[DEVMAN] – Ransomware Victim: www[.]heitech[.]com[.]my
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
OSINT
BugCrowd Bug Bounty Disclosure: P5 – Session ID Disclosure via Referer Header to Third-Party Domains (nspires.nasaprs.com) – madhu873
Session ID Disclosure via Referer Header to Third-Party Domains (nspires.nasaprs.com) Session ID Disclosure via Referer Header to Third-Party Domains (nspires.nasaprs.com)...
CVE Alert: CVE-2025-11704 – impacttechlab – Elegance Menu
CVE-2025-11704 HIGHNo exploitation known The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
CVE Alert: CVE-2025-11890 – beycanpress – Crypto Payment Gateway with Payeer for WooCommerce
CVE-2025-11890 HIGHNo exploitation known The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to payment bypass...
CVE Alert: CVE-2025-10896 – litonice13 – Master Blocks – Ultimate Gutenberg Blocks for Marketers
CVE-2025-10896 HIGHNo exploitation known Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to Unrestricted Upload...
CVE Alert: CVE-2025-11724 – erinmorelli – EM Beer Manager
CVE-2025-11724 HIGHNo exploitation known The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote...
CVE Alert: CVE-2025-11733 – lumiblog – Footnotes Made Easy
CVE-2025-11733 HIGHNo exploitation known The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings...
CVE Alert: CVE-2025-47368 – Qualcomm, Inc. – Snapdragon
CVE-2025-47368 HIGHNo exploitation known Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing....
CVE Alert: CVE-2025-47360 – Qualcomm, Inc. – Snapdragon
CVE-2025-47360 HIGHNo exploitation known Memory corruption while processing client message during device management. CVSS v3.1 (7.8) AV LOCAL · AC...
CVE Alert: CVE-2025-47361 – Qualcomm, Inc. – Snapdragon
CVE-2025-47361 HIGHNo exploitation known Memory corruption when triggering a subsystem crash with an out-of-range identifier. CVSS v3.1 (7.8) AV LOCAL...
CVE Alert: CVE-2025-47365 – Qualcomm, Inc. – Snapdragon
CVE-2025-47365 HIGHNo exploitation known Memory corruption while processing large input data from a remote source via a communication interface. CVSS...
CVE Alert: CVE-2025-47367 – Qualcomm, Inc. – Snapdragon
CVE-2025-47367 HIGHNo exploitation known Memory corruption while accessing a buffer during IOCTL processing. CVSS v3.1 (7.8) AV LOCAL · AC...
CVE Alert: CVE-2025-47353 – Qualcomm, Inc. – Snapdragon
CVE-2025-47353 HIGHNo exploitation known Memory corruption while processing request sent from GVM. CVSS v3.1 (7.8) AV LOCAL · AC LOW...
CVE Alert: CVE-2025-47352 – Qualcomm, Inc. – Snapdragon
CVE-2025-47352 HIGHNo exploitation known Memory corruption while processing audio streaming operations. CVSS v3.1 (7.8) AV LOCAL · AC LOW ·...
CVE Alert: CVE-2025-27074 – Qualcomm, Inc. – Snapdragon
CVE-2025-27074 HIGHNo exploitation known Memory corruption while processing a GP command response. CVSS v3.1 (8.8) AV LOCAL · AC LOW...
CVE Alert: CVE-2025-47357 – Qualcomm, Inc. – Snapdragon
CVE-2025-47357 HIGHNo exploitation known Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions. CVSS...
CVE Alert: CVE-2025-27070 – Qualcomm, Inc. – Snapdragon
CVE-2025-27070 HIGHNo exploitation known Memory corruption while performing encryption and decryption commands. CVSS v3.1 (7.8) AV LOCAL · AC LOW...
‘erp Down For Emergency Maintenance’ Was Code For ‘you Deleted What?’
Who, Me? Another Monday is upon us and The Register therefore presents a fresh instalment of Who, Me? It’s the...
Snap Out Of It: Canonical On Flatpak Friction, Core Desktop, And The Future Ofubuntu
Ubuntu Summit The Register FOSS desk sat down with Canonical's vice-president for engineering, Jon Seager, during Ubuntu Summit earlier this...
Ransomware Negotiator, Pay Thyself!
A ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out...
An0m, The Backdoored ‘secure’ Messaging App For Criminals, Is Still Producingarrests After Four Years
Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in the...
Fortytwo’s Decentralized Ai Has The Answer To Life, The Universe, And Everything
Fortytwo, a Silicon Valley startup, was founded last year based on the idea that a decentralized swarm of small AI...
Isps More Likely To Throttle Netizens Who Connect Through Carrier Grade Nat:cloudflare
Before the potential of the internet was appreciated around the world, nations that understood its importance managed to scoop outsized...
Cybercrooks Team Up With Organized Crime To Steal Pricey Cargo
Cybercriminals are increasingly orchestrating lucrative cargo thefts alongside organized crime groups (OCGs) in a modern-day resurgence of attacks on freight...
