CVE Alert: CVE-2025-26527
Vulnerability Summary: CVE-2025-26527 Tags not expected to be visible to a user could still be discovered by them via the...
threatintel
CVE Alert: CVE-2025-26529
Vulnerability Summary: CVE-2025-26529 Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS...
CVE Alert: CVE-2025-26528
Vulnerability Summary: CVE-2025-26528 The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk. Affected...
CVE Alert: CVE-2025-26530
Vulnerability Summary: CVE-2025-26530 The question bank filter required additional sanitizing to prevent a reflected XSS risk. Affected Endpoints: No affected...
CVE Alert: CVE-2025-26531
Vulnerability Summary: CVE-2025-26531 Insufficient capability checks made it possible to disable badges a user does not have permission to access....
CVE Alert: CVE-2025-26526
Vulnerability Summary: CVE-2025-26526 Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses...
CVE Alert: CVE-2025-26533
Vulnerability Summary: CVE-2025-26533 An SQL injection risk was identified in the module list filter within course search. Affected Endpoints: No...
CVE Alert: CVE-2025-26525
Vulnerability Summary: CVE-2025-26525 Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where...
CVE Alert: CVE-2025-27137
Vulnerability Summary: CVE-2025-27137 Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software...
CVE Alert: CVE-2025-26532
Vulnerability Summary: CVE-2025-26532 Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored. Affected...
[LYNX] – Ransomware Victim: pacresmortgage[.]com
Ransomware Group: LYNX VICTIM NAME: pacresmortgagecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CICADA3301] – Ransomware Victim: Executive Agenda
Ransomware Group: CICADA3301 VICTIM NAME: Executive Agenda NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[CICADA3301] – Ransomware Victim: Birdsall Muller LLC
Ransomware Group: CICADA3301 VICTIM NAME: Birdsall Muller LLC NOTE: No files or stolen information are by RedPacket Security. Any legal...
CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications CISA, in partnership with...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware CISA released a fact sheet, Contec CMS8000 Contains...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on January 28, 2025. These...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on February 6, 2025. These...
