Cobalt Strike Beacon Detected – 118[.]25[.]91[.]151:8085
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
CVE Alert: CVE-2025-27347
Vulnerability Summary: CVE-2025-27347 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techmix Direct Checkout Button for...
CVE Alert: CVE-2025-26803
Vulnerability Summary: CVE-2025-26803 The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during...
CVE Alert: CVE-2025-25460
Vulnerability Summary: CVE-2025-25460 A stored Cross-Site Scripting (XSS) vulnerability was identified in FlatPress 1.3.1 within the "Add Entry" feature. This...
CVE Alert: CVE-2025-27356
Vulnerability Summary: CVE-2025-27356 Missing Authorization vulnerability in Hardik Sticky Header On Scroll allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-27357
Vulnerability Summary: CVE-2025-27357 Cross-Site Request Forgery (CSRF) vulnerability in Musa AVCI Önceki Yazı Link allows Cross Site Request Forgery. This...
CVE Alert: CVE-2025-26201
Vulnerability Summary: CVE-2025-26201 Credential disclosure vulnerability via the /staff route in GreaterWMS
CVE Alert: CVE-2025-22495
Vulnerability Summary: CVE-2025-22495 An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card....
CVE Alert: CVE-2025-27364
Vulnerability Summary: CVE-2025-27364 In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found...
CVE Alert: CVE-2025-26200
Vulnerability Summary: CVE-2025-26200 SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in...
CVE Alert: CVE-2024-54820
Vulnerability Summary: CVE-2024-54820 XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login...
[HUNTERS] – Ransomware Victim: Nichino Ryokka Co Ltd
Ransomware Group: HUNTERS VICTIM NAME: Nichino Ryokka Co Ltd NOTE: No files or stolen information are by RedPacket Security. Any...
[ANUBIS] – Ransomware Victim: Summit Home Health, INC[.]
Ransomware Group: ANUBIS VICTIM NAME: Summit Home Health, INC NOTE: No files or stolen information are by RedPacket Security. Any...
[ANUBIS] – Ransomware Victim: First Defense Fire Protection
Ransomware Group: ANUBIS VICTIM NAME: First Defense Fire Protection NOTE: No files or stolen information are by RedPacket Security. Any...
[ANUBIS] – Ransomware Victim: Comercializadora S&E Perú
Ransomware Group: ANUBIS VICTIM NAME: Comercializadora S&E Perú NOTE: No files or stolen information are by RedPacket Security. Any legal...
[ANUBIS] – Ransomware Victim: Pound Road Medical Centre
Ransomware Group: ANUBIS VICTIM NAME: Pound Road Medical Centre NOTE: No files or stolen information are by RedPacket Security. Any...
CVE Alert: CVE-2025-26527
Vulnerability Summary: CVE-2025-26527 Tags not expected to be visible to a user could still be discovered by them via the...
CVE Alert: CVE-2025-26529
Vulnerability Summary: CVE-2025-26529 Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS...
CVE Alert: CVE-2025-26528
Vulnerability Summary: CVE-2025-26528 The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk. Affected...
CVE Alert: CVE-2025-26530
Vulnerability Summary: CVE-2025-26530 The question bank filter required additional sanitizing to prevent a reflected XSS risk. Affected Endpoints: No affected...
CVE Alert: CVE-2025-26531
Vulnerability Summary: CVE-2025-26531 Insufficient capability checks made it possible to disable badges a user does not have permission to access....
CVE Alert: CVE-2025-26526
Vulnerability Summary: CVE-2025-26526 Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses...
CVE Alert: CVE-2025-26533
Vulnerability Summary: CVE-2025-26533 An SQL injection risk was identified in the module list filter within course search. Affected Endpoints: No...
CVE Alert: CVE-2025-26525
Vulnerability Summary: CVE-2025-26525 Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where...
