threatintel

CVE Alert: CVE-2024-13809

March 6, 2025

Vulnerability Summary: CVE-2024-13809 The Hero Slider - WordPress Slider Plugin plugin for WordPress is vulnerable to SQL Injection via several...

CVE Alert: CVE-2024-13810

March 6, 2025

Vulnerability Summary: CVE-2024-13810 The Zass - WooCommerce Theme for Handmade Artists and Artisans theme for WordPress is vulnerable to unauthorized...

[RANSOMHUB] – Ransomware Victim: www[.]portlandschools[.]org

March 6, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwportlandschoolsorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]hinton[.]ca

March 6, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwhintonca NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CISA: CISA Releases Three Industrial Control Systems Advisories

March 6, 2025

CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on March 6, 2025. These...

[RANSOMHUB] – Ransomware Victim: www[.]centersheetmetal[.]com

March 6, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwcentersheetmetalcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]convention[.]qc[.]ca

March 6, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwconventionqcca NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[MONTI] – Ransomware Victim: agi[.]net

March 6, 2025

Ransomware Group: MONTI VICTIM NAME: aginet NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[LYNX] – Ransomware Victim: Adval Tech

March 6, 2025

Ransomware Group: LYNX VICTIM NAME: Adval Tech NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[LYNX] – Ransomware Victim: Tugwell Pump & Supply

March 6, 2025

Ransomware Group: LYNX VICTIM NAME: Tugwell Pump & Supply NOTE: No files or stolen information are by RedPacket Security. Any...

[RANSOMHUB] – Ransomware Victim: lovesac[.]com

March 6, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: lovesaccom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: hickorylaw[.]com

March 6, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: hickorylawcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[QILIN] – Ransomware Victim: Connekted, Inc[.]

March 6, 2025

Ransomware Group: QILIN VICTIM NAME: Connekted, Inc NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[LYNX] – Ransomware Victim: Dynamic Closures

March 6, 2025

Ransomware Group: LYNX VICTIM NAME: Dynamic Closures NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[INCRANSOM] – Ransomware Victim: Naples Heritage Golf & Country Club

March 6, 2025

Ransomware Group: INCRANSOM VICTIM NAME: Naples Heritage Golf & Country Club NOTE: No files or stolen information are by RedPacket...

[FOG] – Ransomware Victim: WJCC Public Schools (wjccschools[.]org)

March 6, 2025

Ransomware Group: FOG VICTIM NAME: WJCC Public Schools (wjccschoolsorg) NOTE: No files or stolen information are by RedPacket Security. Any...

CVE Alert: CVE-2025-0956

March 6, 2025

Vulnerability Summary: CVE-2025-0956 The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection in all versions...

CVE Alert: CVE-2025-25015

March 6, 2025

Vulnerability Summary: CVE-2025-25015 Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted...

CVE Alert: CVE-2025-1515

March 6, 2025

Vulnerability Summary: CVE-2025-1515 The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up...

CVE Alert: CVE-2025-0954

March 6, 2025

Vulnerability Summary: CVE-2025-0954 The WP Online Contract plugin for WordPress is vulnerable to unauthorized access due to a missing capability...

CVE Alert: CVE-2024-11153

March 6, 2025

Vulnerability Summary: CVE-2024-11153 The Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More plugin...

CVE Alert: CVE-2024-13423

March 6, 2025

Vulnerability Summary: CVE-2024-13423 The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check...

CVE Alert: CVE-2024-12650

March 6, 2025

Vulnerability Summary: CVE-2024-12650 An attacker with low privileges can manipulate the requested memory size, causing the application to use an...

CVE Alert: CVE-2025-1702

March 6, 2025

Vulnerability Summary: CVE-2025-1702 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for...

threatintel

CVE Alert: CVE-2024-13809

CVE Alert: CVE-2024-13810

[RANSOMHUB] – Ransomware Victim: www[.]portlandschools[.]org

[RANSOMHUB] – Ransomware Victim: www[.]hinton[.]ca

CISA: CISA Releases Three Industrial Control Systems Advisories

[RANSOMHUB] – Ransomware Victim: www[.]centersheetmetal[.]com

[RANSOMHUB] – Ransomware Victim: www[.]convention[.]qc[.]ca

[MONTI] – Ransomware Victim: agi[.]net

[LYNX] – Ransomware Victim: Adval Tech

[LYNX] – Ransomware Victim: Tugwell Pump & Supply

[RANSOMHUB] – Ransomware Victim: lovesac[.]com

[RANSOMHUB] – Ransomware Victim: hickorylaw[.]com

[QILIN] – Ransomware Victim: Connekted, Inc[.]

[LYNX] – Ransomware Victim: Dynamic Closures

[INCRANSOM] – Ransomware Victim: Naples Heritage Golf & Country Club

[FOG] – Ransomware Victim: WJCC Public Schools (wjccschools[.]org)

CVE Alert: CVE-2025-0956

CVE Alert: CVE-2025-25015

CVE Alert: CVE-2025-1515

CVE Alert: CVE-2025-0954

CVE Alert: CVE-2024-11153

CVE Alert: CVE-2024-13423

CVE Alert: CVE-2024-12650

CVE Alert: CVE-2025-1702

[QILIN] – Ransomware Victim: edgeanalytical[.]com

[DEVMAN] – Ransomware Victim: NSSF KENYA

[DEVMAN] – Ransomware Victim: piriou[.]vn

[DEVMAN] – Ransomware Victim: TOHO-CO

[AKIRA] – Ransomware Victim: Williams Patent Crusher & Pulverizer Co[.]

You may have missed