CVE Alert: CVE-2025-39554
Vulnerability Summary: CVE-2025-39554 Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-39550
Vulnerability Summary: CVE-2025-39550 Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity allows Object Injection. This issue affects FluentCommunity: from...
CVE Alert: CVE-2025-39558
Vulnerability Summary: CVE-2025-39558 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks allows...
CVE Alert: CVE-2025-39551
Vulnerability Summary: CVE-2025-39551 Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards allows Object Injection. This issue affects FluentBoards:...
Cobalt Strike Beacon Detected – 47[.]92[.]204[.]3:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 120[.]27[.]235[.]78:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 120[.]27[.]235[.]78:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 118[.]195[.]243[.]223:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-39535
Vulnerability Summary: CVE-2025-39535 Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos allows Authentication Abuse. This issue...
CVE Alert: CVE-2025-39586
Vulnerability Summary: CVE-2025-39586 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows...
CVE Alert: CVE-2025-39542
Vulnerability Summary: CVE-2025-39542 Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat allows Privilege Escalation. This issue affects Xelion Webchat:...
CVE Alert: CVE-2025-39588
Vulnerability Summary: CVE-2025-39588 Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue...
CVE Alert: CVE-2025-39587
Vulnerability Summary: CVE-2025-39587 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix Cost Calculator...
CVE Alert: CVE-2025-39568
Vulnerability Summary: CVE-2025-39568 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arture B.V. StoreContrl Woocommerce...
CVE Alert: CVE-2025-39580
Vulnerability Summary: CVE-2025-39580 Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects...
CVE Alert: CVE-2025-39567
Vulnerability Summary: CVE-2025-39567 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamalli Web Directory Free allows...
CVE Alert: CVE-2025-39583
Vulnerability Summary: CVE-2025-39583 Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-39569
Vulnerability Summary: CVE-2025-39569 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in taskbuilder Taskbuilder allows...
HackerOne Bug Bounty Disclosure: sys-fsc-h-ctrl-kernel-stack-free-theflow
Company Name: PlayStation Company HackerOne URL: https://hackerone.com/playstation Submitted By:theflow0Link to Submitters Profile:https://hackerone.com/theflow0 Report Title:sys_fsc2h_ctrl kernel stack freeReport Link:https://hackerone.com/reports/2900606Date Submitted:18 April...
[SKIRA] – Ransomware Victim: Independent Title Agency, LLC (“ITA”) (USA)
Ransomware Group: SKIRA VICTIM NAME: Independent Title Agency, LLC ("ITA") (USA) NOTE: No files or stolen information are by RedPacket...
[LYNX] – Ransomware Victim: dhsmithco[.]com
Ransomware Group: LYNX VICTIM NAME: dhsmithcocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SKIRA] – Ransomware Victim: April, 18, 2025: Independent Title Agency, LLC (“ITA”) (USA hacked[.] 932[.]4 GiB is for selli[.][.][.]
Ransomware Group: SKIRA VICTIM NAME: April, 18, 2025: Independent Title Agency, LLC ("ITA") (USA hacked 9324 GiB is for selli...
[AKIRA] – Ransomware Victim: Heinz Hammer Vertragswerkstatt (Mercedes-Benz car dealer)
Ransomware Group: AKIRA VICTIM NAME: Heinz Hammer Vertragswerkstatt (Mercedes-Benz car dealer) NOTE: No files or stolen information are by RedPacket...
[AKIRA] – Ransomware Victim: Agencia Browne y Espinoza
Ransomware Group: AKIRA VICTIM NAME: Agencia Browne y Espinoza NOTE: No files or stolen information are by RedPacket Security. Any...
