OSINT

CVE Alert: CVE-2025-8017

July 24, 2025

Vulnerability Summary: CVE-2025-8017 A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the...

CVE Alert: CVE-2025-4294

July 24, 2025

Vulnerability Summary: CVE-2025-4294 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HotelRunner B2B allows...

CVE Alert: CVE-2025-51860

July 24, 2025

Vulnerability Summary: CVE-2025-51860 Stored Cross-Site Scripting (XSS) in TelegAI (telegai.com) 2025-05-26 in its chat component and character container component. An...

CVE Alert: CVE-2025-51862

July 24, 2025

Vulnerability Summary: CVE-2025-51862 Insecure Direct Object Reference (IDOR) vulnerability in TelegAI (telegai.com) thru 2025-05-26 in its chat component. An attacker...

CVE Alert: CVE-2025-51859

July 24, 2025

Vulnerability Summary: CVE-2025-51859 Stored Cross-Site Scripting (XSS) vulnerability in Chaindesk thru 2025-05-26 in its agent chat component. An attacker can...

CVE Alert: CVE-2025-51864

July 24, 2025

Vulnerability Summary: CVE-2025-51864 A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to...

CVE Alert: CVE-2025-51865

July 24, 2025

Vulnerability Summary: CVE-2025-51865 Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference (IDOR),...

CVE Alert: CVE-2025-51858

July 24, 2025

Vulnerability Summary: CVE-2025-51858 Self Cross-Site Scripting (XSS) vulnerability in ChatPlayground.ai through 2025-05-24, allows attackers to execute arbitrary code and gain...

CVE Alert: CVE-2025-4878

July 24, 2025

Vulnerability Summary: CVE-2025-4878 A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file()...

[INCRANSOM] – Ransomware Victim: Sementes Jotabasso

July 23, 2025

Ransomware Group: INCRANSOM VICTIM NAME: Sementes Jotabasso NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

CVE Alert: CVE-2025-8015

July 23, 2025

Vulnerability Summary: CVE-2025-8015 The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...

CVE Alert: CVE-2025-8018

July 23, 2025

Vulnerability Summary: CVE-2025-8018 A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical....

CVE Alert: CVE-2025-51863

July 23, 2025

Vulnerability Summary: CVE-2025-51863 Self Cross Site Scripting (XSS) vulnerability in ChatGPT Unli (ChatGPTUnli.com) thru 2025-05-26 allows attackers to execute arbitrary...

CVE Alert: CVE-2025-36520

July 23, 2025

Vulnerability Summary: CVE-2025-36520 A null pointer dereference vulnerability exists in the net_connectmsg Protocol Buffer Message functionality of Bloomberg Comdb2 8.1....

CVE Alert: CVE-2025-35966

July 23, 2025

Vulnerability Summary: CVE-2025-35966 A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg Comdb2 8.1....

CVE Alert: CVE-2025-51463

July 23, 2025

Vulnerability Summary: CVE-2025-51463 Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary files to the server's...

CVE Alert: CVE-2025-48498

July 23, 2025

Vulnerability Summary: CVE-2025-48498 A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1 when processing...

CVE Alert: CVE-2025-46354

July 23, 2025

Vulnerability Summary: CVE-2025-46354 A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1....

CVE Alert: CVE-2025-51480

July 23, 2025

Vulnerability Summary: CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted...

CVE Alert: CVE-2025-36512

July 23, 2025

Vulnerability Summary: CVE-2025-36512 A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction...

[AKIRA] – Ransomware Victim: Reimo

July 23, 2025

Ransomware Group: AKIRA VICTIM NAME: Reimo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[AKIRA] – Ransomware Victim: OKA

July 23, 2025

Ransomware Group: AKIRA VICTIM NAME: OKA NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[NITROGEN] – Ransomware Victim: Palm Bay International

July 23, 2025

Ransomware Group: NITROGEN VICTIM NAME: Palm Bay International NOTE: No files or stolen information are by RedPacket Security. Any legal...

[QILIN] – Ransomware Victim: DelCampo

July 23, 2025

Ransomware Group: QILIN VICTIM NAME: DelCampo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

OSINT

CVE Alert: CVE-2025-8017

CVE Alert: CVE-2025-4294

CVE Alert: CVE-2025-51860

CVE Alert: CVE-2025-51862

CVE Alert: CVE-2025-51859

CVE Alert: CVE-2025-51864

CVE Alert: CVE-2025-51865

CVE Alert: CVE-2025-51858

CVE Alert: CVE-2025-4878

[INCRANSOM] – Ransomware Victim: Sementes Jotabasso

CVE Alert: CVE-2025-8015

CVE Alert: CVE-2025-8018

CVE Alert: CVE-2025-51863

CVE Alert: CVE-2025-36520

CVE Alert: CVE-2025-35966

CVE Alert: CVE-2025-51463

CVE Alert: CVE-2025-48498

CVE Alert: CVE-2025-46354

CVE Alert: CVE-2025-51480

CVE Alert: CVE-2025-36512

[AKIRA] – Ransomware Victim: Reimo

[AKIRA] – Ransomware Victim: OKA

[NITROGEN] – Ransomware Victim: Palm Bay International

[QILIN] – Ransomware Victim: DelCampo

Google Chrome Multiple Vulnerabilities

Cobalt Strike Beacon Detected – 124[.]221[.]116[.]169:80

Cobalt Strike Beacon Detected – 196[.]251[.]87[.]191:4433

Cobalt Strike Beacon Detected – 179[.]43[.]186[.]243:80

Cobalt Strike Beacon Detected – 118[.]25[.]91[.]151:80

You may have missed