RedPacket Security - InfoSec News & Tutorials

Cobalt Strike Beacon Detected – 176[.]65[.]141[.]245:80

April 26, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 116[.]198[.]229[.]197:9999

April 26, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 43[.]139[.]124[.]56:8888

April 26, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 8[.]148[.]20[.]113:80

April 26, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 185[.]196[.]11[.]181:80

April 26, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2025-46520

April 25, 2025

Vulnerability Summary: CVE-2025-46520 Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies allows Stored XSS. This issue affects...

CVE Alert: CVE-2025-46523

April 25, 2025

Vulnerability Summary: CVE-2025-46523 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devignstudiosltd COVID-19 (Coronavirus) Update Your...

CVE Alert: CVE-2025-46522

April 25, 2025

Vulnerability Summary: CVE-2025-46522 Cross-Site Request Forgery (CSRF) vulnerability in Billy Bryant Tabs allows Stored XSS. This issue affects Tabs: from...

Vulnerability Summary: CVE-2025-46519 Missing Authorization vulnerability in Michael Revellin-Clerc Media Library Downloader allows Exploiting Incorrectly Configured Access Control Security Levels....

CVE Alert: CVE-2025-46521

April 25, 2025

Vulnerability Summary: CVE-2025-46521 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Silver Muru WS Force Login...

CVE Alert: CVE-2025-46533

April 25, 2025

Vulnerability Summary: CVE-2025-46533 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdrift.no Landing pages and Domain...

CVE Alert: CVE-2025-46531

April 25, 2025

Vulnerability Summary: CVE-2025-46531 Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) allows Server Side...

CVE Alert: CVE-2025-46534

April 25, 2025

Vulnerability Summary: CVE-2025-46534 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DanielRiera Image Style Hover allows...

CVE Alert: CVE-2025-46536

April 25, 2025

Vulnerability Summary: CVE-2025-46536 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RichardHarrison Carousel-of-post-images allows DOM-Based XSS....

CVE Alert: CVE-2025-46532

April 25, 2025

Vulnerability Summary: CVE-2025-46532 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haris Zulfiqar Tooltip allows DOM-Based...

[NITROGEN] – Ransomware Victim: M’AR De AR Hotels

April 25, 2025

Ransomware Group: NITROGEN VICTIM NAME: M'AR De AR Hotels NOTE: No files or stolen information are by RedPacket Security. Any...

HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-glue-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd

April 25, 2025

Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the Glue...

HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-cloudwatch-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd

April 25, 2025

HackerOne Bug Bounty Disclosure: non-production-api-endpoint-for-the-elasticache-service-fails-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd

April 25, 2025

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed