CVE Alert: CVE-2025-46512
Vulnerability Summary: CVE-2025-46512 Cross-Site Request Forgery (CSRF) vulnerability in Shamim Hasan Custom Functions Plugin allows Stored XSS. This issue affects...
CVE Alert: CVE-2025-46511
Vulnerability Summary: CVE-2025-46511 Server-Side Request Forgery (SSRF) vulnerability in Derek Springer BeerXML Shortcode allows Server Side Request Forgery. This issue...
CVE Alert: CVE-2025-46524
Vulnerability Summary: CVE-2025-46524 Cross-Site Request Forgery (CSRF) vulnerability in stesvis WP Filter Post Category allows Stored XSS. This issue affects...
Cobalt Strike Beacon Detected – 107[.]189[.]25[.]246:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 103[.]122[.]221[.]199:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 176[.]65[.]141[.]245:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 116[.]198[.]229[.]197:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 43[.]139[.]124[.]56:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 8[.]148[.]20[.]113:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 185[.]196[.]11[.]181:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-46520
Vulnerability Summary: CVE-2025-46520 Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies allows Stored XSS. This issue affects...
CVE Alert: CVE-2025-46523
Vulnerability Summary: CVE-2025-46523 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devignstudiosltd COVID-19 (Coronavirus) Update Your...
CVE Alert: CVE-2025-46522
Vulnerability Summary: CVE-2025-46522 Cross-Site Request Forgery (CSRF) vulnerability in Billy Bryant Tabs allows Stored XSS. This issue affects Tabs: from...
CVE Alert: CVE-2025-46519
Vulnerability Summary: CVE-2025-46519 Missing Authorization vulnerability in Michael Revellin-Clerc Media Library Downloader allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-46521
Vulnerability Summary: CVE-2025-46521 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Silver Muru WS Force Login...
CVE Alert: CVE-2025-46533
Vulnerability Summary: CVE-2025-46533 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdrift.no Landing pages and Domain...
CVE Alert: CVE-2025-46531
Vulnerability Summary: CVE-2025-46531 Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) allows Server Side...
CVE Alert: CVE-2025-46534
Vulnerability Summary: CVE-2025-46534 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DanielRiera Image Style Hover allows...
CVE Alert: CVE-2025-46536
Vulnerability Summary: CVE-2025-46536 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RichardHarrison Carousel-of-post-images allows DOM-Based XSS....
CVE Alert: CVE-2025-46532
Vulnerability Summary: CVE-2025-46532 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haris Zulfiqar Tooltip allows DOM-Based...
[NITROGEN] – Ransomware Victim: M’AR De AR Hotels
Ransomware Group: NITROGEN VICTIM NAME: M'AR De AR Hotels NOTE: No files or stolen information are by RedPacket Security. Any...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-glue-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the Glue...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-cloudwatch-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the cloudwatch...
HackerOne Bug Bounty Disclosure: non-production-api-endpoint-for-the-elasticache-service-fails-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoint for the ElastiCache...
