CVE Alert: CVE-2025-23846
Vulnerability Summary: CVE-2025-23846 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kolja Nolte Flexible Blogtitle allows...
CVE Alert: CVE-2025-23867
Vulnerability Summary: CVE-2025-23867 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WordPress File Search allows...
[CLOAK] – Ransomware Victim: Bwfg[.]at
Ransomware Group: CLOAK VICTIM NAME: Bwfgat NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
HackerOne Bug Bounty Disclosure: post-based-cross-site-scripting-on-ibm-research-endpoint-youssifs
Company Name: IBM Company HackerOne URL: https://hackerone.com/ibm Submitted By:youssifs7Link to Submitters Profile:https://hackerone.com/youssifs7 Report Title:POST based Cross-Site Scripting on IBM research...
HackerOne Bug Bounty Disclosure: usage-of-unsafe-random-function-in-undici-for-choosing-boundary-parrot
Company Name: Node.js Company HackerOne URL: https://hackerone.com/nodejs Submitted By:parrot409Link to Submitters Profile:https://hackerone.com/parrot409 Report Title:Usage of unsafe random function in undici...
[FOG] – Ransomware Victim: Kooijman Vianen (kooijmanvianen[.]nl)
Ransomware Group: FOG VICTIM NAME: Kooijman Vianen (kooijmanvianennl) NOTE: No files or stolen information are by RedPacket Security. Any legal...
[RANSOMHUB] – Ransomware Victim: samsill[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: samsillcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: archaeologicalresearchservices[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: archaeologicalresearchservicescom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...
[AKIRA] – Ransomware Victim: Enghouse (ex[.] Navita)
Ransomware Group: AKIRA VICTIM NAME: Enghouse (ex Navita) NOTE: No files or stolen information are by RedPacket Security. Any legal...
[INCRANSOM] – Ransomware Victim: starkaerospace[.]com
Ransomware Group: INCRANSOM VICTIM NAME: starkaerospacecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: WorldNet Telecommunications LLC
Ransomware Group: AKIRA VICTIM NAME: WorldNet Telecommunications LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-23811
Vulnerability Summary: CVE-2025-23811 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP2APP allows Reflected XSS....
CVE Alert: CVE-2025-23938
Vulnerability Summary: CVE-2025-23938 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound...
CVE Alert: CVE-2025-23803
Vulnerability Summary: CVE-2025-23803 Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue affects Snippy: from n/a...
CVE Alert: CVE-2025-23932
Vulnerability Summary: CVE-2025-23932 Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection. This issue affects Quick Count:...
CVE Alert: CVE-2025-23806
Vulnerability Summary: CVE-2025-23806 Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows Reflected XSS. This issue affects Ultimate Subscribe:...
CVE Alert: CVE-2025-23910
Vulnerability Summary: CVE-2025-23910 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Menus Plus+...
CVE Alert: CVE-2025-23918
Vulnerability Summary: CVE-2025-23918 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser allows Upload a Web...
CVE Alert: CVE-2025-23931
Vulnerability Summary: CVE-2025-23931 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WordPress Local...
CVE Alert: CVE-2025-23882
Vulnerability Summary: CVE-2025-23882 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Download Codes allows...
CVE Alert: CVE-2025-23921
Vulnerability Summary: CVE-2025-23921 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for Gravity Forms allows Upload...
[FUNKSEC] – Ransomware Victim: punjab[.]gov[.]pk
Ransomware Group: FUNKSEC VICTIM NAME: punjabgovpk NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[MONTI] – Ransomware Victim: Omni Fiber LLC
Ransomware Group: MONTI VICTIM NAME: Omni Fiber LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...
