OSINT

CVE Alert: CVE-2025-3862

May 9, 2025

Vulnerability Summary: CVE-2025-3862 Contest Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all...

CVE Alert: CVE-2025-2806

May 9, 2025

Vulnerability Summary: CVE-2025-2806 The tagDiv Composer plugin for WordPress, used by the Newspaper theme, is vulnerable to Reflected Cross-Site Scripting...

CVE Alert: CVE-2025-47730

May 9, 2025

Vulnerability Summary: CVE-2025-47730 The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM...

CVE Alert: CVE-2025-4207

May 9, 2025

Vulnerability Summary: CVE-2025-4207 Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of...

CVE Alert: CVE-2025-47729

May 9, 2025

Vulnerability Summary: CVE-2025-47729 The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal)...

CVE Alert: CVE-2025-26844

May 9, 2025

Vulnerability Summary: CVE-2025-26844 An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag. Affected...

CVE Alert: CVE-2025-26842

May 9, 2025

Vulnerability Summary: CVE-2025-26842 An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the...

[MEDUSA] – Ransomware Victim: Lake Shore Paving

May 9, 2025

Ransomware Group: MEDUSA VICTIM NAME: Lake Shore Paving NOTE: No files or stolen information are by RedPacket Security. Any legal...

[CLOP] – Ransomware Victim: CHECKCITY[.]COM

May 9, 2025

Ransomware Group: CLOP VICTIM NAME: CHECKCITYCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[NIGHTSPIRE] – Ransomware Victim: North Kitsap School District

May 9, 2025

Ransomware Group: NIGHTSPIRE VICTIM NAME: North Kitsap School District NOTE: No files or stolen information are by RedPacket Security. Any...

[MEDUSA] – Ransomware Victim: Russell Child Development Center

May 9, 2025

Ransomware Group: MEDUSA VICTIM NAME: Russell Child Development Center NOTE: No files or stolen information are by RedPacket Security. Any...

[NIGHTSPIRE] – Ransomware Victim: C[.]E[.]E[.] APTA

May 9, 2025

Ransomware Group: NIGHTSPIRE VICTIM NAME: CEE APTA NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[AKIRA] – Ransomware Victim: Bervar and Jones

May 9, 2025

Ransomware Group: AKIRA VICTIM NAME: Bervar and Jones NOTE: No files or stolen information are by RedPacket Security. Any legal...

[AKIRA] – Ransomware Victim: Klampfer Elektroanlagen

May 9, 2025

Ransomware Group: AKIRA VICTIM NAME: Klampfer Elektroanlagen NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

CVE Alert: CVE-2025-1948

May 9, 2025

Vulnerability Summary: CVE-2025-1948 In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value...

CVE Alert: CVE-2025-4132

May 9, 2025

Vulnerability Summary: CVE-2025-4132 Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Redirection to Untrusted Site ('Open...

CVE Alert: CVE-2025-44021

May 9, 2025

Vulnerability Summary: CVE-2025-44021 OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if...

CVE Alert: CVE-2025-26845

May 9, 2025

Vulnerability Summary: CVE-2025-26845 An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the...

CVE Alert: CVE-2025-26847

May 9, 2025

Vulnerability Summary: CVE-2025-26847 An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are...

CVE Alert: CVE-2024-12378

May 9, 2025

Vulnerability Summary: CVE-2024-12378 On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in...

CVE Alert: CVE-2024-11186

May 9, 2025

Vulnerability Summary: CVE-2024-11186 On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to...

CVE Alert: CVE-2025-30102

May 9, 2025

Vulnerability Summary: CVE-2025-30102 Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker...

CVE Alert: CVE-2024-13009

May 9, 2025

Vulnerability Summary: CVE-2024-13009 In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a...

CVE Alert: CVE-2025-30101

May 9, 2025

Vulnerability Summary: CVE-2025-30101 Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated...

OSINT

CVE Alert: CVE-2025-3862

CVE Alert: CVE-2025-2806

CVE Alert: CVE-2025-47730

CVE Alert: CVE-2025-4207

CVE Alert: CVE-2025-47729

CVE Alert: CVE-2025-26844

CVE Alert: CVE-2025-26842

[MEDUSA] – Ransomware Victim: Lake Shore Paving

[CLOP] – Ransomware Victim: CHECKCITY[.]COM

[NIGHTSPIRE] – Ransomware Victim: North Kitsap School District

[MEDUSA] – Ransomware Victim: Russell Child Development Center

[NIGHTSPIRE] – Ransomware Victim: C[.]E[.]E[.] APTA

[AKIRA] – Ransomware Victim: Bervar and Jones

[AKIRA] – Ransomware Victim: Klampfer Elektroanlagen

CVE Alert: CVE-2025-1948

CVE Alert: CVE-2025-4132

CVE Alert: CVE-2025-44021

CVE Alert: CVE-2025-26845

CVE Alert: CVE-2025-26847

CVE Alert: CVE-2024-12378

CVE Alert: CVE-2024-11186

CVE Alert: CVE-2025-30102

CVE Alert: CVE-2024-13009

CVE Alert: CVE-2025-30101

[STORMOUS] – Ransomware Victim: www[.]marjane[.]ma

Synthient Credential Stuffing Threat Data – 1,957,476,021 breached accounts

CVE Alert: CVE-2025-12790 – Red Hat – Red Hat Satellite 6

[INCRANSOM] – Ransomware Victim: Ketat Grundstücksverwertungs GmbH

[INCRANSOM] – Ransomware Victim: prutsch-ra[.]at

You may have missed