CVE Alert: CVE-2025-22654
Vulnerability Summary: CVE-2025-22654 Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue...
threatintel
CVE Alert: CVE-2025-22639
Vulnerability Summary: CVE-2025-22639 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Distance Rate...
CVE Alert: CVE-2025-22645
Vulnerability Summary: CVE-2025-22645 Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager allows Password Brute Forcing....
[QILIN] – Ransomware Victim: lake-washington-vascular
Ransomware Group: QILIN VICTIM NAME: lake-washington-vascular NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FOG] – Ransomware Victim: Gitlabs: Next TI, VISEO, Hochschule Trier
Ransomware Group: FOG VICTIM NAME: Gitlabs: Next TI, VISEO, Hochschule Trier NOTE: No files or stolen information are by RedPacket...
[KILLSEC] – Ransomware Victim: Help Me Grow Yolo
Ransomware Group: KILLSEC VICTIM NAME: Help Me Grow Yolo NOTE: No files or stolen information are by RedPacket Security. Any...
[KILLSEC] – Ransomware Victim: BeniPlus
Ransomware Group: KILLSEC VICTIM NAME: BeniPlus NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[KILLSEC] – Ransomware Victim: Brolly
Ransomware Group: KILLSEC VICTIM NAME: Brolly NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[KILLSEC] – Ransomware Victim: NimuSoft
Ransomware Group: KILLSEC VICTIM NAME: NimuSoft NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-27013
Vulnerability Summary: CVE-2025-27013 Missing Authorization vulnerability in EPC MediCenter - Health Medical Clinic WordPress Theme allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-27016
Vulnerability Summary: CVE-2025-27016 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awsm.in Drivr Lite – Google...
CVE Alert: CVE-2025-22656
Vulnerability Summary: CVE-2025-22656 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar...
CVE Alert: CVE-2025-22657
Vulnerability Summary: CVE-2025-22657 Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-26604
Vulnerability Summary: CVE-2025-26604 Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because...
CVE Alert: CVE-2025-27113
Vulnerability Summary: CVE-2025-27113 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. Affected...
CVE Alert: CVE-2025-26615
Vulnerability Summary: CVE-2025-26615 WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A...
CVE Alert: CVE-2024-13743
Vulnerability Summary: CVE-2024-13743 The Wonder Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wonderplugin_video...
CVE Alert: CVE-2025-24928
Vulnerability Summary: CVE-2025-24928 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To...
CVE Alert: CVE-2024-56171
Vulnerability Summary: CVE-2024-56171 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 16, 2025. These...
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap
CISA and Partners Release Call to Action to Close the National Software Understanding Gap Today, CISA—in partnership with the Defense Advanced...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
