threatintel

CVE Alert: CVE-2024-13262

January 10, 2025

Vulnerability Summary: CVE-2024-13262 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal View Password allows Cross-Site...

CVE Alert: CVE-2024-13283

January 10, 2025

Vulnerability Summary: CVE-2024-13283 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Facets allows Cross-Site Scripting...

CVE Alert: CVE-2025-21385

January 10, 2025

Vulnerability Summary: CVE-2025-21385 A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over...

CVE Alert: CVE-2025-21380

January 10, 2025

Vulnerability Summary: CVE-2025-21380 Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network....

CVE Alert: CVE-2024-56377

January 10, 2025

Vulnerability Summary: CVE-2024-56377 A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject...

CVE Alert: CVE-2024-55494

January 10, 2025

Vulnerability Summary: CVE-2024-55494 A cross-site scripting (XSS) vulnerability in Opencode Mobile Collect Call v5.4.7 allows attackers to execute arbitrary web...

CVE Alert: CVE-2024-56376

January 10, 2025

Vulnerability Summary: CVE-2024-56376 A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to...

GLAMIRA – 874,594 breached accounts

January 10, 2025

HIBP In late 2023, the online jewellery store GLAMIRA suffered a data breach they attributed to "an unauthorised individual briefly...

[ELDORADO] – Ransomware Victim: EVAS Group

January 10, 2025

Ransomware Group: ELDORADO VICTIM NAME: EVAS Group NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

[RANSOMHUB] – Ransomware Victim: www[.]mie[.]com[.]my

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwmiecommy NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[EVEREST] – Ransomware Victim: Evidn

January 10, 2025

Ransomware Group: EVEREST VICTIM NAME: Evidn NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]fairhallzhang[.]com

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwfairhallzhangcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]temotekstil[.]com[.]tr

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwtemotekstilcomtr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]rotaryeng[.]co[.]th

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwrotaryengcoth NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]leaguecenter[.]org

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwleaguecenterorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]excelresourcing[.]co[.]uk

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwexcelresourcingcouk NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: www[.]primalwear[.]com

January 10, 2025

Ransomware Group: RANSOMHUB VICTIM NAME: wwwprimalwearcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CISA: CISA Releases New Public Version of CDM Data Model Document

January 10, 2025

CISA Releases New Public Version of CDM Data Model Document Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an...

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

January 10, 2025

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...

threatintel

CVE Alert: CVE-2024-13262

CVE Alert: CVE-2024-13283

CVE Alert: CVE-2025-21385

CVE Alert: CVE-2025-21380

CVE Alert: CVE-2024-56377

CVE Alert: CVE-2024-55494

CVE Alert: CVE-2024-56376

GLAMIRA – 874,594 breached accounts

[ELDORADO] – Ransomware Victim: EVAS Group

[RANSOMHUB] – Ransomware Victim: www[.]mie[.]com[.]my

[EVEREST] – Ransomware Victim: Evidn

[RANSOMHUB] – Ransomware Victim: www[.]fairhallzhang[.]com

[RANSOMHUB] – Ransomware Victim: www[.]temotekstil[.]com[.]tr

[RANSOMHUB] – Ransomware Victim: www[.]rotaryeng[.]co[.]th

[RANSOMHUB] – Ransomware Victim: www[.]leaguecenter[.]org

[RANSOMHUB] – Ransomware Victim: www[.]excelresourcing[.]co[.]uk

[RANSOMHUB] – Ransomware Victim: www[.]primalwear[.]com

CISA: CISA Releases New Public Version of CDM Data Model Document

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: Microsoft Releases December 2024 Security Updates

CISA: Cisco Releases Security Updates for NX-OS Software

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Adobe Releases Security Updates for Multiple Products

[NOVA] – Ransomware Victim: Epcatalogs Company

[PLAY] – Ransomware Victim: Budget Electric

[WORLDLEAKS] – Ransomware Victim: Tiscali SPA

[HANDALA] – Ransomware Victim: ClockWorkAdmin

[WORLDLEAKS] – Ransomware Victim: Landscape Hawaii

You may have missed