[NITROGEN] – Ransomware Victim: Akromold
Ransomware Group: NITROGEN VICTIM NAME: Akromold NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[NITROGEN] – Ransomware Victim: Research Electronics International
Ransomware Group: NITROGEN VICTIM NAME: Research Electronics International NOTE: No files or stolen information are by RedPacket Security. Any legal...
HackerOne Bug Bounty Disclosure: the-initial-e-ee-password-generated-by-rocket-chat-mobile-can-be-recovered-in-a-practical-timescale-h
Company Name: Rocket.Chat Company HackerOne URL: https://hackerone.com/rocket_chat Submitted By:h0011Link to Submitters Profile:https://hackerone.com/h0011 Report Title:The initial E2EE password generated by RocketChat...
HackerOne Bug Bounty Disclosure: posts-sent-via-websockets-aren-t-sanitized-properly-c-rydoras
Company Name: Mattermost Company HackerOne URL: https://hackerone.com/mattermost Submitted By:c0rydorasLink to Submitters Profile:https://hackerone.com/c0rydoras Report Title:Posts sent via websockets aren't sanitized properlyReport...
HackerOne Bug Bounty Disclosure: idor-exposes-all-machine-learning-models-moblig
Company Name: GitLab Company HackerOne URL: https://hackerone.com/gitlab Submitted By:mobligLink to Submitters Profile:https://hackerone.com/moblig Report Title:IDOR Exposes All Machine Learning ModelsReport Link:https://hackerone.com/reports/2528293Date...
HackerOne Bug Bounty Disclosure: xss-when-using-translate-in-action-controller-rails-ooooooo-q
Company Name: Ruby on Rails Company HackerOne URL: https://hackerone.com/rails Submitted By:ooooooo_qLink to Submitters Profile:https://hackerone.com/ooooooo_q Report Title:XSS when using `translate` in...
HackerOne Bug Bounty Disclosure: remove-obsolete-domain-from-handbook-subdomain-tefa
Company Name: GitLab Company HackerOne URL: https://hackerone.com/gitlab Submitted By:tefa_Link to Submitters Profile:https://hackerone.com/tefa_ Report Title:Remove obsolete domain from handbook subdomainReport Link:https://hackerone.com/reports/2599840Date...
HackerOne Bug Bounty Disclosure: ibm-openpages-vulnerable-to-exposure-of-sensitive-information–xhassan
Company Name: IBM Company HackerOne URL: https://hackerone.com/ibm Submitted By:0xhassanLink to Submitters Profile:https://hackerone.com/0xhassan Report Title:IBM OpenPages vulnerable to exposure of sensitive...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 1, 2024. These...
[MADLIBERATOR] – Ransomware Victim: marthamedeiros[.]com[.]br
Ransomware Group: MADLIBERATOR VICTIM NAME: marthamedeiroscombr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: CSG Consultants
Ransomware Group: AKIRA VICTIM NAME: CSG Consultants NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[ELDORADO] – Ransomware Victim: aberdeenwa[.]gov
Ransomware Group: ELDORADO VICTIM NAME: aberdeenwagov NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-45920
Vulnerability Summary: CVE-2024-45920 A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into...
CVE Alert: CVE-2024-45772
Vulnerability Summary: CVE-2024-45772 Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from...
CVE Alert: CVE-2024-47172
Vulnerability Summary: CVE-2024-47172 Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An...
CVE Alert: CVE-2024-47641
Vulnerability Summary: CVE-2024-47641 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloperr Confetti Fall...
CVE Alert: CVE-2024-46313
Vulnerability Summary: CVE-2024-46313 TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm. Affected Endpoints: No...
CVE Alert: CVE-2024-47531
Vulnerability Summary: CVE-2024-47531 Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it...
CVE Alert: CVE-2024-46280
Vulnerability Summary: CVE-2024-46280 PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials...
CVE Alert: CVE-2024-46293
Vulnerability Summary: CVE-2024-46293 Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of...
CVE Alert: CVE-2024-47530
Vulnerability Summary: CVE-2024-47530 Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by...
CVE Alert: CVE-2024-46510
Vulnerability Summary: CVE-2024-46510 ESAFENET CDG v5 was discovered to contain a SQL injection vulnerability via the id parameter in the...
[MEOW] – Ransomware Victim: Corantioquia
Ransomware Group: MEOW VICTIM NAME: Corantioquia NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 154[.]216[.]19[.]51:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
