Golang malware variant....
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap
CISA and Partners Release Call to Action to Close the National Software Understanding Gap Today, CISA—in partnership with the Defense Advanced...
CISA: Microsoft Releases January 2025 Security Updates
Microsoft Releases January 2025 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...
