CVE Alert: CVE-2025-2540
Vulnerability Summary: CVE-2025-2540 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library (version...
CVE Alert: CVE-2025-2537
Vulnerability Summary: CVE-2025-2537 Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library...
CVE Alert: CVE-2025-27460
Vulnerability Summary: CVE-2025-27460 The hard drives of the device are not encrypted using a full volume encryption feature such as...
CVE Alert: CVE-2025-27461
Vulnerability Summary: CVE-2025-27461 During startup, the device automatically logs in the EPC2 Windows user without requesting a password. Affected Endpoints:...
CVE Alert: CVE-2025-49618
Vulnerability Summary: CVE-2025-49618 In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint....
CVE Alert: CVE-2025-27459
Vulnerability Summary: CVE-2025-27459 The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES...
[AKIRA] – Ransomware Victim: DKN Hotels
Ransomware Group: AKIRA VICTIM NAME: DKN Hotels NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[AKIRA] – Ransomware Victim: Corinthian Media
Ransomware Group: AKIRA VICTIM NAME: Corinthian Media NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-49595
Vulnerability Summary: CVE-2025-49595 n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability...
CVE Alert: CVE-2025-43713
Vulnerability Summary: CVE-2025-43713 ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system...
CVE Alert: CVE-2025-3702
Vulnerability Summary: CVE-2025-3702 Missing Authorization vulnerability in Melapress Melapress File Monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...
CVE Alert: CVE-2025-2932
Vulnerability Summary: CVE-2025-2932 The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation...
CVE Alert: CVE-2025-49032
Vulnerability Summary: CVE-2025-49032 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PublishPress Gutenberg Blocks allows Stored...
CVE Alert: CVE-2025-50260
Vulnerability Summary: CVE-2025-50260 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter. Affected...
CVE Alert: CVE-2025-50263
Vulnerability Summary: CVE-2025-50263 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the list parameter. Affected...
CVE Alert: CVE-2025-50262
Vulnerability Summary: CVE-2025-50262 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter. Affected...
CVE Alert: CVE-2025-50258
Vulnerability Summary: CVE-2025-50258 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the SetSysTimeCfg function via the time parameter. Affected...
CVE Alert: CVE-2025-5961
Vulnerability Summary: CVE-2025-5961 The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file...
Brute Ratel C4 Detected – 52[.]197[.]160[.]186:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
[QILIN] – Ransomware Victim: knightknox
Ransomware Group: QILIN VICTIM NAME: knightknox NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[IMNCREW] – Ransomware Victim: Apntelecom[.]com
Ransomware Group: IMNCREW VICTIM NAME: Apntelecomcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-53490
Vulnerability Summary: CVE-2025-53490 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki...
CVE Alert: CVE-2025-45938
Vulnerability Summary: CVE-2025-45938 Akeles Out of Office Assistant for Jira 4.0.1 is vulberable to Cross Site Scripting (XSS) via the...
CVE Alert: CVE-2025-53500
Vulnerability Summary: CVE-2025-53500 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki...
