threatintel

[MEDUSA] – Ransomware Victim: PANSARD & ASSOCIES

August 6, 2025

Ransomware Group: MEDUSA VICTIM NAME: PANSARD & ASSOCIES NOTE: No files or stolen information are by RedPacket Security. Any legal...

[PLAY] – Ransomware Victim: The Magni Group

August 6, 2025

Ransomware Group: PLAY VICTIM NAME: The Magni Group NOTE: No files or stolen information are by RedPacket Security. Any legal...

[EVEREST] – Ransomware Victim: BRUNTON-SHAW[.]COM

August 6, 2025

Ransomware Group: EVEREST VICTIM NAME: BRUNTON-SHAWCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[QILIN] – Ransomware Victim: ferrocortes

August 6, 2025

Ransomware Group: QILIN VICTIM NAME: ferrocortes NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[SECUROTROP] – Ransomware Victim: Budinger & Associates

August 6, 2025

Ransomware Group: SECUROTROP VICTIM NAME: Budinger & Associates NOTE: No files or stolen information are by RedPacket Security. Any legal...

[QILIN] – Ransomware Victim: Kengen

August 6, 2025

Ransomware Group: QILIN VICTIM NAME: Kengen NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[PLAY] – Ransomware Victim: Brad’s Bedding Plants

August 6, 2025

Ransomware Group: PLAY VICTIM NAME: Brad's Bedding Plants NOTE: No files or stolen information are by RedPacket Security. Any legal...

CVE Alert: CVE-2025-6207

August 6, 2025

Vulnerability Summary: CVE-2025-6207 The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing...

CVE Alert: CVE-2025-2810

August 6, 2025

Vulnerability Summary: CVE-2025-2810 A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. Affected...

CVE Alert: CVE-2025-8294

August 6, 2025

Vulnerability Summary: CVE-2025-8294 The Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in...

CVE Alert: CVE-2025-41698

August 6, 2025

Vulnerability Summary: CVE-2025-41698 A low privileged local attacker can interact with the affected service although user-interaction should not be allowed....

CVE Alert: CVE-2025-5061

August 6, 2025

Vulnerability Summary: CVE-2025-5061 The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing...

CVE Alert: CVE-2025-8553

August 6, 2025

Vulnerability Summary: CVE-2025-8553 A vulnerability classified as problematic was found in atjiu pybbs up to 6.0.0. This vulnerability affects unknown...

CVE Alert: CVE-2025-8554

August 6, 2025

Vulnerability Summary: CVE-2025-8554 A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This...

CVE Alert: CVE-2025-8295

August 6, 2025

Vulnerability Summary: CVE-2025-8295 The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in...

CVE Alert: CVE-2025-8551

August 6, 2025

Vulnerability Summary: CVE-2025-8551 A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rated as problematic. Affected...

CVE Alert: CVE-2025-8552

August 6, 2025

Vulnerability Summary: CVE-2025-8552 A vulnerability classified as problematic has been found in atjiu pybbs up to 6.0.0. This affects an...

[NITROGEN] – Ransomware Victim: F&P Georgia Mfg Inc

August 6, 2025

Ransomware Group: NITROGEN VICTIM NAME: F&P Georgia Mfg Inc NOTE: No files or stolen information are by RedPacket Security. Any...

[AKIRA] – Ransomware Victim: MGM Transformer

August 6, 2025

Ransomware Group: AKIRA VICTIM NAME: MGM Transformer NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[INCRANSOM] – Ransomware Victim: Consumer Electronics & Computers Retail Retail

August 6, 2025

Ransomware Group: INCRANSOM VICTIM NAME: Consumer Electronics & Computers Retail Retail NOTE: No files or stolen information are by RedPacket...

[SARCOMA] – Ransomware Victim: Metro Heating

August 6, 2025

Ransomware Group: SARCOMA VICTIM NAME: Metro Heating NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[SARCOMA] – Ransomware Victim: Harinera del Valle

August 6, 2025

Ransomware Group: SARCOMA VICTIM NAME: Harinera del Valle NOTE: No files or stolen information are by RedPacket Security. Any legal...

CVE Alert: CVE-2025-54987

August 6, 2025

Vulnerability Summary: CVE-2025-54987 A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to...

CVE Alert: CVE-2024-52890

August 6, 2025

Vulnerability Summary: CVE-2024-52890 IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to...

threatintel

[MEDUSA] – Ransomware Victim: PANSARD & ASSOCIES

[PLAY] – Ransomware Victim: The Magni Group

[EVEREST] – Ransomware Victim: BRUNTON-SHAW[.]COM

[QILIN] – Ransomware Victim: ferrocortes

[SECUROTROP] – Ransomware Victim: Budinger & Associates

[QILIN] – Ransomware Victim: Kengen

[PLAY] – Ransomware Victim: Brad’s Bedding Plants

CVE Alert: CVE-2025-6207

CVE Alert: CVE-2025-2810

CVE Alert: CVE-2025-8294

CVE Alert: CVE-2025-41698

CVE Alert: CVE-2025-5061

CVE Alert: CVE-2025-8553

CVE Alert: CVE-2025-8554

CVE Alert: CVE-2025-8295

CVE Alert: CVE-2025-8551

CVE Alert: CVE-2025-8552

[NITROGEN] – Ransomware Victim: F&P Georgia Mfg Inc

[AKIRA] – Ransomware Victim: MGM Transformer

[INCRANSOM] – Ransomware Victim: Consumer Electronics & Computers Retail Retail

[SARCOMA] – Ransomware Victim: Metro Heating

[SARCOMA] – Ransomware Victim: Harinera del Valle

CVE Alert: CVE-2025-54987

CVE Alert: CVE-2024-52890

HackerOne Bug Bounty Disclosure: insecure-websocket-usage-in-curl-documentation-and-examples-cwe-cleartext-transmission-of-sensitive-information-spectre

HackerOne Bug Bounty Disclosure: unsafe-global-ifs-modification-in-os-shell-script-enables-command-injection-and-parsing-flaws-cwe-cwe-spectre

HackerOne Bug Bounty Disclosure: exposure-of-hard-coded-private-keys-and-credentials-in-curl-source-repository-cwe-spectre

HackerOne Bug Bounty Disclosure: account-repository-takeover-via-abandoned-github-username-in-curl-s-href-extractor-c-ks-karem

CVE Alert: CVE-2025-48731

You may have missed