threatintel

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

July 10, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 113[.]45[.]232[.]73:9443

July 10, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 115[.]238[.]252[.]51:9000

July 10, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

[NOVA] – Ransomware Victim: Computer Ingenuity Associates

July 10, 2025

Ransomware Group: NOVA VICTIM NAME: Computer Ingenuity Associates NOTE: No files or stolen information are by RedPacket Security. Any legal...

[CICADA3301] – Ransomware Victim: Mack Energy Corp

July 9, 2025

Ransomware Group: CICADA3301 VICTIM NAME: Mack Energy Corp NOTE: No files or stolen information are by RedPacket Security. Any legal...

[QILIN] – Ransomware Victim: Microf

July 9, 2025

Ransomware Group: QILIN VICTIM NAME: Microf NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2025-43591

July 9, 2025

Vulnerability Summary: CVE-2025-43591 InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result...

CVE Alert: CVE-2025-43594

July 9, 2025

Vulnerability Summary: CVE-2025-43594 InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in...

CVE Alert: CVE-2025-43592

July 9, 2025

Vulnerability Summary: CVE-2025-43592 InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could...

CVE Alert: CVE-2025-49530

July 9, 2025

Vulnerability Summary: CVE-2025-49530 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in...

CVE Alert: CVE-2025-47103

July 9, 2025

Vulnerability Summary: CVE-2025-47103 InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result...

CVE Alert: CVE-2025-49525

July 9, 2025

Vulnerability Summary: CVE-2025-49525 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to...

CVE Alert: CVE-2025-49526

July 9, 2025

Vulnerability Summary: CVE-2025-49526 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in...

CVE Alert: CVE-2025-49528

July 9, 2025

Vulnerability Summary: CVE-2025-49528 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result...

CVE Alert: CVE-2025-49529

July 9, 2025

Vulnerability Summary: CVE-2025-49529 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could...

CVE Alert: CVE-2025-49527

July 9, 2025

Vulnerability Summary: CVE-2025-49527 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result...

[GLOBAL] – Ransomware Victim: Emphail[.]com

July 9, 2025

Ransomware Group: GLOBAL VICTIM NAME: Emphailcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[INCRANSOM] – Ransomware Victim: Majestic

July 9, 2025

Ransomware Group: INCRANSOM VICTIM NAME: Majestic NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[INCRANSOM] – Ransomware Victim: TBC

July 9, 2025

Ransomware Group: INCRANSOM VICTIM NAME: TBC NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[INCRANSOM] – Ransomware Victim: Lamberts Business Systems

July 9, 2025

Ransomware Group: INCRANSOM VICTIM NAME: Lamberts Business Systems NOTE: No files or stolen information are by RedPacket Security. Any legal...

[LYNX] – Ransomware Victim: Confartigianato Imprese

July 9, 2025

Ransomware Group: LYNX VICTIM NAME: Confartigianato Imprese NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Vulnerabilities

[Palo Alto Networks Security Advisories] PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025)

July 9, 2025

Palo Alto Networks Security Advisories /PAN-SA-2025-0013PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025)UrgencyMODERATE047910Severity8.6 ·HIGHExploit MaturityATTACKEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorNETWORKAttack ComplexityLOWAttack RequirementsNONEAutomatableNOUser InteractionACTIVEProduct...

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2025-0140 GlobalProtect App: Non Admin User Can Disable the GlobalProtectApp

July 9, 2025

Palo Alto Networks Security Advisories /CVE-2025-0140CVE-2025-0140 GlobalProtect App: Non Admin User Can Disable the GlobalProtect AppUrgencyMODERATE047910Severity4.3 ·MEDIUMExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack...

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2025-0139 Autonomous Digital Experience Manager: Privilege Escalation (PE)Vulnerability

July 9, 2025

Palo Alto Networks Security Advisories /CVE-2025-0139CVE-2025-0139 Autonomous Digital Experience Manager: Privilege Escalation (PE) VulnerabilityUrgencyMODERATE047910Severity2.4 ·LOWExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorLOCALAttack ComplexityLOWAttack...

threatintel

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

Cobalt Strike Beacon Detected – 113[.]45[.]232[.]73:9443

Cobalt Strike Beacon Detected – 115[.]238[.]252[.]51:9000

[NOVA] – Ransomware Victim: Computer Ingenuity Associates

[CICADA3301] – Ransomware Victim: Mack Energy Corp

[QILIN] – Ransomware Victim: Microf

CVE Alert: CVE-2025-43591

CVE Alert: CVE-2025-43594

CVE Alert: CVE-2025-43592

CVE Alert: CVE-2025-49530

CVE Alert: CVE-2025-47103

CVE Alert: CVE-2025-49525

CVE Alert: CVE-2025-49526

CVE Alert: CVE-2025-49528

CVE Alert: CVE-2025-49529

CVE Alert: CVE-2025-49527

[GLOBAL] – Ransomware Victim: Emphail[.]com

[INCRANSOM] – Ransomware Victim: Majestic

[INCRANSOM] – Ransomware Victim: TBC

[INCRANSOM] – Ransomware Victim: Lamberts Business Systems

[LYNX] – Ransomware Victim: Confartigianato Imprese

[Palo Alto Networks Security Advisories] PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025)

[Palo Alto Networks Security Advisories] CVE-2025-0140 GlobalProtect App: Non Admin User Can Disable the GlobalProtectApp

[Palo Alto Networks Security Advisories] CVE-2025-0139 Autonomous Digital Experience Manager: Privilege Escalation (PE)Vulnerability

BugCrowd Bug Bounty Disclosure: P3 – Publicly Editable Google Docs Linked from NASA SnowEx PPT –

BugCrowd Bug Bounty Disclosure: P3 – Details of the collaboration between NASA and Inmarsat Government and the type of contract –

Apple Products Multiple Vulnerabilities

Miljödata – 870,108 breached accounts

Cobalt Strike Beacon Detected – 119[.]91[.]203[.]199:88

You may have missed