RedPacket Security - InfoSec News & Tutorials

Cobalt Strike Beacon Detected – 111[.]124[.]203[.]18:443

May 14, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

[PLAY] – Ransomware Victim: Dishaka

May 14, 2025

Ransomware Group: PLAY VICTIM NAME: Dishaka NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2025-4560

May 13, 2025

Vulnerability Summary: CVE-2025-4560 The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access certain system...

CVE Alert: CVE-2025-3649

May 13, 2025

Vulnerability Summary: CVE-2025-3649 The LightPress Lightbox WordPress plugin before 2.3.4 does not check download links point to valid, non-Javascript URLs,...

CVE Alert: CVE-2025-41393

May 13, 2025

Vulnerability Summary: CVE-2025-41393 Reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction printers) which implement Ricoh Web...

CVE Alert: CVE-2025-4559

May 13, 2025

Vulnerability Summary: CVE-2025-4559 The ISOinsight from Netvision has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL...

CVE Alert: CVE-2025-4561

May 13, 2025

Vulnerability Summary: CVE-2025-4561 The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to...

CVE Alert: CVE-2025-47270

May 13, 2025

Vulnerability Summary: CVE-2025-47270 nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The...

CVE Alert: CVE-2025-22247

May 13, 2025

Vulnerability Summary: CVE-2025-22247 VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest...

CVE Alert: CVE-2024-56524

May 13, 2025

Vulnerability Summary: CVE-2024-56524 Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by adding...

CVE Alert: CVE-2025-3496

May 13, 2025

Vulnerability Summary: CVE-2025-3496 An unauthenticated remote attacker can cause a buffer overflow which could lead to unexpected behaviour or DoS...

CVE Alert: CVE-2025-45835

May 13, 2025

Vulnerability Summary: CVE-2025-45835 A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8...

HackerOne Bug Bounty Disclosure: user-api-key-leaked-atasec

May 13, 2025

Company Name: WakaTime Company HackerOne URL: https://hackerone.com/wakatime Submitted By:atasecLink to Submitters Profile:https://hackerone.com/atasec Report Title:user api key leakedReport Link:https://hackerone.com/reports/3098717Date Submitted:13 May...

HackerOne Bug Bounty Disclosure: netlify-authentication-token-exposed-in-public-mozilla-ci-logs-samirsec-x

May 13, 2025

Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:samirsec0x01Link to Submitters Profile:https://hackerone.com/samirsec0x01 Report Title:Netlify Authentication Token Exposed in Public Mozilla...

[AKIRA] – Ransomware Victim: Precision Tax Relief

May 13, 2025

Ransomware Group: AKIRA VICTIM NAME: Precision Tax Relief NOTE: No files or stolen information are by RedPacket Security. Any legal...

[AKIRA] – Ransomware Victim: Superior Steel

May 13, 2025

Ransomware Group: AKIRA VICTIM NAME: Superior Steel NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

CVE Alert: CVE-2025-46717

May 13, 2025

Vulnerability Summary: CVE-2025-46717 sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6,...

CVE Alert: CVE-2025-46718

May 13, 2025

Vulnerability Summary: CVE-2025-46718 sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6,...

CVE Alert: CVE-2025-26841

May 13, 2025

Vulnerability Summary: CVE-2025-26841 Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code...

CVE Alert: CVE-2025-26846

May 13, 2025

Vulnerability Summary: CVE-2025-26846 An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic...

CVE Alert: CVE-2024-56523

May 13, 2025

Vulnerability Summary: CVE-2024-56523 Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by placing...

CVE Alert: CVE-2025-46737

May 13, 2025

Vulnerability Summary: CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway...

CVE Alert: CVE-2025-46611

May 13, 2025

Vulnerability Summary: CVE-2025-46611 Cross Site Scripting vulnerability in ARTEC EMA Mail v6.92 allows an attacker to execute arbitrary code via...

CVE Alert: CVE-2025-47578

May 13, 2025

Vulnerability Summary: CVE-2025-47578 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Caissie BNS Twitter Follow...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed