Cobalt Strike Beacon Detected – 8[.]152[.]99[.]85:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 117[.]72[.]96[.]48:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-53347
Vulnerability Summary: CVE-2025-53347 Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request Forgery. This issue affects Kalium:...
CVE Alert: CVE-2025-54715
Vulnerability Summary: CVE-2025-54715 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of...
CVE Alert: CVE-2025-53575
Vulnerability Summary: CVE-2025-53575 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in primersoftware Primer MyData for Woocommerce...
CVE Alert: CVE-2025-54712
Vulnerability Summary: CVE-2025-54712 Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This...
CVE Alert: CVE-2025-54717
Vulnerability Summary: CVE-2025-54717 Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-54729
Vulnerability Summary: CVE-2025-54729 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webba Appointment Booking Webba Booking...
CVE Alert: CVE-2025-54730
Vulnerability Summary: CVE-2025-54730 Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews allows Accessing Functionality Not Properly Constrained by...
CVE Alert: CVE-2025-54708
Vulnerability Summary: CVE-2025-54708 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks allows DOM-Based...
CVE Alert: CVE-2025-54054
Vulnerability Summary: CVE-2025-54054 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step...
CVE Alert: CVE-2025-54728
Vulnerability Summary: CVE-2025-54728 Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request...
HackerOne Bug Bounty Disclosure: rails-debug-mode-enabled-on-hxxps-testrail-files-md-tarun-sec
Company Name: Malwarebytes Company HackerOne URL: https://hackerone.com/malwarebytes Submitted By:tarun_secLink to Submitters Profile:https://hackerone.com/tarun_sec Report Title:Rails Debug Mode Enabled On ( hXXps://44208145207/testrail/filesmd5...
HackerOne Bug Bounty Disclosure: replayable-password-change-request-across-sessions-mantu
Company Name: Malwarebytes Company HackerOne URL: https://hackerone.com/malwarebytes Submitted By:mantu1738Link to Submitters Profile:https://hackerone.com/mantu1738 Report Title:Replayable Password Change Request Across SessionsReport Link:https://hackerone.com/reports/3269777Date...
HackerOne Bug Bounty Disclosure: email-verification-bypass-via-race-condition-sijojohnson
Company Name: Malwarebytes Company HackerOne URL: https://hackerone.com/malwarebytes Submitted By:sijojohnsonLink to Submitters Profile:https://hackerone.com/sijojohnson Report Title:Email Verification Bypass via Race ConditionReport Link:https://hackerone.com/reports/3020733Date...
CVE Alert: CVE-2025-54739
Vulnerability Summary: CVE-2025-54739 Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-54740
Vulnerability Summary: CVE-2025-54740 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog...
CVE Alert: CVE-2025-54736
Vulnerability Summary: CVE-2025-54736 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded...
CVE Alert: CVE-2025-54727
Vulnerability Summary: CVE-2025-54727 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM On Demand Search...
CVE Alert: CVE-2025-54732
Vulnerability Summary: CVE-2025-54732 Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This...
CVE Alert: CVE-2025-54747
Vulnerability Summary: CVE-2025-54747 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS....
CVE Alert: CVE-2025-55708
Vulnerability Summary: CVE-2025-55708 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz...
CVE Alert: CVE-2025-55709
Vulnerability Summary: CVE-2025-55709 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website...
CVE Alert: CVE-2025-54749
Vulnerability Summary: CVE-2025-54749 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS....
