threatintel

CVE Alert: CVE-2025-1948

May 9, 2025

Vulnerability Summary: CVE-2025-1948 In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value...

CVE Alert: CVE-2025-4132

May 9, 2025

Vulnerability Summary: CVE-2025-4132 Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Redirection to Untrusted Site ('Open...

CVE Alert: CVE-2025-26845

May 9, 2025

Vulnerability Summary: CVE-2025-26845 An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the...

CVE Alert: CVE-2025-26847

May 9, 2025

Vulnerability Summary: CVE-2025-26847 An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are...

CVE Alert: CVE-2024-12378

May 9, 2025

Vulnerability Summary: CVE-2024-12378 On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in...

CVE Alert: CVE-2024-11186

May 9, 2025

Vulnerability Summary: CVE-2024-11186 On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to...

CVE Alert: CVE-2025-30102

May 9, 2025

Vulnerability Summary: CVE-2025-30102 Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker...

CVE Alert: CVE-2024-13009

May 9, 2025

Vulnerability Summary: CVE-2024-13009 In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a...

CVE Alert: CVE-2025-30101

May 9, 2025

Vulnerability Summary: CVE-2025-30101 Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated...

[RHYSIDA] – Ransomware Victim: Mountain View Mushrooms

May 9, 2025

Ransomware Group: RHYSIDA VICTIM NAME: Mountain View Mushrooms NOTE: No files or stolen information are by RedPacket Security. Any legal...

[LOCKBIT3] – Ransomware Victim: hennessyfunds[.]com

May 9, 2025

Ransomware Group: LOCKBIT3 VICTIM NAME: hennessyfundscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

184dc77883d17b22631baf15b8eefd5c9a0a81e791bf956c7cd96395f025f208

Witcher – Managing GitHub Advanced Security (GHAS) Controls At Scale

May 9, 2025

Implement and monitor Appsec control at scale. Requirements NodeJS 20.13 Tested on Mac Ubuntu How to install $ git clone...

6f8de8be21463cbfd51711ae4557ed9ba1d79bce93e0152c4ad0b56181bcc30e

ByeDPIAndroid – App To Bypass Censorship On Android

May 9, 2025

Android application that runs a local VPN service to bypass DPI (Deep Packet Inspection) and censorship. This application runs a...

Cobalt Strike Beacon Detected – 175[.]178[.]120[.]225:7443

May 9, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 148[.]66[.]16[.]230:80

May 9, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 43[.]242[.]200[.]223:80

May 9, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2024-9448

May 9, 2025

Vulnerability Summary: CVE-2024-9448 On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets...

CVE Alert: CVE-2025-0505

May 9, 2025

Vulnerability Summary: CVE-2025-0505 On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain...

CVE Alert: CVE-2024-8100

May 9, 2025

Vulnerability Summary: CVE-2024-8100 On affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be...

CVE Alert: CVE-2025-46712

May 9, 2025

Vulnerability Summary: CVE-2025-46712 Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for...

CVE Alert: CVE-2025-27695

May 9, 2025

Vulnerability Summary: CVE-2025-27695 Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A...

CVE Alert: CVE-2025-1330

May 9, 2025

Vulnerability Summary: CVE-2025-1330 IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local...

CVE Alert: CVE-2025-1331

May 9, 2025

Vulnerability Summary: CVE-2025-1331 IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local...

CVE Alert: CVE-2025-46336

May 9, 2025

Vulnerability Summary: CVE-2025-46336 Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when...

threatintel

CVE Alert: CVE-2025-1948

CVE Alert: CVE-2025-4132

CVE Alert: CVE-2025-26845

CVE Alert: CVE-2025-26847

CVE Alert: CVE-2024-12378

CVE Alert: CVE-2024-11186

CVE Alert: CVE-2025-30102

CVE Alert: CVE-2024-13009

CVE Alert: CVE-2025-30101

[RHYSIDA] – Ransomware Victim: Mountain View Mushrooms

[LOCKBIT3] – Ransomware Victim: hennessyfunds[.]com

Witcher – Managing GitHub Advanced Security (GHAS) Controls At Scale

ByeDPIAndroid – App To Bypass Censorship On Android

Cobalt Strike Beacon Detected – 175[.]178[.]120[.]225:7443

Cobalt Strike Beacon Detected – 148[.]66[.]16[.]230:80

Cobalt Strike Beacon Detected – 43[.]242[.]200[.]223:80

CVE Alert: CVE-2024-9448

CVE Alert: CVE-2025-0505

CVE Alert: CVE-2024-8100

CVE Alert: CVE-2025-46712

CVE Alert: CVE-2025-27695

CVE Alert: CVE-2025-1330

CVE Alert: CVE-2025-1331

CVE Alert: CVE-2025-46336

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed