[HELLCAT] – Ransomware Victim: www
Ransomware Group: HELLCAT VICTIM NAME: www NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
HackerOne Bug Bounty Disclosure: -names-nsf-and-all-names-files-route-to-public-api-on-rubygems-org-jagat-singh
Company Name: RubyGems Company HackerOne URL: https://hackerone.com/rubygems Submitted By:jagat-singhLink to Submitters Profile:https://hackerone.com/jagat-singh Report Title:`/namesnsf` and all `/names*` files route to...
[MONTI] – Ransomware Victim: American Eagle Logistics
Ransomware Group: MONTI VICTIM NAME: American Eagle Logistics NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-3488
Vulnerability Summary: CVE-2025-3488 The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpml_language_switcher shortcode in...
CVE Alert: CVE-2025-3438
Vulnerability Summary: CVE-2025-3438 The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is...
CVE Alert: CVE-2025-3513
Vulnerability Summary: CVE-2025-3513 The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which...
CVE Alert: CVE-2025-47201
Vulnerability Summary: CVE-2025-47201 In Intrexx Portal Server before 12.0.4, multiple Velocity-Scripts are susceptible to the execution of unrequested JavaScript code...
CVE Alert: CVE-2025-3514
Vulnerability Summary: CVE-2025-3514 The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which...
CVE Alert: CVE-2025-2812
Vulnerability Summary: CVE-2025-2812 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket...
CVE Alert: CVE-2024-11142
Vulnerability Summary: CVE-2024-11142 Cross-Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery.This issue affects...
CVE Alert: CVE-2024-13860
Vulnerability Summary: CVE-2024-13860 The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bbp_topic_title’ parameter in...
CVE Alert: CVE-2024-13859
Vulnerability Summary: CVE-2024-13859 The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bp_nouveau_ajax_media_save’ function in...
CVE Alert: CVE-2024-13858
Vulnerability Summary: CVE-2024-13858 The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in...
[BERT] – Ransomware Victim: SIMCO Electronics (UPDATE 5/3/2025)
Ransomware Group: BERT VICTIM NAME: SIMCO Electronics (UPDATE 5/3/2025) NOTE: No files or stolen information are by RedPacket Security. Any...
SubGPT – Find Subdomains With GPT, For Free
SubGPT looks at subdomains you have already discovered for a domain and uses BingGPT to find more. Best part? It's...
Cobalt Strike Beacon Detected – 46[.]30[.]188[.]46:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]116[.]116[.]87:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 111[.]229[.]219[.]82:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 49[.]232[.]62[.]197:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 1[.]95[.]8[.]175:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 196[.]251[.]71[.]251:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-1301
Vulnerability Summary: CVE-2025-1301 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library...
CVE Alert: CVE-2025-2488
Vulnerability Summary: CVE-2025-2488 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox...
CVE Alert: CVE-2025-2605
Vulnerability Summary: CVE-2025-2605 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure...
