Offensive Sequence

Security threat visualization

CRITICAL: 2100 Tech Official Document Management System (5.0.89.0-2) hit by auth bypass (CVE-2025-8853). No patch yet — restrict access, monitor for abuse, and stay alert! https://radar.offseq.com/threat/cve-2025-8853-cwe-290-authentication-bypass-by-spo-d668c1ce #OffSeq #CVE2025 #Vulnerability

Security threat visualization

HIGH severity alert: Google Keras 3.0.0–3.10.0 vulnerable to arbitrary code execution via unsafe .keras model deserialization. Only load trusted models & monitor for updates. https://radar.offseq.com/threat/cve-2025-8747-cwe-502-deserialization-of-untrusted-6c22ad13 #OffSeq #Vulnerability #Keras

Security threat visualization

Linksys RE6250 & others hit by HIGH severity stack buffer overflow (CVE-2025-8833). No patch, public exploit out. Isolate devices & monitor for attacks! https://radar.offseq.com/threat/cve-2025-8833-stack-based-buffer-overflow-in-links-1bd91c00 #OffSeq #Linksys #SecurityAlert

Security threat visualization

🔔 HIGH severity stack buffer overflow in Linksys RE6250 (up to 20250801). Public exploit out, no patch yet—restrict access & monitor devices! Details: https://radar.offseq.com/threat/cve-2025-8832-stack-based-buffer-overflow-in-links-113b2e58 #OffSeq #Linksys #VulnAlert

Security threat visualization

🚨 HIGH-severity vuln (CVE-2025-8824) in Linksys RE6250 & related models—remotely exploitable, no patch yet. Restrict access to management interfaces & monitor endpoints now! https://radar.offseq.com/threat/cve-2025-8824-stack-based-buffer-overflow-in-links-30273934 #OffSeq #cybersecurity #IoT

Security threat visualization

Linksys RE6250 hit by HIGH severity stack buffer overflow (CVE-2025-8826). Remote exploit public, no patch yet. Audit exposure & restrict access immediately. https://radar.offseq.com/threat/cve-2025-8826-stack-based-buffer-overflow-in-links-259ef8e0 #OffSeq #Vulnerability #IoTSecurity

Security threat visualization

Linksys RE6250 & others face a HIGH severity stack buffer overflow (CVE-2025-8822). Exploit is public, no patch. Isolate, monitor, and consider replacing affected extenders. Act now: https://radar.offseq.com/threat/cve-2025-8822-stack-based-buffer-overflow-in-links-72b290ab #OffSeq #Vulnerability...

Security threat visualization

Linksys RE6250 & more face HIGH severity stack buffer overflow (public exploit out). No patch—secure remote access and monitor closely! https://radar.offseq.com/threat/cve-2025-8820-stack-based-buffer-overflow-in-links-0784f930 #OffSeq #Vulnerability #Linksys

Security threat visualization

Dreamehome iOS app faces HIGH-severity vuln—accepts self-signed certs, risking MITM & credential leaks on public Wi-Fi. Avoid public networks & watch for updates. https://radar.offseq.com/threat/cve-2025-8393-cwe-295-in-dreame-technology-dreameh-116ece46 #OffSeq #Vulnerability #iOSSecurity

Security threat visualization

WordPress Eventin plugin (≤4.0.34) faces HIGH-risk flaw—contributors can hijack admin accounts via email changes. Audit permissions, enable MFA, monitor now. Patch when available! https://radar.offseq.com/threat/cve-2025-4796-cwe-639-authorization-bypass-through-75153690 #OffSeq #WordPress #Security

Security threat visualization

FTC: Older adults lost $700M to scams in 2024 (HIGH severity). Social engineering targets financial & elder care orgs—boost fraud detection & MFA now. Full story: https://radar.offseq.com/threat/ftc-older-adults-lost-record-700-million-to-scamme-dd5b7fdf #OffSeq #FraudPrevention #CyberSecurity

Security threat visualization

HIGH severity: fedify-dev fedify improper authentication lets unauthenticated attackers impersonate any ActivityPub actor. Upgrade to a patched version ASAP. More info: https://radar.offseq.com/threat/cve-2025-54888-cwe-287-improper-authentication-in--7c8f93db #OffSeq #Fedify #Security

Security threat visualization

🚨 High severity: @workos-inc/authkit-remix <0.15.0 leaks auth tokens via browser HTML. Upgrade to 0.15.0+ now and audit for exposures! https://radar.offseq.com/threat/cve-2025-55009-cwe-200-exposure-of-sensitive-infor-c325b69e #OffSeq #remixjs #security

Security threat visualization

High-severity info exposure in workos authkit-react-router <0.7.0 — tokens leaked in browser HTML. Upgrade to 0.7.0+ now and check your code for leaks. https://radar.offseq.com/threat/cve-2025-55008-cwe-200-exposure-of-sensitive-infor-74e96ecf #OffSeq #infosec #ReactJS

Security threat visualization

HIGH severity vuln: TRENDnet TV-IP110WN v1.2.2 — least privilege violation via Boa Web Server config. Local access needed; public exploit out. Restrict access & segment networks. https://radar.offseq.com/threat/cve-2025-8757-least-privilege-violation-in-trendne-ea55cefc #OffSeq #IoTSecurity #Vuln...

Security threat visualization

TRENDnet TEW-822DRE (FW103B02) faces a HIGH severity vsftpd privilege flaw. Local exploit is public & no patch yet. Restrict access, monitor, segment networks. Act now! https://radar.offseq.com/threat/cve-2025-8758-least-privilege-violation-in-trendne-068692fa #OffSeq #TRENDnet #SecurityAlert

Security threat visualization

Apache CXF hit by CRITICAL RCE flaw (CVE-2025-48913) in 4.0.0/4.1.0—upgrade to a safe version now! Limit JMS config to trusted users. Details: https://radar.offseq.com/threat/cve-2025-48913-cwe-20-improper-input-validation-in-386f6c70 #OffSeq #ApacheCXF #SecurityAlert

Security threat visualization

Belkin F9K1009/F9K1010 routers (2.00.04/2.00.09) face a CRITICAL hard-coded credentials flaw (CVE-2025-8730). No patch—replace or segment devices now. Monitor for abuse! https://radar.offseq.com/threat/cve-2025-8730-hard-coded-credentials-in-belkin-f9k-e6586f12 #OffSeq #cybersecurity #Belkin

Security threat visualization

CRITICAL: TRENDnet TI-G160i, TI-PG102i & TPL-430AP vulnerable (CVE-2025-8731) to remote attacks via default SSH credentials. No patch—change passwords & restrict access now! https://radar.offseq.com/threat/cve-2025-8731-use-of-default-credentials-in-trendn-a133a382 #OffSeq #IoTSecurity #Vulnerabi...

Security threat visualization

🚨 CRITICAL flaw in Xerox FreeFlow Core v8.0.4: Path Traversal enables unauthenticated RCE, risking sensitive files. Isolate systems & monitor for attacks until patched. Details: https://radar.offseq.com/threat/cve-2025-8356-cwe-22-improper-limitation-of-a-path-c7213120 #OffSeq #CyberSecurity #Pri...

Security threat visualization

⚡️ CRITICAL flaw in Packet Power EMX: no authentication by default on web interface (CVE-2025-8284, CVSS 9.8). Isolate from public networks & restrict access immediately. No patch. https://radar.offseq.com/threat/cve-2025-8284-cwe-306-in-packet-power-emx-8c8d31c8 #OffSeq #vulnerability #energysec...

Security threat visualization

CRITICAL: CVE-2025-55013 in Assemblyline (<4.6.1.dev138) lets attackers write files anywhere via path traversal. Upgrade to 4.6.1.dev138+ now! 🛡️ https://radar.offseq.com/threat/cve-2025-55013-cwe-23-relative-path-traversal-in-c-5263e20f #OffSeq #Vulnerability #Cybersecurity

Security threat visualization

WinRAR zero-day (CRITICAL) exploited: extracting malicious archives can plant malware—no patch yet. Stop using WinRAR for untrusted files & switch to safer tools. Act now! https://radar.offseq.com/threat/winrar-zero-day-exploited-to-plant-malware-on-arch-9775d166 #OffSeq #WinRAR #ZeroDay

Security threat visualization

Burk ARC Solo hit by CRITICAL flaw: attackers can change passwords with no auth—remote takeover risk! Isolate devices & restrict HTTP access until a patch lands. Details: https://radar.offseq.com/threat/cve-2025-5095-cwe-306-in-burk-technology-arc-solo-70be6c91 #OffSeq #Vulnerability #IoTSecurity

Security threat visualization

CRITICAL flaw in Apache Seata 2.4.0: deserialization bug (CVE-2025-53606) could enable code execution. Upgrade to 2.5.0 now to secure your distributed transactions! https://radar.offseq.com/threat/cve-2025-53606-cwe-502-deserialization-of-untruste-8a26a77d #OffSeq #ApacheSeata #security

Security threat visualization

⚠️ CRITICAL: OS command injection in Shenzhen Aitemi M300 Wi-Fi Repeater lets attackers gain root via PPPoE config. No patch — isolate & restrict access now! https://radar.offseq.com/threat/cve-2025-34150-cwe-78-improper-neutralization-of-s-bcde81f2 #OffSeq #IoTSecurity #Vulnerability

Security threat visualization

CVE-2025-34149 (CRITICAL, CVSS 9.4): Unauthenticated OS command injection in Shenzhen Aitemi M300 Wi-Fi Repeaters—full device takeover possible. Segment networks & monitor for abuse. Patch ASAP! https://radar.offseq.com/threat/cve-2025-34149-cwe-78-improper-neutralization-of-s-a995e69c #OffSeq #I...

Security threat visualization

CRITICAL: CVE-2025-34148 in Shenzhen Aitemi M300 Wi-Fi Repeaters lets attackers gain root via unauthenticated OS command injection in WISP mode. Isolate, monitor, and restrict access now. https://radar.offseq.com/threat/cve-2025-34148-cwe-78-improper-neutralization-of-s-5720704b #OffSeq #IoTSecur...

Security threat visualization

6a8 CRITICAL Azure Portal vuln (CVE-2025-53792): Unauthenticated attackers can escalate privileges. No patch—enforce MFA, restrict access, monitor logs. Details: https://radar.offseq.com/threat/cve-2025-53792-cwe-285-improper-authorization-in-m-470fa6a8 #OffSeq #Azure #Security

Security threat visualization

Azure Open AI CRITICAL SSRF (CVSS 10): Unauthenticated attackers may access internal resources & escalate privileges. Restrict outbound traffic & monitor logs ASAP. Patch when available. https://radar.offseq.com/threat/cve-2025-53767-cwe-918-server-side-request-forgery-dfee4d77 #OffSeq #Azure #Cl...