CVE Alert: CVE-2025-0001
Vulnerability Summary: CVE-2025-0001 Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read...
CVE Alert: CVE-2025-23840
Vulnerability Summary: CVE-2025-23840 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webjema WP-NOTCAPTCHA allows Reflected XSS....
CVE Alert: CVE-2025-0714
Vulnerability Summary: CVE-2025-0714 The vulnerability existed in the password storage of Mobateks MobaXterm below 25.0. MobaXTerm uses an initialization vector...
CVE Alert: CVE-2025-26770
Vulnerability Summary: CVE-2025-26770 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Waymark allows Stored XSS....
CVE Alert: CVE-2025-26772
Vulnerability Summary: CVE-2025-26772 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor allows...
CVE Alert: CVE-2025-26758
Vulnerability Summary: CVE-2025-26758 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RebelCode Spotlight Social Media Feeds...
CVE Alert: CVE-2025-26769
Vulnerability Summary: CVE-2025-26769 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilia Inc. Vertex Addons for...
CVE Alert: CVE-2025-26771
Vulnerability Summary: CVE-2025-26771 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg...
[RHYSIDA] – Ransomware Victim: Buanderie Centrale de Montreal
Ransomware Group: RHYSIDA VICTIM NAME: Buanderie Centrale de Montreal NOTE: No files or stolen information are by RedPacket Security. Any...
[INCRANSOM] – Ransomware Victim: pyasolutions[.]com
Ransomware Group: INCRANSOM VICTIM NAME: pyasolutionscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[Palo Alto Networks Security Advisories] CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
Palo Alto Networks Security Advisories /CVE-2025-0108CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web InterfaceUrgencyHIGHEST047910Severity8.8 ·HIGHExploit MaturityATTACKEDResponse EffortMODERATERecoveryUSERValue DensityCONCENTRATEDAttack VectorNETWORKAttack ComplexityLOWAttack...
CVE Alert: CVE-2025-23845
Vulnerability Summary: CVE-2025-23845 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ERA404 ImageMeta allows Reflected XSS....
CVE Alert: CVE-2025-26773
Vulnerability Summary: CVE-2025-26773 Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-26775
Vulnerability Summary: CVE-2025-26775 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 BEAR allows Stored XSS....
CVE Alert: CVE-2025-26754
Vulnerability Summary: CVE-2025-26754 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Timeline Block allows Stored...
CVE Alert: CVE-2025-26778
Vulnerability Summary: CVE-2025-26778 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Gallery allows Stored XSS....
CVE Alert: CVE-2025-21103
Vulnerability Summary: CVE-2025-21103 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization...
CVE Alert: CVE-2024-13879
Vulnerability Summary: CVE-2024-13879 The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and...
CVE Alert: CVE-2025-1391
Vulnerability Summary: CVE-2025-1391 A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization...
CVE Alert: CVE-2025-1392
Vulnerability Summary: CVE-2025-1392 A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability...
CVE Alert: CVE-2024-25066
Vulnerability Summary: CVE-2024-25066 RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a license...
Immediate Action Needed: Palo Alto Networks and SonicWall Firewalls Vulnerabilities Exposed
Palo Alto Networks and SonicWall customers are urged to promptly address critical vulnerabilities affecting their firewall products. Palo Alto Networks...
New XCSSET MacOS Malware Variant Detected by Microsoft
Microsoft has identified a new variant of the XCSSET malware targeting MacOS users, focusing primarily on Xcode projects. This sophisticated...
Crypto Ponzi Scheme: Estonian Duo Plead Guilty to $577 Million Fraud
In a major development, two Estonian nationals have pled guilty to orchestrating a massive cryptocurrency Ponzi scheme, resulting in a...
