Offensive Sequence
@offseq.bsky.social
OffSeq is a cutting-edge European cybersecurity company helping organizations build digital resilience through tailored, proactive security solutions. #CyberSecurity https://www.offseq.com/ https://radar.offseq.com/ https://guard.offseq.com/
Pinned
Threat Radar | OffSeq - Live Threat Intelligence
Real-time cyber threat intelligence radar showing the latest vulnerabilities, malware, and cyber threats affecting European countries and beyond.
radar.offseq.com
🚨 Radar v2 is live!
Major upgrades have landed at radar.offseq.com
🧠 New in Version 2:
1️⃣ Submit a community link — share high-signal threat analysis, incident reports.
2️⃣ Join community reviews
3️⃣ Revamped UI/UX
💥 Fresh intel awaits — jump back in and add your insights: radar.offseq.com
Major upgrades have landed at radar.offseq.com
🧠 New in Version 2:
1️⃣ Submit a community link — share high-signal threat analysis, incident reports.
2️⃣ Join community reviews
3️⃣ Revamped UI/UX
💥 Fresh intel awaits — jump back in and add your insights: radar.offseq.com
MaLion Security Point (Windows) faces CRITICAL stack overflow (CVE-2025-62691). Remote code execution as SYSTEM possible—upgrade to 7.1.1.9+ now! https://radar.offseq.com/threat/cve-2025-62691-stack-based-buffer-overflow-in-inte-93f6b262 #OffSeq #Vulnerability #Security
November 25, 2025 at 10:32 AM
MaLion Security Point (Windows) faces CRITICAL stack overflow (CVE-2025-62691). Remote code execution as SYSTEM possible—upgrade to 7.1.1.9+ now! https://radar.offseq.com/threat/cve-2025-62691-stack-based-buffer-overflow-in-inte-93f6b262 #OffSeq #Vulnerability #Security
ASUS Routers hit by CRITICAL flaw: CVE-2025-59366 in AiCloud/Samba allows auth bypass (CVSS 9.2). Check firmware, patch ASAP or disable services. More info: https://radar.offseq.com/threat/cve-2025-59366-cwe-22-path-traversal-in-asus-route-0b36589e #OffSeq #ASUS #SecurityAlert
November 25, 2025 at 9:03 AM
ASUS Routers hit by CRITICAL flaw: CVE-2025-59366 in AiCloud/Samba allows auth bypass (CVSS 9.2). Check firmware, patch ASAP or disable services. More info: https://radar.offseq.com/threat/cve-2025-59366-cwe-22-path-traversal-in-asus-route-0b36589e #OffSeq #ASUS #SecurityAlert
🚨 CRITICAL: Heap overflow in Intercom Security Point (Windows) of MaLion before 7.1.1.9. Remote code execution as SYSTEM possible. Patch urgently! https://radar.offseq.com/threat/cve-2025-64693-heap-based-buffer-overflow-in-inter-ce979d27 #OffSeq #CVE202564693 #WindowsSecurity
November 25, 2025 at 7:34 AM
🚨 CRITICAL: Heap overflow in Intercom Security Point (Windows) of MaLion before 7.1.1.9. Remote code execution as SYSTEM possible. Patch urgently! https://radar.offseq.com/threat/cve-2025-64693-heap-based-buffer-overflow-in-inter-ce979d27 #OffSeq #CVE202564693 #WindowsSecurity
CRITICAL: EduKart Pro WordPress plugin (all versions <=1.0.3) lets attackers gain admin access without auth. Disable plugin & review admin users immediately. https://radar.offseq.com/threat/cve-2025-13559-cwe-269-improper-privilege-manageme-9ab9ee47 #OffSeq #WordPress #SecurityAlert
November 25, 2025 at 6:03 AM
CRITICAL: EduKart Pro WordPress plugin (all versions <=1.0.3) lets attackers gain admin access without auth. Disable plugin & review admin users immediately. https://radar.offseq.com/threat/cve-2025-13559-cwe-269-improper-privilege-manageme-9ab9ee47 #OffSeq #WordPress #SecurityAlert
🚨 CRITICAL vuln: Desktop Alert PingAlert (6.1.0.11–6.1.1.2) directory traversal lets attackers write files. No patch—restrict access, deploy WAF/IPS, monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-54347-na-477a6049 #OffSeq #Vulnerability #Security
November 25, 2025 at 4:33 AM
🚨 CRITICAL vuln: Desktop Alert PingAlert (6.1.0.11–6.1.1.2) directory traversal lets attackers write files. No patch—restrict access, deploy WAF/IPS, monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-54347-na-477a6049 #OffSeq #Vulnerability #Security
CRITICAL: Sneeit Framework plugin for WordPress (all versions) has an RCE flaw (CVE-2025-6389). Exploitable by unauthenticated attackers — disable plugin now & monitor for threats. https://radar.offseq.com/threat/cve-2025-6389-cwe-94-improper-control-of-generatio-740e50f0 #OffSeq #WordPress #CVE2...
November 25, 2025 at 3:03 AM
CRITICAL: Sneeit Framework plugin for WordPress (all versions) has an RCE flaw (CVE-2025-6389). Exploitable by unauthenticated attackers — disable plugin now & monitor for threats. https://radar.offseq.com/threat/cve-2025-6389-cwe-94-improper-control-of-generatio-740e50f0 #OffSeq #WordPress #CVE2...
CRITICAL vuln in lunary-ai/lunary v1.9.34: Google OAuth flaw allows account takeover—no credentials needed. Upgrade to 1.9.35 now! https://radar.offseq.com/threat/cve-2025-9803-cwe-287-improper-authentication-in-l-b3eaaf9d #OffSeq #OAuth #SecurityAlert
November 25, 2025 at 1:34 AM
CRITICAL vuln in lunary-ai/lunary v1.9.34: Google OAuth flaw allows account takeover—no credentials needed. Upgrade to 1.9.35 now! https://radar.offseq.com/threat/cve-2025-9803-cwe-287-improper-authentication-in-l-b3eaaf9d #OffSeq #OAuth #SecurityAlert
CRITICAL: Bjango iStats 7.10.4 lets local macOS users escalate to root via insecure XPC. No patch—restrict access & monitor for abuse. Act now! https://radar.offseq.com/threat/cve-2025-11921-cwe-732-incorrect-permission-assign-588b2598 #OffSeq #macOS #PrivilegeEscalation
November 25, 2025 at 12:03 AM
CRITICAL: Bjango iStats 7.10.4 lets local macOS users escalate to root via insecure XPC. No patch—restrict access & monitor for abuse. Act now! https://radar.offseq.com/threat/cve-2025-11921-cwe-732-incorrect-permission-assign-588b2598 #OffSeq #macOS #PrivilegeEscalation
ShadowPad is exploiting a HIGH-severity WSUS vulnerability—full system access at stake! Euro orgs: restrict WSUS access, watch for patches, monitor for unusual activity. Act now. https://radar.offseq.com/threat/shadowpad-malware-actively-exploits-wsus-vulnerabi-669b068b #OffSeq #WSUS #ShadowPad
November 24, 2025 at 10:33 AM
ShadowPad is exploiting a HIGH-severity WSUS vulnerability—full system access at stake! Euro orgs: restrict WSUS access, watch for patches, monitor for unusual activity. Act now. https://radar.offseq.com/threat/shadowpad-malware-actively-exploits-wsus-vulnerabi-669b068b #OffSeq #WSUS #ShadowPad
D-Link DIR-822K & DWR-M920 face HIGH severity buffer overflow (CVSS 8.7). Exploit public, no patch yet—restrict access & monitor devices! https://radar.offseq.com/threat/cve-2025-13550-buffer-overflow-in-d-link-dir-822k-bf09d948 #OffSeq #Vulnerability #DLink
November 24, 2025 at 9:02 AM
D-Link DIR-822K & DWR-M920 face HIGH severity buffer overflow (CVSS 8.7). Exploit public, no patch yet—restrict access & monitor devices! https://radar.offseq.com/threat/cve-2025-13550-buffer-overflow-in-d-link-dir-822k-bf09d948 #OffSeq #Vulnerability #DLink
D-Link DIR-822K & DWR-M920 (HIGH, CVE-2025-13551): Remote buffer overflow flaw w/ public exploit—patch when available, isolate routers, monitor network. Details: https://radar.offseq.com/threat/cve-2025-13551-buffer-overflow-in-d-link-dir-822k-fa75096a #OffSeq #VulnAlert #DLink
November 24, 2025 at 7:33 AM
D-Link DIR-822K & DWR-M920 (HIGH, CVE-2025-13551): Remote buffer overflow flaw w/ public exploit—patch when available, isolate routers, monitor network. Details: https://radar.offseq.com/threat/cve-2025-13551-buffer-overflow-in-d-link-dir-822k-fa75096a #OffSeq #VulnAlert #DLink
Ads Pro Plugin for WordPress hit by HIGH severity SQL Injection (CVE-2025-7402). All versions ≤4.95 at risk. No patch—deploy WAF, restrict DB access, and monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-7402-cwe-89-improper-neutralization-of-sp-c1c197c1 #OffSeq #WordPress #Vuln
November 24, 2025 at 6:03 AM
Ads Pro Plugin for WordPress hit by HIGH severity SQL Injection (CVE-2025-7402). All versions ≤4.95 at risk. No patch—deploy WAF, restrict DB access, and monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-7402-cwe-89-improper-neutralization-of-sp-c1c197c1 #OffSeq #WordPress #Vuln
D-Link DIR-822K routers hit by HIGH severity buffer overflow (CVE-2025-13552). Public exploit out—disable WAN admin, segment networks, monitor for updates! https://radar.offseq.com/threat/cve-2025-13552-buffer-overflow-in-d-link-dir-822k-4ad6c40a #OffSeq #DLink #Vulnerability
November 24, 2025 at 4:31 AM
D-Link DIR-822K routers hit by HIGH severity buffer overflow (CVE-2025-13552). Public exploit out—disable WAN admin, segment networks, monitor for updates! https://radar.offseq.com/threat/cve-2025-13552-buffer-overflow-in-d-link-dir-822k-4ad6c40a #OffSeq #DLink #Vulnerability
D-Link DWR-M920 (v1.1.50) faces a HIGH severity buffer overflow—remote exploit possible with public code available. Restrict access, monitor for attacks, and patch ASAP. More: https://radar.offseq.com/threat/cve-2025-13553-buffer-overflow-in-d-link-dwr-m920-19b8e301 #OffSeq #DLink #SecurityAlert
November 24, 2025 at 3:03 AM
D-Link DWR-M920 (v1.1.50) faces a HIGH severity buffer overflow—remote exploit possible with public code available. Restrict access, monitor for attacks, and patch ASAP. More: https://radar.offseq.com/threat/cve-2025-13553-buffer-overflow-in-d-link-dwr-m920-19b8e301 #OffSeq #DLink #SecurityAlert
🚨 HIGH severity: AMD Kria™ SOM affected by CVE-2025-48507 — improper validation allows non-secure access to secure memory & crypto. Patch when available & limit device access. https://radar.offseq.com/threat/cve-2025-48507-cwe-1284-improper-validation-of-spe-d9783ee6 #OffSeq #FirmwareSecurity
November 24, 2025 at 1:34 AM
🚨 HIGH severity: AMD Kria™ SOM affected by CVE-2025-48507 — improper validation allows non-secure access to secure memory & crypto. Patch when available & limit device access. https://radar.offseq.com/threat/cve-2025-48507-cwe-1284-improper-validation-of-spe-d9783ee6 #OffSeq #FirmwareSecurity
CRITICAL 7-Zip flaw: public exploit available! Manual update needed — no auto-patch. All users at risk from malicious archives; prioritize patching & monitor activity. https://radar.offseq.com/threat/critical-7-zip-vulnerability-with-public-exploit-r-52105bbd #OffSeq #Security #Vulnerability
November 24, 2025 at 12:03 AM
CRITICAL 7-Zip flaw: public exploit available! Manual update needed — no auto-patch. All users at risk from malicious archives; prioritize patching & monitor activity. https://radar.offseq.com/threat/critical-7-zip-vulnerability-with-public-exploit-r-52105bbd #OffSeq #Security #Vulnerability
HIGH severity: Roo-Code (<3.26.7) suffers command injection (CVE-2025-65946). Patch to 3.26.7+ now to prevent remote exploitation! 🛡️ https://radar.offseq.com/threat/cve-2025-65946-cwe-77-improper-neutralization-of-s-2fc11be1 #OffSeq #RooCode #security
November 23, 2025 at 10:33 AM
HIGH severity: Roo-Code (<3.26.7) suffers command injection (CVE-2025-65946). Patch to 3.26.7+ now to prevent remote exploitation! 🛡️ https://radar.offseq.com/threat/cve-2025-65946-cwe-77-improper-neutralization-of-s-2fc11be1 #OffSeq #RooCode #security
Matrix Push C2 (HIGH): Phishing via browser notifications—fileless, cross-platform, hard to detect. EU orgs & remote teams at risk. Restrict notifications, train users, monitor browser activity. https://radar.offseq.com/threat/matrix-push-c2-uses-browser-notifications-for-file-af10dc24 #OffSeq #P...
November 23, 2025 at 9:03 AM
Matrix Push C2 (HIGH): Phishing via browser notifications—fileless, cross-platform, hard to detect. EU orgs & remote teams at risk. Restrict notifications, train users, monitor browser activity. https://radar.offseq.com/threat/matrix-push-c2-uses-browser-notifications-for-file-af10dc24 #OffSeq #P...
Nvidia flags HIGH severity gaming issues after October Windows updates. No CVE or detailed product list yet. Watch for official fixes before updating. More info: https://radar.offseq.com/threat/nvidia-confirms-october-windows-updates-cause-gami-1f3b9082 #OffSeq #WindowsUpdate #GamingSecurity
November 23, 2025 at 7:33 AM
Nvidia flags HIGH severity gaming issues after October Windows updates. No CVE or detailed product list yet. Watch for official fixes before updating. More info: https://radar.offseq.com/threat/nvidia-confirms-october-windows-updates-cause-gami-1f3b9082 #OffSeq #WindowsUpdate #GamingSecurity
OneClick Chat to Order for WordPress is HIGH risk: all versions allow unauthenticated access to sensitive customer data via IDOR. Disable or secure the plugin until patched! https://radar.offseq.com/threat/cve-2025-13526-cwe-200-exposure-of-sensitive-infor-c69efaff #OffSeq #WordPress #Security
November 23, 2025 at 6:03 AM
OneClick Chat to Order for WordPress is HIGH risk: all versions allow unauthenticated access to sensitive customer data via IDOR. Disable or secure the plugin until patched! https://radar.offseq.com/threat/cve-2025-13526-cwe-200-exposure-of-sensitive-infor-c69efaff #OffSeq #WordPress #Security
APT31 is conducting HIGH severity, stealthy cyberattacks on Russian IT using cloud services. Cloud monitoring, MFA, and permission audits are essential now. https://radar.offseq.com/threat/china-linked-apt31-launches-stealthy-cyberattacks--77e7ae00 #OffSeq #APT31 #CloudSecurity
November 23, 2025 at 4:33 AM
APT31 is conducting HIGH severity, stealthy cyberattacks on Russian IT using cloud services. Cloud monitoring, MFA, and permission audits are essential now. https://radar.offseq.com/threat/china-linked-apt31-launches-stealthy-cyberattacks--77e7ae00 #OffSeq #APT31 #CloudSecurity
Cox Enterprises faces a HIGH severity breach in Oracle E-Business Suite. Sensitive data at risk—review access controls and enhance monitoring now. No known exploits, but vigilance is key. https://radar.offseq.com/threat/cox-enterprises-discloses-oracle-e-business-suite--bf811ba0 #OffSeq #ERPsecurity
November 23, 2025 at 3:02 AM
Cox Enterprises faces a HIGH severity breach in Oracle E-Business Suite. Sensitive data at risk—review access controls and enhance monitoring now. No known exploits, but vigilance is key. https://radar.offseq.com/threat/cox-enterprises-discloses-oracle-e-business-suite--bf811ba0 #OffSeq #ERPsecurity
Qilin ransomware: HIGH severity, targets EU orgs with risk of data encryption/disruption. No active exploits, but proactive segmentation, backups & EDR are key now. https://radar.offseq.com/threat/piecing-together-the-puzzle-a-qilin-ransomware-inv-a53b5462 #OffSeq #Ransomware #SecurityAlert
November 23, 2025 at 1:34 AM
Qilin ransomware: HIGH severity, targets EU orgs with risk of data encryption/disruption. No active exploits, but proactive segmentation, backups & EDR are key now. https://radar.offseq.com/threat/piecing-together-the-puzzle-a-qilin-ransomware-inv-a53b5462 #OffSeq #Ransomware #SecurityAlert
CRITICAL 0-day in Oracle Identity Manager actively exploited! Remote code execution possible without auth on 12.2.1.4.0 & 14.1.2.1.0. Patch now, monitor API traffic. 🚨 https://radar.offseq.com/threat/cisa-warns-of-actively-exploited-critical-oracle-i-f247f1c1 #OffSeq #Oracle #Security
November 23, 2025 at 12:03 AM
CRITICAL 0-day in Oracle Identity Manager actively exploited! Remote code execution possible without auth on 12.2.1.4.0 & 14.1.2.1.0. Patch now, monitor API traffic. 🚨 https://radar.offseq.com/threat/cisa-warns-of-actively-exploited-critical-oracle-i-f247f1c1 #OffSeq #Oracle #Security
CISA alert: Actively exploited CRITICAL Oracle Identity Manager zero-day. No product/version details yet. Monitor for updates and enhance logging now. https://radar.offseq.com/threat/cisa-warns-of-actively-exploited-critical-oracle-i-0e583bed #OffSeq #Oracle #ZeroDay
November 22, 2025 at 10:33 AM
CISA alert: Actively exploited CRITICAL Oracle Identity Manager zero-day. No product/version details yet. Monitor for updates and enhance logging now. https://radar.offseq.com/threat/cisa-warns-of-actively-exploited-critical-oracle-i-0e583bed #OffSeq #Oracle #ZeroDay