Cobalt Strike Beacon Detected – 8[.]140[.]239[.]162:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]43[.]2[.]116:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 180[.]76[.]244[.]133:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 113[.]45[.]4[.]235:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 8[.]148[.]20[.]113:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 156[.]233[.]233[.]134:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-49182
Vulnerability Summary: CVE-2025-49182 Files in the source code contain login credentials for the admin user and the property configuration password,...
CVE Alert: CVE-2025-49181
Vulnerability Summary: CVE-2025-49181 Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather...
CVE Alert: CVE-2025-49185
Vulnerability Summary: CVE-2025-49185 The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboard widgets can...
CVE Alert: CVE-2025-49184
Vulnerability Summary: CVE-2025-49184 A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration...
CVE Alert: CVE-2025-49183
Vulnerability Summary: CVE-2025-49183 All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an...
CVE Alert: CVE-2025-49188
Vulnerability Summary: CVE-2025-49188 The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information...
CVE Alert: CVE-2025-49189
Vulnerability Summary: CVE-2025-49189 The HttpOnlyflag of the session cookie \"@@\" is set to false. Since this flag helps preventing access...
CVE Alert: CVE-2025-49190
Vulnerability Summary: CVE-2025-49190 The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server...
CVE Alert: CVE-2025-49191
Vulnerability Summary: CVE-2025-49191 Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs...
CVE Alert: CVE-2025-49187
Vulnerability Summary: CVE-2025-49187 For failed login attempts, the application returns different error messages depending on whether the login failed due...
[QILIN] – Ransomware Victim: faycom
Ransomware Group: QILIN VICTIM NAME: faycom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-49196
Vulnerability Summary: CVE-2025-49196 A service supports the use of a deprecated and unsafe TLS version. This could be exploited to...
CVE Alert: CVE-2025-49197
Vulnerability Summary: CVE-2025-49197 The application uses a weak password hash function, allowing an attacker to crack the weak password hash...
CVE Alert: CVE-2025-49186
Vulnerability Summary: CVE-2025-49186 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time...
CVE Alert: CVE-2025-49194
Vulnerability Summary: CVE-2025-49194 The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an...
CVE Alert: CVE-2025-49195
Vulnerability Summary: CVE-2025-49195 The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker to brute-force user passwords...
CVE Alert: CVE-2025-49199
Vulnerability Summary: CVE-2025-49199 The backup ZIPs are not signed by the application, leading to the possibility that an attacker can...
CVE Alert: CVE-2025-49198
Vulnerability Summary: CVE-2025-49198 The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to...
