CVE Alert: CVE-2025-28382
Vulnerability Summary: CVE-2025-28382 An issue in the openc3-api/tables endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal....
CVE Alert: CVE-2025-28381
Vulnerability Summary: CVE-2025-28381 A credential leak in OpenC3 COSMOS v6.0.0 allows attackers to access service credentials as environment variables stored...
CVE Alert: CVE-2025-36633
Vulnerability Summary: CVE-2025-36633 In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative...
CVE Alert: CVE-2025-36631
Vulnerability Summary: CVE-2025-36631 In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative...
CVE Alert: CVE-2025-48914
Vulnerability Summary: CVE-2025-48914 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows...
CVE Alert: CVE-2025-48917
Vulnerability Summary: CVE-2025-48917 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal EU Cookie Compliance (GDPR...
CVE Alert: CVE-2025-48920
Vulnerability Summary: CVE-2025-48920 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal etracker allows Cross-Site Scripting...
CVE Alert: CVE-2025-48915
Vulnerability Summary: CVE-2025-48915 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows...
CVE Alert: CVE-2025-48916
Vulnerability Summary: CVE-2025-48916 Missing Authorization vulnerability in Drupal Bookable Calendar allows Forceful Browsing.This issue affects Bookable Calendar: from 0.0.0 before...
[HANDALA] – Ransomware Victim: Y[.]G[.] New Idan
Ransomware Group: HANDALA VICTIM NAME: YG New Idan NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-48919
Vulnerability Summary: CVE-2025-48919 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Simple Klaro allows Cross-Site...
CVE Alert: CVE-2025-49597
Vulnerability Summary: CVE-2025-49597 handcraftedinthealps goodby-csv is a highly memory efficient, flexible and extendable open-source CSV import/export library. Prior to 1.4.3,...
CVE Alert: CVE-2025-48918
Vulnerability Summary: CVE-2025-48918 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Simple Klaro allows Cross-Site...
CVE Alert: CVE-2025-6052
Vulnerability Summary: CVE-2025-6052 A flaw was found in how GLib’s GString manages memory when adding data to strings. If a...
CVE Alert: CVE-2025-6035
Vulnerability Summary: CVE-2025-6035 A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The...
CVE Alert: CVE-2025-25050
Vulnerability Summary: CVE-2025-25050 An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell...
CVE Alert: CVE-2025-24922
Vulnerability Summary: CVE-2025-24922 A stack-based buffer overflow vulnerability exists in the securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and...
CVE Alert: CVE-2025-24311
Vulnerability Summary: CVE-2025-24311 An out-of-bounds read vulnerability exists in the cv_send_blockdata functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell...
CVE Alert: CVE-2025-25215
Vulnerability Summary: CVE-2025-25215 An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell...
CVE Alert: CVE-2025-24919
Vulnerability Summary: CVE-2025-24919 A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14...
Behold! Humanity Has Captured Our First Look At The Sun’s South Pole
Occupants of planet Earth can’t see the Sun’s poles – unless they look at images the Solar Orbiter spacecraft has...
[KILLSEC] – Ransomware Victim: NewGen
Ransomware Group: KILLSEC VICTIM NAME: NewGen NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[KILLSEC] – Ransomware Victim: StudentKare
Ransomware Group: KILLSEC VICTIM NAME: StudentKare NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Ualabee – 472,296 breached accounts
HIBP In May 2025, the South American mobility services platform Ualabee had hundreds of thousands of records scraped from an...
