Cobalt Strike Beacon Detected – 47[.]117[.]125[.]219:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 154[.]8[.]233[.]224:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[QILIN] – Ransomware Victim: innovasystems[.]com
Ransomware Group: QILIN VICTIM NAME: innovasystemscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-5117
Vulnerability Summary: CVE-2025-5117 The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on...
CVE Alert: CVE-2025-5271
Vulnerability Summary: CVE-2025-5271 Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability...
CVE Alert: CVE-2025-5244
Vulnerability Summary: CVE-2025-5244 A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected...
CVE Alert: CVE-2025-41649
Vulnerability Summary: CVE-2025-41649 An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a...
CVE Alert: CVE-2025-5270
Vulnerability Summary: CVE-2025-5270 In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability...
CVE Alert: CVE-2025-5269
Vulnerability Summary: CVE-2025-5269 Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory...
CVE Alert: CVE-2025-5266
Vulnerability Summary: CVE-2025-5266 Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This...
CVE Alert: CVE-2025-5268
Vulnerability Summary: CVE-2025-5268 Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of...
CVE Alert: CVE-2025-5265
Vulnerability Summary: CVE-2025-5265 Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could...
CVE Alert: CVE-2025-5267
Vulnerability Summary: CVE-2025-5267 A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details...
[BLACKLOCK] – Ransomware Victim: Quick Frames USA
Ransomware Group: BLACKLOCK VICTIM NAME: Quick Frames USA NOTE: No files or stolen information are by RedPacket Security. Any legal...
[RHYSIDA] – Ransomware Victim: Cator Ruma & Associates
Ransomware Group: RHYSIDA VICTIM NAME: Cator Ruma & Associates NOTE: No files or stolen information are by RedPacket Security. Any...
HackerOne Bug Bounty Disclosure: amazon-kendra-intelligent-ranking-service-reporting-aws-internal-for-cloudtrail-events-generated-from-fips-endpoints-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Amazon Kendra Intelligent Ranking Service Reporting...
HackerOne Bug Bounty Disclosure: non-production-api-endpoint-for-the-eventbridge-service-fails-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoint for the EventBridge...
HackerOne Bug Bounty Disclosure: amazon-pinpoint-sms-and-voice-version-service-reporting-aws-internal-for-cloudtrail-events-generated-from-fips-endpoints-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Amazon Pinpoint SMS and Voice, version...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-health-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the Health...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-global-accelerator-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the Global...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-bedrock-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the bedrock...
HackerOne Bug Bounty Disclosure: cve-no-quic-certificate-pinning-with-wolfssl-kurohiro
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:kurohiroLink to Submitters Profile:https://hackerone.com/kurohiro Report Title:CVE-2025-5025: No QUIC certificate pinning with wolfSSLReport...
HackerOne Bug Bounty Disclosure: remote-code-execution-via-unsafe-usage-of-reply-view-raw-in-fastify-view-ejs-template-engine-oblivionsage
Company Name: Fastify Company HackerOne URL: https://hackerone.com/fastify Submitted By:oblivionsageLink to Submitters Profile:https://hackerone.com/oblivionsage Report Title:Remote Code Execution via unsafe usage of...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-bedrock-agent-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the bedrock-agent...
