Cobalt Strike Beacon Detected – 118[.]31[.]0[.]235:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Strike Beacon Detected – 180[.]76[.]138[.]238:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 121[.]41[.]91[.]64:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 185[.]147[.]39[.]227:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 39[.]106[.]152[.]200:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 43[.]138[.]30[.]109:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 43[.]138[.]30[.]109:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BugCrowd Bug Bounty Disclosure: P3 – Publicly Accessible .env File Exposing Hardcoded Credentials on NASA’s Git Repository – _x3ro_
Publicly Accessible .env File Exposing Hardcoded Credentials on NASA’s Git Repository Publicly Accessible .env File Exposing Hardcoded Credentials on NASA’s...
BugCrowd Bug Bounty Disclosure: P3 – Leak of usernames from a private website –
Leak of usernames from a private website Leak of usernames from a private website Researcher: Engagement: National Aeronautics and Space...
[NITROGEN] – Ransomware Victim: Ocean Edge Resort & Golf Club
Ransomware Group: NITROGEN VICTIM NAME: Ocean Edge Resort & Golf Club NOTE: No files or stolen information are by RedPacket...
[PLAY] – Ransomware Victim: Omega Global Technologies
Ransomware Group: PLAY VICTIM NAME: Omega Global Technologies NOTE: No files or stolen information are by RedPacket Security. Any legal...
[PLAY] – Ransomware Victim: CBG Surveying Texas
Ransomware Group: PLAY VICTIM NAME: CBG Surveying Texas NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-49706 – Microsoft – Microsoft SharePoint Enterprise Server 2016
CVE-2025-49706 MEDIUMCISA KEVExploitation active Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network....
CVE Alert: CVE-2025-54309 – CrushFTP – CrushFTP
CVE-2025-54309 CRITICALCISA KEVExploitation active CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used,...
CVE Alert: CVE-2025-25257 – Fortinet – FortiWeb
CVE-2025-25257 CRITICALCISA KEVExploitation active An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Fortinet...
CVE Alert: CVE-2025-53770 – Microsoft – Microsoft SharePoint Enterprise Server 2016
CVE-2025-53770 CRITICALCISA KEVExploitation active Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code...
CVE Alert: CVE-2025-49704 – Microsoft – Microsoft SharePoint Enterprise Server 2016
CVE-2025-49704 HIGHCISA KEVExploitation active Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker...
CVE Alert: CVE-2025-2775 – SysAid – SysAid On-Prem
CVE-2025-2775 CRITICALCISA KEVExploitation active SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in...
CVE Alert: CVE-2025-20281 – Cisco – Cisco Identity Services Engine Software
CVE-2025-20281 CRITICALCISA KEVExploitation active A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,...
CVE Alert: CVE-2025-6558 – Google – Chrome
CVE-2025-6558 UnknownCISA KEVExploitation active Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed...
CVE Alert: CVE-2025-2776 – SysAid – SysAid On-Prem
CVE-2025-2776 CRITICALCISA KEVExploitation active SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in...
CVE Alert: CVE-2025-20337 – Cisco – Cisco Identity Services Engine Software
CVE-2025-20337 CRITICALCISA KEVExploitation active A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,...
CVE Alert: CVE-2013-3893 – n/a – n/a
CVE-2013-3893 UnknownCISA KEVExploitation active Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows...
CVE Alert: CVE-2022-40799 – n/a – n/a
CVE-2022-40799 UnknownCISA KEVExploitation active Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to...
