New ransom group blog post!
Group name: nitrogen
Post title: Global Media Group
Info: https://cti.fyi/groups/nitrogen.html
cti.fyinitrogen
#cti
241 posts40 participants10 posts today
Mustang Panda is targeting Myanmar again with phishing emails and self-extracting RAR files to deploy backdoors. Classic APT tactics: stealth, persistence, data theft.
https://thehackernews.com/2025/04/mustang-panda-targets-myanmar-with.html
CVE-2025-39471 - Pantherius Modal Survey SQL Injection Vulnerability April 18, 2025 at 05:15AM https://ift.tt/ixJW341 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-39471 - Pantherius Modal Survey SQL Injection VulnerabilityImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pantherius Modal Survey.This issue affects Modal Survey: from n/a through 2.0.2.0.1.
CVE-2025-39470 - ThimPress Ivy School PHP Local File Inclusion Vulnerability April 18, 2025 at 05:15AM https://ift.tt/fSPUpy7 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-39470 - ThimPress Ivy School PHP Local File Inclusion VulnerabilityPath Traversal: '.../...//' vulnerability in ThimPress Ivy School allows PHP Local File Inclusion.This issue affects Ivy School: from n/a through 1.6.0.
Inheritance in Python: la chiave per scrivere codice pulito e collaborativo nel Machine Learning
Link all'articolo : https://www.redhotcyber.com/post/inheritance-in-python-la-chiave-per-scrivere-codice-pulito/
il blog della sicurezza informatica · Inheritance in Python: la chiave per scrivere codice pulito e collaborativo nel Machine LearningScopri come l'uso corretto dell'inheritance in Python può prevenire technical debt e migliorare la qualità dei tuoi progetti di machine learning. Segui esempi pratici e consigli per lavorare meglio in team.
Zero-day su iPhone, Mac e iPad: Apple corre ai ripari con patch d’emergenza
Link all'articolo : https://www.redhotcyber.com/post/zero-day-su-iphone-mac-e-ipad-apple-corre-ai-ripari-con-patch-demergenza/
il blog della sicurezza informatica · Zero-day su iPhone, Mac e iPad: Apple corre ai ripari con patch d’emergenzaApple patcha due vulnerabilità zero-day già sfruttate in attacchi sofisticati contro utenti iPhone. Aggiorna subito a iOS 18.4.1 e macOS 15.4.1!
Aggiorna e muori: Windows 11 mostra la schermata Blu Della Morte (BSOD) dopo gli update di Aprile
Link all'articolo : https://www.redhotcyber.com/post/aggiorna-e-muori-windows-11-mostra-la-schermata-blu-della-morte-bsod-dopo-gli-update-di-aprile/
il blog della sicurezza informatica · Aggiorna e muori: Windows 11 mostra la schermata Blu Della Morte (BSOD) dopo gli update di AprileWindows 11 24H2 mostra schermate blu dopo gli update di marzo e aprile. Errore 0x18B SECURE_KERNEL_ERROR causato dal bug in KB5055523.
CVE-2025-42599 - Active! Mail Stack-Based Buffer Overflow Vulnerability April 18, 2025 at 04:15AM https://ift.tt/gdFKmnL #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-42599 - Active! Mail Stack-Based Buffer Overflow VulnerabilityActive! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.
CVE-2025-3520 - "WordPress Avatar Plugin File Deletion Vulnerability" April 18, 2025 at 02:15AM https://ift.tt/0RPZYeN #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3520 - "WordPress Avatar Plugin File Deletion Vulnerability"The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 0.1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily …
New ransom group blog post!
Group name: lynx
Post title: Sally B Gold
Info: https://cti.fyi/groups/lynx.html
cti.fyilynx
CVE-2024-55211 - Think Router Tk-Rt-Wr135G Authentication Bypass April 17, 2025 at 06:15PM https://ift.tt/R5HEGug #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2024-55211 - Think Router Tk-Rt-Wr135G Authentication BypassAn issue in Think Router Tk-Rt-Wr135G V3.0.2-X000 allows attackers to bypass authentication via a crafted cookie.
CVE-2025-28009 - Dietiqa App SQL Injection Vulnerability April 17, 2025 at 06:15PM https://ift.tt/YgzoxVA #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-28009 - Dietiqa App SQL Injection VulnerabilityA SQL Injection vulnerability exists in the `u` parameter of the progress-body-weight.php endpoint of Dietiqa App v1.0.20.
"Caesars Entertainment is pleased to offer an exciting opportunity for a Cyber Threat Intelligence Analyst to join our industry-leading #Cybersecurity division in Las Vegas, Nevada."
Lead Cyber Threat Intelligence Analyst
United States (Remote)
Caesars EntertainmentLead Cyber Threat Intelligence AnalystCaesars Entertainment is pleased to offer an exciting opportunity for a Cyber Threat Intelligence Analyst to join our industry-leading Cybersecurity division in Las Vegas, Nevada.
We have added indicators: Latrodectus (+1), Orcus RAT (+1), Rhadamanthys (+1), Meterpreter (+1), Xtreme RAT (+1), DarkComet (+1) and MooBot (+1). https://vuldb.com/?actor #apt #cti #ioc
vuldb.comActorsPredictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.
Our CTI team identifies elevated offensive activities for products of the category WordPress Plugin https://vuldb.com/?type.wordpress_plugin #cti #apt
CVE-2025-43015 - In JetBrains RubyMine before 2025.1 remote Interpr April 17, 2025 at 04:16PM https://ift.tt/f3bqeKi #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-43015 - JetBrains RubyMine Remote Port OverwriteIn JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces
CVE-2025-43012 - In JetBrains Toolbox App before 2.6 command inject April 17, 2025 at 04:15PM https://ift.tt/MdvG3aN #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-43012 - JetBrains Toolbox App SSH Plugin Command Injection VulnerabilityIn JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
CVE-2025-39596 - Weak Authentication vulnerability in Quentn.com Gm April 17, 2025 at 04:15PM https://ift.tt/dEn9th0 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-39596 - Quentn.com GmbH Quentn WP Weak Authentication Privilege EscalationWeak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This issue affects Quentn WP: from n/a through 1.2.8.
CVE-2025-39595 - Improper Neutralization of Special Elements used i April 17, 2025 at 04:15PM https://ift.tt/J68tMlw #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-39595 - Quentn WP SQL InjectionImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Quentn.com GmbH Quentn WP allows SQL Injection. This issue affects Quentn WP: from n/a through 1.2.8.