Offensive Sequence

Security threat visualization

Cisco UCCX hit by CRITICAL vuln (CVSS 9.8): unauthenticated RMI flaw enables file upload & root access. Isolate & restrict access, monitor closely, patch when available. https://radar.offseq.com/threat/cve-2025-20354-unrestricted-upload-of-file-with-da-8626db6a #OffSeq #Cisco #Security

Security threat visualization

🚨 CRITICAL: Cisco Unified CCX Editor auth bypass (CVE-2025-20358, CVSS 9.4) lets remote attackers gain admin script access. Patch fast, segment networks, monitor logs! https://radar.offseq.com/threat/cve-2025-20358-missing-authentication-for-critical-31c5a58e #OffSeq #Cisco #Security

Security threat visualization

Dell CloudLin CRITICAL vuln (CVE-2025-46364): Privileged users can escape CLI & seize full control. No patch yet — restrict CLI, audit access, & monitor now! https://radar.offseq.com/threat/cve-2025-46364-cwe-269-improper-privilege-manageme-89bb2a81 #OffSeq #Dell #CloudSecurity

Security threat visualization

CRITICAL: 'Bronze Butler' APT exploits zero-day in popular endpoint manager—root access, backdoors, targeting Japan. No patch yet. Audit exposure, restrict access, and boost monitoring now. https://radar.offseq.com/threat/apt-bronze-butler-exploits-zero-day-to-root-japan--8a6c8023 #OffSeq #ZeroDa...

Security threat visualization

React Native CRITICAL flaw exposes dev systems to remote attack. No patch yet — restrict access & monitor for updates. High risk for EU orgs. More: https://radar.offseq.com/threat/severe-react-native-flaw-exposes-developer-systems-39d58deb #OffSeq #ReactNative #DevSecOps

Security threat visualization

CISA alert: CRITICAL CentOS Web Panel flaw under active exploitation. Full system compromise risk — restrict CWP access, monitor traffic, prep for patching. European orgs especially at risk. https://radar.offseq.com/threat/cisa-warns-of-critical-centos-web-panel-bug-exploi-197deaee #OffSeq #CentO...

Security threat visualization

CRITICAL: BMC Control-M/Agent flaw (CVE-2025-55108) enables unauthenticated RCE if mutual SSL/TLS isn’t set up. Audit configs & enforce TLS now! 🔒 https://radar.offseq.com/threat/cve-2025-55108-cwe-306-missing-authentication-for--6d680f41 #OffSeq #ControlM #CyberAlert

Security threat visualization

KiotViet Sync plugin flaw (CRITICAL, CVE-2025-12674) lets unauthenticated attackers upload malicious files & possibly execute code. Disable plugin, monitor uploads, and enforce WAF rules ASAP. https://radar.offseq.com/threat/cve-2025-12674-cwe-434-unrestricted-upload-of-file-e0d702d1 #OffSeq #Wor...

Security threat visualization

HIGH severity alert: bplugins Document Embedder for WordPress lets attackers access or change embedded docs due to missing authorization (CVE-2025-12384). Disable plugin, watch for updates. https://radar.offseq.com/threat/cve-2025-12384-cwe-862-missing-authorization-in-bp-9a5a8015 #OffSeq #WordPr...

Security threat visualization

CRITICAL vuln: tigroumeow AI Engine for WordPress leaks bearer tokens via REST API if 'No-Auth URL' is enabled. All versions affected. Disable 'No-Auth URL' now. https://radar.offseq.com/threat/cve-2025-11749-cwe-200-exposure-of-sensitive-infor-fe07229e #OffSeq #WordPress #Security

Security threat visualization

Ransomware is a CRITICAL threat for EU orgs—no CVE, but all digital infrastructure at risk. Defend with Wazuh: monitor, detect early, act quickly. Patch, train, backup. Details: https://radar.offseq.com/threat/ransomware-defense-using-the-wazuh-open-source-pla-bcf2478f #OffSeq #Ransomware #Wazuh

Security threat visualization

CRITICAL: RCE flaw in @react-native-community/cli (v4.8.0–20.0.0-alpha.2) lets attackers run OS commands via Metro server. Update to v20+ and restrict server access now! https://radar.offseq.com/threat/critical-react-native-cli-flaw-exposed-millions-of-ec4faa00 #OffSeq #ReactNative #Vuln

Security threat visualization

CRITICAL code injection flaw in silentmatt expr-eval (all versions)! Unsanitized input can lead to arbitrary code exec. Audit usage & validate input ASAP. No known exploits yet—act fast. https://radar.offseq.com/threat/cve-2025-12735-cwe-94-improper-control-of-generati-0c7d97f6 #OffSeq #CVE202512...

Security threat visualization

Absolute Secure Access (<14.12) hit by HIGH severity DoS flaw (CVE-2025-59595) — remote, unauthenticated crash via crafted packet. Upgrade to 14.12+ ASAP! https://radar.offseq.com/threat/cve-2025-59595-vulnerability-in-absolute-secure-ac-0ba87216 #OffSeq #cybersecurity #vulnerability

Security threat visualization

Critical Android RCE patched in Nov 2025. Unpatched devices are vulnerable to remote takeover—no user action needed. Deploy updates immediately to reduce risk! More: https://radar.offseq.com/threat/android-update-patches-critical-remote-code-execut-ce5bdd09 #OffSeq #AndroidSecurity #PatchNow

Security threat visualization

CRITICAL: CVE-2025-11007 in CE21 Suite for WordPress (v2.2.1–2.3.1) allows unauthenticated admin creation. Update or restrict vulnerable AJAX endpoint immediately! https://radar.offseq.com/threat/cve-2025-11007-cwe-306-missing-authentication-for--e3e5c925 #OffSeq #WordPress #Vulnerability

Security threat visualization

CRITICAL: MediaTek modem vuln (CVE-2025-20727) enables remote code execution via rogue base stations—affects LR12A, NR15–NR17R. Patch fast & boost network monitoring! https://radar.offseq.com/threat/cve-2025-20727-cwe-787-out-of-bounds-write-in-medi-6035c779 #OffSeq #MobileSecurity #Vulnerability

Security threat visualization

⚠️ CRITICAL: Simple User Capabilities for WordPress lets anyone escalate to admin—no auth needed! All versions affected, no patch yet. Disable plugin now & monitor admin changes. https://radar.offseq.com/threat/cve-2025-12158-cwe-862-missing-authorization-in-ta-2fe2b264 #OffSeq #WordPress #Securi...

Security threat visualization

⚠️ CRITICAL: CE21 Suite plugin (all versions) for WordPress leaks sensitive credentials in logs. Full site takeover possible! Restrict log access & rotate admin creds ASAP. Patch pending. https://radar.offseq.com/threat/cve-2025-11008-cwe-532-insertion-of-sensitive-info-28ecf379 #OffSeq #WordPres...

Security threat visualization

CRITICAL: CVE-2025-43472 in macOS lets apps escalate to root due to input validation issues. Update to Sonoma 14.8.2/Sequoia 15.7.2 immediately. No active exploits reported. More info: https://radar.offseq.com/threat/cve-2025-43472-an-app-may-be-able-to-gain-root-pri-b768dc49 #OffSeq #macOS #SecNews

Security threat visualization

MEDIUM alert: CVE-2025-35021 in Abilis CPX allows SSH auth bypass on unconfigured devices. Configure before deployment & monitor SSH attempts. 🛡️ https://radar.offseq.com/threat/cve-2025-35021-cwe-1188-insecure-default-initializ-4494496b #OffSeq #Vulnerability #SSH

Security threat visualization

HttpTroy backdoor (MEDIUM) deployed by Kimsuky APT via spear-phishing in South Korea. Advanced obfuscation & stealth—defend with EDR, email filtering, and user training. Watch for fake VPN invoices! https://radar.offseq.com/threat/new-httptroy-backdoor-poses-as-vpn-invoice-in-targ-ff3cda7c #OffSe...

Security threat visualization

Google Chrome’s V8 engine hit by two HIGH-severity flaws — attackers could run code or crash browsers. No known exploits, but patch ASAP and harden endpoints. https://radar.offseq.com/threat/google-pays-100000-in-rewards-for-two-chrome-vulne-60950c8b #OffSeq #Chrome #Security

Security threat visualization

Eaton BLSS HIGH vuln: Privileged users can bypass authentication after enabling an app protocol. No patch yet — disable the protocol & boost access controls now. https://radar.offseq.com/threat/cve-2025-48397-cwe-306-missing-authentication-for--52125ac9 #OffSeq #ICS #Vulnerability

Security threat visualization

🚨 HIGH severity: CVE-2025-12619 in Tenda A15 (v15.13.07.13) enables remote buffer overflow via /goform/openNetworkGateway. Public exploit available — check your exposure & stay alert for fixes. https://radar.offseq.com/threat/cve-2025-12619-buffer-overflow-in-tenda-a15-3fd827e1 #OffSeq #Vulnerabi...

Security threat visualization

University of Pennsylvania hit by a HIGH-severity breach. Attackers threaten to leak data via email. Academic orgs: review email security, enforce MFA & monitor for data exfiltration. https://radar.offseq.com/threat/we-got-hacked-emails-threaten-to-leak-university-o-b590b958 #OffSeq #DataBreach #...

Security threat visualization

Australia flags HIGH-severity BadCandy infections on unpatched Cisco devices. Patch ASAP to protect your network! Details: https://radar.offseq.com/threat/australia-warns-of-badcandy-infections-on-unpatche-df32f5a9 #OffSeq #Cisco #Malware

Security threat visualization

🚨 Tenda AC21 (16.03.08.16) hit by HIGH severity buffer overflow (CVE-2025-12611). Remote exploit code is public—monitor & restrict remote access now. https://radar.offseq.com/threat/cve-2025-12611-buffer-overflow-in-tenda-ac21-cd0e66db #OffSeq #Tenda #Vulnerability

Security threat visualization

Tenda AC23 (16.03.07.52) hit by HIGH severity buffer overflow—public exploit out. Restrict admin access, disable remote mgmt, and monitor traffic. Patch as soon as available. Details: https://radar.offseq.com/threat/cve-2025-12596-buffer-overflow-in-tenda-ac23-c61abae8 #OffSeq #Vulnerability #Rou...

Security threat visualization

CRITICAL: Windows GDI bugs enable remote code execution & memory leaks—no user action required. Patch May–Aug 2025 updates now to protect your systems! 🛡️ https://radar.offseq.com/threat/drawn-to-danger-windows-graphics-vulnerabilities-l-4462158f #OffSeq #WindowsSecurity #PatchTuesday