Lightnews — Scholar-powered news

Offensive Sequence

@offseq.bsky.social

12 followers 0 following 670 posts

OffSeq is a cutting-edge European cybersecurity company helping organizations build digital resilience through tailored, proactive security solutions. #CyberSecurity https://www.offseq.com/ https://radar.offseq.com/ https://guard.offseq.com/

Posts Media Videos Starter Packs

Pinned

Offensive Sequence @offseq.bsky.social · 15d

🚨 Radar v2 is live!
Major upgrades have landed at radar.offseq.com

🧠 New in Version 2:
1️⃣ Submit a community link — share high-signal threat analysis, incident reports.
2️⃣ Join community reviews
3️⃣ Revamped UI/UX

💥 Fresh intel awaits — jump back in and add your insights: radar.offseq.com

Threat Radar | OffSeq - Live Threat Intelligence

Real-time cyber threat intelligence radar showing the latest vulnerabilities, malware, and cyber threats affecting European countries and beyond.

radar.offseq.com

Offensive Sequence @offseq.bsky.social · 1h

🚨 CRITICAL SQL Injection in Epsilon RH v3.03.36.0121: attackers can access or alter HR data without auth. Deploy WAF, validate input, restrict DB access until patch arrives. https://radar.offseq.com/threat/cve-2025-41028-cwe-89-improper-neutralization-of-s-e49230fe #OffSeq #SQLi #CVE202541028

Security threat visualization

Offensive Sequence @offseq.bsky.social · 3h

CRITICAL: Galaxy Vitals ESP Forum Module (≤1.3) lets auth'd users upload dangerous files & run commands. Audit upload functions, enforce validation, monitor activity now! https://radar.offseq.com/threat/cve-2025-31342-cwe-434-unrestricted-upload-of-file-4391e83b #OffSeq #CVE202531342 #security

Security threat visualization

Offensive Sequence @offseq.bsky.social · 4h

Nixdorf Wincor PORT IO Driver stack overflow (HIGH, v1.0.0.0/1.0.0.1) — public exploit out! Patch to v3.0.0.1 now to prevent privilege escalation. https://radar.offseq.com/threat/cve-2025-5555-stack-based-buffer-overflow-in-nixdo-1a9e9be3 #OffSeq #Vulnerability #BankingSecurity

Security threat visualization

Offensive Sequence @offseq.bsky.social · 6h

ETERNUS SF AdvancedCopy Manager (Solaris 10/11) HIGH vuln: Incorrect permissions let low-priv users grab DB creds & run admin-level OS commands. Audit server permissions ASAP. https://radar.offseq.com/threat/cve-2025-62577-incorrect-default-permissions-in-fs-7000f9c4 #OffSeq #Vulnerability #Solaris

Security threat visualization

Offensive Sequence @offseq.bsky.social · 7h

CRITICAL: CVE-2025-11948 in Excellent Infotek DMS lets unauth'd users upload/execute files—remote code execution risk. No patch. Restrict uploads, deploy WAFs, monitor closely. https://radar.offseq.com/threat/cve-2025-11948-cwe-434-unrestricted-upload-of-file-efde2151 #OffSeq #CyberSecurity #Vuln...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 9h

Silver Fox targets Japan & Malaysia with Winos 4.0 via HoldingHands RAT—HIGH severity. Watch for persistent RAT activity in Windows environments. Prioritize EDR and strict access controls. https://radar.offseq.com/threat/silver-fox-expands-winos-40-attacks-to-japan-and-m-b27e1677 #OffSeq #ThreatI...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 10h

Experian hit with $3.2M fine for mass personal data collection. Severity: HIGH. Key risk: regulatory penalties for non-compliance. Review your data governance and privacy practices now. https://radar.offseq.com/threat/experian-fined-32-million-for-mass-collecting-pers-0cd8e478 #OffSeq #Privacy #D...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 12h

F5 breach (CRITICAL): Nation-state actor stole BIG-IP source & unpublished vulnerabilities. No known exploits yet. Monitor BIG-IP systems, segment, and patch fast once updates drop! https://radar.offseq.com/threat/f5-data-breach-what-happened-and-how-it-impacts-yo-8c427a49 #OffSeq #BIGIP #Securit...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

LibreWolf on Windows ≤143.0.4-1 hit by HIGH severity installer flaw—local, complex attack could lead to privilege escalation. Upgrade to 144.0-1 ASAP. https://radar.offseq.com/threat/cve-2025-11940-uncontrolled-search-path-in-librewo-7cc9289e #OffSeq #Vulnerability #BrowserSecurity

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

ConnectWise Automate fixed a HIGH severity bug enabling AiTM update attacks. EU orgs/MSPs: Patch ASAP, segment RMM, monitor updates. No active exploits yet — stay vigilant! https://radar.offseq.com/threat/connectwise-fixes-automate-bug-allowing-aitm-updat-85668075 #OffSeq #SupplyChain #PatchNow

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

Envoy, part of American Airlines, reports a HIGH severity Oracle data theft. Sensitive data exfiltrated. Audit Oracle systems & access logs—review incident response plans. Details limited. https://radar.offseq.com/threat/american-airlines-subsidiary-envoy-confirms-oracle-501bab35 #OffSeq #Oracle ...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

New .NET CAPI backdoor (HIGH severity) hits Russian auto & e-commerce via phishing ZIPs. RCE, stealth, & persistence—Euro orgs: boost email security & watch .NET/CAPI activity. Details: https://radar.offseq.com/threat/new-net-capi-backdoor-targets-russian-auto-and-e-c-14dece74 #OffSeq #malware #t...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

HIGH severity DoS in rplay 3.3.2 🚦: Unauthenticated attackers can crash the daemon with crafted packets. Restrict access & monitor for issues till a patch is out. https://radar.offseq.com/threat/cve-2025-62672-na-a500cfe1 #OffSeq #Security #DoS

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

WatchGuard Fireware OS VPN flaw (CRITICAL) enables remote code execution—no auth required. Patch Fireware OS now and restrict VPN exposure to trusted IPs. Details: https://radar.offseq.com/threat/researchers-uncover-watchguard-vpn-bug-that-could--9bfb583e #OffSeq #WatchGuard #VPN

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

Everest Gang hits Collins Aerospace (HIGH severity). Supply chain & sensitive data risk for aerospace/defense sectors—especially Europe. Boost monitoring & review access controls. https://radar.offseq.com/threat/from-airport-chaos-to-cyber-intrigue-everest-gang--71029c3b #OffSeq #cybersecurity #s...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

Google Gemini AI flaw: CRITICAL — Can auto-dial 911/112 & create Gmail drafts without user OK on Android. Disable 'Make calls without unlocking' & review logs urgently. Big risk for EU users! https://radar.offseq.com/threat/notice-google-gemini-ais-undisclosed-911-auto-dial-93405d38 #OffSeq #Andr...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

WordPress admins: HIGH severity CSRF in mndpsingh287 Theme Editor (all versions ≤3.0) can lead to RCE if an admin clicks a malicious link. Limit admin access & monitor for fixes. https://radar.offseq.com/threat/cve-2025-9890-cwe-352-cross-site-request-forgery-c-55937c52 #OffSeq #WordPress #CSRF

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

CRITICAL: SigningHub v8.6.8 is open to brute force attacks due to missing login rate limiting. No patch yet—enforce MFA, monitor logs, and block excessive attempts immediately. https://radar.offseq.com/threat/cve-2025-56221-na-8241ab30 #OffSeq #Vulnerability #SecurityAlert

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

CRITICAL: themeisle PPOM for WooCommerce (<=33.0.15) lets attackers upload dangerous files, risking RCE for paid users. Disable or remove plugin until fixed. Details: https://radar.offseq.com/threat/cve-2025-11391-cwe-434-unrestricted-upload-of-file-2c60773c #OffSeq #WordPress #Security

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

Critical CVE-2025-62645 in RBI assistant platform: Authenticated users can get admin privileges via createToken GraphQL mutation. Restrict, monitor, and audit access immediately. No patch yet. https://radar.offseq.com/threat/cve-2025-62645-cwe-266-incorrect-privilege-assignm-f73d8c8a #OffSeq #CVE...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

CRITICAL: CVE-2025-8414 found in Silabs Simplicity SDK Zigbee EZSP Host Apps. Buffer overflow may allow code execution if network key is compromised. Segment & monitor Zigbee networks while awaiting patch. https://radar.offseq.com/threat/cve-2025-8414-cwe-20-improper-input-validation-in--77d2d526...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

Squid (<7.2) hit by CRITICAL info leak (CVE-2025-62168): HTTP creds exposed in error messages. Patch to 7.2+ or set email_err_data off in squid.conf NOW. https://radar.offseq.com/threat/cve-2025-62168-cwe-209-generation-of-error-message-87fa303f #OffSeq #Vulnerability #Squid

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

Critical CVE-2025-11925: Azure BLU-IC2/IC4 ≤1.19.5 vulnerable to remote, unauthenticated XSS via API misconfig. Audit APIs, update headers, and patch ASAP. https://radar.offseq.com/threat/cve-2025-11925-cwe-754-improper-check-for-unusual--a7ed82d0 #OffSeq #Azure #XSS

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

CRITICAL: marsupialtail quokka <=3.0.1 faces RCE risk (CVE-2025-62515) due to unsafe pickle deserialization. Audit servers, restrict network exposure, and monitor now! https://radar.offseq.com/threat/cve-2025-62515-cwe-502-deserialization-of-untruste-91ef1bfa #OffSeq #CVE202562515 #VulnAlert

Security threat visualization

Offensive Sequence @offseq.bsky.social · 3d

Critical vuln: Moxa EDR-G9010 v1.0 allows privilege escalation via broken API access. Restrict /api/v1/setting/data now, patch when available! https://radar.offseq.com/threat/cve-2025-6893-cwe-250-execution-with-unnecessary-p-cd75690d #OffSeq #Vulnerability #ICS

Security threat visualization