CVE Alert: CVE-2025-23411
Vulnerability Summary: CVE-2025-23411 mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain...
CVE Alert: CVE-2025-20615
Vulnerability Summary: CVE-2025-20615 The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist file....
CVE Alert: CVE-2025-22896
Vulnerability Summary: CVE-2025-22896 mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information. Affected...
CVE Alert: CVE-2025-25067
Vulnerability Summary: CVE-2025-25067 mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to...
CVE Alert: CVE-2025-1283
Vulnerability Summary: CVE-2025-1283 The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by...
[RHYSIDA] – Ransomware Victim: The Agency
Ransomware Group: RHYSIDA VICTIM NAME: The Agency NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-24865
Vulnerability Summary: CVE-2025-24865 The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an...
CVE Alert: CVE-2025-24836
Vulnerability Summary: CVE-2025-24836 With a specially crafted Python script, an attacker could send continuous startMeasurement commands over an unencrypted Bluetooth...
CVE Alert: CVE-2025-24861
Vulnerability Summary: CVE-2025-24861 An attacker may inject commands via specially-crafted post requests. Affected Endpoints: No affected endpoints listed. Published Date:...
CVE Alert: CVE-2025-23421
Vulnerability Summary: CVE-2025-23421 An attacker could obtain firmware files and reverse engineer their intended use leading to loss of confidentiality...
CVE Alert: CVE-2025-26473
Vulnerability Summary: CVE-2025-26473 The Mojave Inverter uses the GET method for sensitive information. Affected Endpoints: GET method Published Date: 2/13/2025,...
CVE Alert: CVE-2025-25195
Vulnerability Summary: CVE-2025-25195 Zulip is an open source team chat application. A weekly cron job (added in 50256f48314250978f521ef439cafa704e056539) demotes channels...
CVE Alert: CVE-2024-12054
Vulnerability Summary: CVE-2024-12054 ZF Roll Stability Support Plus (RSSPlus) is vulnerable to an authentication bypass vulnerability targeting deterministic RSSPlus SecurityAccess...
CVE Alert: CVE-2025-25281
Vulnerability Summary: CVE-2025-25281 An attacker may modify the URL to discover sensitive information about the target network. Affected Endpoints: No...
CVE Alert: CVE-2024-37602
Vulnerability Summary: CVE-2024-37602 An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible NULL...
CVE Alert: CVE-2024-37600
Vulnerability Summary: CVE-2024-37600 An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6 through 2021. A possible stack...
Securing the Connected World with IoT Safety Measures
The proliferation of the Internet of Things (IoT) has transformed how we interact with our environment, making our lives more...
North Korea’s Operation Marstech Mayhem Targets Crypto Developers
North Korea's latest campaign, named Operation Marstech Mayhem, aims to distribute crypto-stealing malware via open source components, significantly threatening crypto...
Seashell Blizzard Expansion: Russian Group Enlists Initial Access Subgroup for Global Operations
Seashell Blizzard, a Russian state cyber-actor, has integrated a specialized initial access subgroup to enhance its global reach and compromise...
EFF Fights Against DOGE and Elon Musk’s Access to Federal Workers’ Data
The Electronic Frontier Foundation (EFF) is spearheading a coalition to block Elon Musk’s Department of Government Efficiency (DOGE) from accessing...
Romance Baiting Losses Increase by 40% Yearly: A Serious Crypto Fraud Warning
In 2024, losses from romance baiting scams surged 40% year-on-year, highlighting a critical concern in the world of cryptocurrency fraud....
CISA and FBI Alert: Mitigating Buffer Overflow Vulnerabilities in Software
CISA and the FBI have issued a crucial alert emphasizing the importance of eliminating buffer overflow vulnerabilities in software development....
Astaroth: The Phishing Kit That Effectively Bypasses 2FA
Discover the sophisticated phishing kit called Astaroth, known for its advanced techniques that effectively bypass two-factor authentication (2FA) to compromise...
Doxbin (TOoDA) – 136,461 breached accounts
HIBP In February 2025, the "doxing" website Doxbin was compromised by a group calling themselves "TOoDA" and the data dumped...
