OSINT

Cobalt Strike Beacon Detected – 83[.]229[.]126[.]130:8443

May 24, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 8[.]135[.]237[.]16:443

May 24, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 118[.]24[.]22[.]168:8080

May 24, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2025-33138

May 24, 2025

Vulnerability Summary: CVE-2025-33138 IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could inject malicious...

CVE Alert: CVE-2025-2506

May 24, 2025

Vulnerability Summary: CVE-2025-2506 When pglogical attempts to replicate data, it does not verify it is using a replication connection, which...

CVE Alert: CVE-2025-33137

May 24, 2025

Vulnerability Summary: CVE-2025-33137 IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform...

CVE Alert: CVE-2025-5081

May 24, 2025

Vulnerability Summary: CVE-2025-5081 A vulnerability classified as critical was found in Campcodes Cybercafe Management System 1.0. Affected by this vulnerability...

CVE Alert: CVE-2025-4366

May 24, 2025

Vulnerability Summary: CVE-2025-4366 A request smuggling vulnerability identified within Pingora’s proxying framework, pingora-proxy, allows malicious HTTP requests to be injected...

CVE Alert: CVE-2024-48853

May 24, 2025

Vulnerability Summary: CVE-2024-48853 An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when...

CVE Alert: CVE-2025-33136

May 24, 2025

Vulnerability Summary: CVE-2025-33136 IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform...

CVE Alert: CVE-2025-46716

May 24, 2025

Vulnerability Summary: CVE-2025-46716 Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version...

CVE Alert: CVE-2025-47779

May 24, 2025

Vulnerability Summary: CVE-2025-47779 Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of...

CVE Alert: CVE-2024-48850

May 24, 2025

Vulnerability Summary: CVE-2024-48850 Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources. This issue affects ASPECT-Enterprise:...

[INTERLOCK] – Ransomware Victim: Kalamazoo Public School District

May 24, 2025

Ransomware Group: INTERLOCK VICTIM NAME: Kalamazoo Public School District NOTE: No files or stolen information are by RedPacket Security. Any...

[PLAY] – Ransomware Victim: Vernon Milling

May 23, 2025

Ransomware Group: PLAY VICTIM NAME: Vernon Milling NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[PLAY] – Ransomware Victim: South Atlantic Federal Credit Union

May 23, 2025

Ransomware Group: PLAY VICTIM NAME: South Atlantic Federal Credit Union NOTE: No files or stolen information are by RedPacket Security....

[PLAY] – Ransomware Victim: AKJ Energiteknik

May 23, 2025

Ransomware Group: PLAY VICTIM NAME: AKJ Energiteknik NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[SILENTRANSOMGROUP] – Ransomware Victim: Liberty Tax (d)

May 23, 2025

Ransomware Group: SILENTRANSOMGROUP VICTIM NAME: Liberty Tax (d) NOTE: No files or stolen information are by RedPacket Security. Any legal...

CVE Alert: CVE-2025-46715

May 23, 2025

Vulnerability Summary: CVE-2025-46715 Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version...

CVE Alert: CVE-2025-48061

May 23, 2025

Vulnerability Summary: CVE-2025-48061 wire-webapp is the web application for the open-source messaging service Wire. A change caused a regression resulting...

CVE Alert: CVE-2024-13929

May 23, 2025

Vulnerability Summary: CVE-2024-13929 Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator credentials become compromised. This issue...

CVE Alert: CVE-2024-13930

May 23, 2025

Vulnerability Summary: CVE-2024-13930 An Unchecked Loop Condition in ASPECT provides an attacker the ability to maliciously consume system resources if...

CVE Alert: CVE-2025-43596

May 23, 2025

Vulnerability Summary: CVE-2025-43596 An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user to execute...

CVE Alert: CVE-2025-2409

May 23, 2025

Vulnerability Summary: CVE-2025-2409 File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become...

OSINT

Cobalt Strike Beacon Detected – 83[.]229[.]126[.]130:8443

Cobalt Strike Beacon Detected – 8[.]135[.]237[.]16:443

Cobalt Strike Beacon Detected – 118[.]24[.]22[.]168:8080

CVE Alert: CVE-2025-33138

CVE Alert: CVE-2025-2506

CVE Alert: CVE-2025-33137

CVE Alert: CVE-2025-5081

CVE Alert: CVE-2025-4366

CVE Alert: CVE-2024-48853

CVE Alert: CVE-2025-33136

CVE Alert: CVE-2025-46716

CVE Alert: CVE-2025-47779

CVE Alert: CVE-2024-48850

[INTERLOCK] – Ransomware Victim: Kalamazoo Public School District

[PLAY] – Ransomware Victim: Vernon Milling

[PLAY] – Ransomware Victim: South Atlantic Federal Credit Union

[PLAY] – Ransomware Victim: AKJ Energiteknik

[SILENTRANSOMGROUP] – Ransomware Victim: Liberty Tax (d)

CVE Alert: CVE-2025-46715

CVE Alert: CVE-2025-48061

CVE Alert: CVE-2024-13929

CVE Alert: CVE-2024-13930

CVE Alert: CVE-2025-43596

CVE Alert: CVE-2025-2409

[LYNX] – Ransomware Victim: RICHARD MILLE ASIA PTE[.] LTD & D’LEAGUE PTE[.] LTD[.]

CVE Alert: CVE-2025-7801

CVE Alert: CVE-2025-7803

CVE Alert: CVE-2025-54310

CVE Alert: CVE-2025-7805

You may have missed