CVE Alert: CVE-2025-46533
Vulnerability Summary: CVE-2025-46533 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdrift.no Landing pages and Domain...
CVE Alert: CVE-2025-46531
Vulnerability Summary: CVE-2025-46531 Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) allows Server Side...
CVE Alert: CVE-2025-46534
Vulnerability Summary: CVE-2025-46534 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DanielRiera Image Style Hover allows...
CVE Alert: CVE-2025-46536
Vulnerability Summary: CVE-2025-46536 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RichardHarrison Carousel-of-post-images allows DOM-Based XSS....
CVE Alert: CVE-2025-46532
Vulnerability Summary: CVE-2025-46532 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haris Zulfiqar Tooltip allows DOM-Based...
[NITROGEN] – Ransomware Victim: M’AR De AR Hotels
Ransomware Group: NITROGEN VICTIM NAME: M'AR De AR Hotels NOTE: No files or stolen information are by RedPacket Security. Any...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-glue-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the Glue...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-cloudwatch-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the cloudwatch...
HackerOne Bug Bounty Disclosure: non-production-api-endpoint-for-the-elasticache-service-fails-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoint for the ElastiCache...
[HUNTERS] – Ransomware Victim: Kenworth Del Sur
Ransomware Group: HUNTERS VICTIM NAME: Kenworth Del Sur NOTE: No files or stolen information are by RedPacket Security. Any legal...
[LYNX] – Ransomware Victim: shgcpa[.]com
Ransomware Group: LYNX VICTIM NAME: shgcpacom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LYNX] – Ransomware Victim: corporateflight[.]com
Ransomware Group: LYNX VICTIM NAME: corporateflightcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: DYNAMIS Insurance
Ransomware Group: AKIRA VICTIM NAME: DYNAMIS Insurance NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[AKIRA] – Ransomware Victim: J[.] SCHNEEBERGER Maschinen AG
Ransomware Group: AKIRA VICTIM NAME: J SCHNEEBERGER Maschinen AG NOTE: No files or stolen information are by RedPacket Security. Any...
[HUNTERS] – Ransomware Victim: Kasb Bank – K-Trade
Ransomware Group: HUNTERS VICTIM NAME: Kasb Bank - K-Trade NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2025-46542
Vulnerability Summary: CVE-2025-46542 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeXpert Xpert Tab allows Stored...
CVE Alert: CVE-2025-46530
Vulnerability Summary: CVE-2025-46530 Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment allows Stored XSS. This issue affects...
CVE Alert: CVE-2025-46529
Vulnerability Summary: CVE-2025-46529 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StressFree Sites Business Contact Widget...
CVE Alert: CVE-2025-46541
Vulnerability Summary: CVE-2025-46541 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elrata_ WP-reCAPTCHA-bp allows Stored XSS....
CVE Alert: CVE-2025-46528
Vulnerability Summary: CVE-2025-46528 Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar:...
CVE Alert: CVE-2025-46538
Vulnerability Summary: CVE-2025-46538 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webplanetsoft Inline Text Popup allows...
CVE Alert: CVE-2025-43858
Vulnerability Summary: CVE-2025-43858 YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4...
CVE Alert: CVE-2024-30114
Vulnerability Summary: CVE-2024-30114 Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment. Affected Endpoints: No affected...
CVE Alert: CVE-2025-46540
Vulnerability Summary: CVE-2025-46540 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Mok GNA Search Shortcode...
