Offensive Sequence
LightNews LightNews
banner
offseq.bsky.social
Offensive Sequence
@offseq.bsky.social
22 followers 0 following 1.1K posts
OffSeq is a cutting-edge European cybersecurity company helping organizations build digital resilience through tailored, proactive security solutions. #CyberSecurity https://www.offseq.com/ https://radar.offseq.com/ https://guard.offseq.com/
Posts Replies Media Videos
Pinned
offseq.bsky.social
Offensive Sequence @offseq.bsky.social · Oct 5
🚨 Radar v2 is live!
Major upgrades have landed at radar.offseq.com

🧠 New in Version 2:
1️⃣ Submit a community link — share high-signal threat analysis, incident reports.
2️⃣ Join community reviews
3️⃣ Revamped UI/UX

💥 Fresh intel awaits — jump back in and add your insights: radar.offseq.com
Threat Radar | OffSeq - Live Threat Intelligence
Real-time cyber threat intelligence radar showing the latest vulnerabilities, malware, and cyber threats affecting European countries and beyond.
radar.offseq.com
offseq.bsky.social
CISA adds Sierra Wireless AirLink ALEOS router flaw (HIGH) to KEV—actively exploited RCE risk! Identify, isolate, and monitor vulnerable devices; plan for replacement. https://radar.offseq.com/threat/cisa-adds-actively-exploited-sierra-wireless-route-7362fe33 #OffSeq #OTSecurity
Security threat visualization
December 14, 2025 at 9:34 AM
offseq.bsky.social
LastPass fined £1.2M after 2022 breach (HIGH severity). EU orgs: review password manager use, enforce MFA, and rotate credentials. Regulatory risks rising—act now. https://radar.offseq.com/threat/uks-ico-fine-lastpass-12-million-over-2022-securit-d610bc22 #OffSeq #PasswordSecurity #EUCompliance
Security threat visualization
December 14, 2025 at 8:05 AM
offseq.bsky.social
HelloLeads CRM Form Shortcode (≤1.0, WordPress) has a HIGH severity flaw—missing auth & CSRF checks allow remote config resets. Restrict access, monitor traffic, and back up configs ASAP! https://radar.offseq.com/threat/cve-2025-12696-cwe-862-missing-authorization-in-he-491a2493 #OffSeq #WordPres...
Security threat visualization
December 14, 2025 at 7:03 AM
offseq.bsky.social
wpForo Forum plugin for WordPress (≤2.4.12) hit by HIGH severity SQL Injection flaw—unauthenticated attackers can steal forum data. No patch yet: use WAF & input validation. Details: https://radar.offseq.com/threat/cve-2025-13126-cwe-89-improper-neutralization-of-s-ffb42f94 #OffSeq #WordPress #SQ...
Security threat visualization
December 14, 2025 at 5:33 AM
offseq.bsky.social
CISA warns of a HIGH severity RCE bug in Sierra Wireless routers—actively exploited, no patch yet. Restrict access, segment networks, and stay alert for updates. https://radar.offseq.com/threat/cisa-adds-actively-exploited-sierra-wireless-route-cd87c321 #OffSeq #SecurityAlert #RCE
Security threat visualization
December 14, 2025 at 4:04 AM
offseq.bsky.social
CRITICAL: Growatt ShineLan-X/MIC 3300TL-X v3.6.0.0 missing encryption on config interface. Network attackers can intercept & modify commands. Patch unavailable — apply mitigations now! https://radar.offseq.com/threat/cve-2025-36751-cwe-311-missing-encryption-of-sensi-f552bd97 #OffSeq #ICS #vulner...
Security threat visualization
December 14, 2025 at 2:35 AM
offseq.bsky.social
🚨 CRITICAL: Growatt ShineLan-X v3.6.0.0 has an auth bypass flaw. Attackers can change DNS settings—MitM risk for solar ops. Restrict access, monitor for abuse until patched. https://radar.offseq.com/threat/cve-2025-36754-cwe-290-authentication-bypass-by-sp-a4d6b30d #OffSeq #ICS #Vulnerability
Security threat visualization
December 14, 2025 at 1:34 AM
offseq.bsky.social
CRITICAL: Growatt ShineLan-X v3.6.0.0 has a hard-coded credential backdoor. No patch yet—segment networks, restrict access, and monitor closely. Solar infra at risk! https://radar.offseq.com/threat/cve-2025-36752-cwe-798-use-of-hard-coded-credentia-6ed12f6d #OffSeq #ICS #IoTSecurity
Security threat visualization
December 14, 2025 at 12:04 AM
offseq.bsky.social
CRITICAL: CVE-2025-36747 in Growatt ShineLan-X 3.6.0.0—hard-coded FTP creds mean attackers can replace firmware files. Patch ASAP or restrict FTP access! https://radar.offseq.com/threat/cve-2025-36747-cwe-798-use-of-hard-coded-credentia-55cb0be8 #OffSeq #CVE202536747 #OTSecurity
Security threat visualization
December 13, 2025 at 9:35 AM
offseq.bsky.social
🚨 CRITICAL: JAY Login & Register plugin (≤2.4.01) for WordPress lets attackers bypass auth as any user. Disable the plugin & monitor logins ASAP. No patch yet. https://radar.offseq.com/threat/cve-2025-14440-cwe-565-reliance-on-cookies-without-51904fb2 #OffSeq #WordPress #CVE202514440
Security threat visualization
December 13, 2025 at 8:04 AM
offseq.bsky.social
CRITICAL: Unauthenticated SQL Injection in rupok98 URL Shortener Plugin for WordPress (CVE-2025-10738). All versions at risk—disable plugin or block endpoints now! https://radar.offseq.com/threat/cve-2025-10738-cwe-89-improper-neutralization-of-s-08eed048 #OffSeq #WordPress #SQLInjection
Security threat visualization
December 13, 2025 at 7:03 AM
offseq.bsky.social
🚨 CRITICAL: recorp Export WP Pages to HTML & PDF plugin leaks admin cookies, risking WordPress takeovers. Disable plugin & lock down backups ASAP. No patch yet — act now! https://radar.offseq.com/threat/cve-2025-11693-cwe-200-exposure-of-sensitive-infor-d010e42a #OffSeq #WordPress #Security
Security threat visualization
December 13, 2025 at 5:34 AM
offseq.bsky.social
WP Directory Kit faces HIGH-severity SQL Injection (CVE-2025-13089)! Unauthenticated attackers can extract sensitive data. Disable plugin or deploy WAF now. Details: https://radar.offseq.com/threat/cve-2025-13089-cwe-89-improper-neutralization-of-s-39a10248 #OffSeq #WordPress #SQLInjection
Security threat visualization
December 13, 2025 at 4:03 AM
offseq.bsky.social
🚨 CVE-2025-14611 HIGH: Gladinet CentreStack & TrioFox <16.12.10420.56791 vulnerable to weak AES + unauth LFI. Restrict public access, monitor for threats, prep to patch. https://radar.offseq.com/threat/cve-2025-14611-vulnerability-in-gladinet-centresta-e4cb3dcd #OffSeq #Vulnerability #CloudSecurity
Security threat visualization
December 13, 2025 at 2:34 AM
offseq.bsky.social
CRITICAL alert: Plesk 18.0 has an incorrect access control vulnerability. No patch yet—review permissions, restrict access, and monitor for unusual activity. https://radar.offseq.com/threat/cve-2025-66430-na-91279388 #OffSeq #Plesk #Security
Security threat visualization
December 13, 2025 at 1:05 AM
offseq.bsky.social
MineAdmin v3.x hit by CRITICAL vuln—arbitrary command execution via scheduled tasks puts accounts at risk. Audit permissions & restrict access now. Stay alert! https://radar.offseq.com/threat/cve-2025-65854-na-a27cd0ac #OffSeq #Security #MineAdmin
Security threat visualization
December 13, 2025 at 12:03 AM
offseq.bsky.social
React RSC faces CRITICAL flaws—unauthenticated DoS & code leaks in versions 19.0.0–19.2.2. Patch react-server-dom packages now & audit Server Functions. Details: https://radar.offseq.com/threat/new-react-rsc-vulnerabilities-enable-dos-and-sourc-5809e665 #OffSeq #ReactJS #Security
Security threat visualization
December 12, 2025 at 10:33 AM
offseq.bsky.social
HIGH severity! servify-express <1.2 lets attackers crash Node.js servers via large JSON requests. Upgrade to 1.2+ or set strict limits ASAP. 🛡️ https://radar.offseq.com/threat/cve-2025-67731-cwe-400-uncontrolled-resource-consu-02a51622 #OffSeq #NodeJS #SecurityAlert
Security threat visualization
December 12, 2025 at 9:04 AM
offseq.bsky.social
ShaneIsrael fireshare <1.3.0 hit by CRITICAL command injection (CVSS 9.8). RCE possible via uploads—patch to 1.3.0+ or disable Public Uploads now! https://radar.offseq.com/threat/cve-2025-67728-cwe-77-improper-neutralization-of-s-a1dfe2f1 #OffSeq #SecurityAlert #fireshare
Security threat visualization
December 12, 2025 at 7:34 AM
offseq.bsky.social
🚨 CRITICAL: sh1zen Multi Uploader for Gravity Forms plugin lets unauthenticated attackers delete files on any WordPress site. Audit & disable plugin now — all versions affected! https://radar.offseq.com/threat/cve-2025-14344-cwe-22-improper-limitation-of-a-pat-561e2c4d #OffSeq #WordPress #CVE2025...
Security threat visualization
December 12, 2025 at 6:04 AM
offseq.bsky.social
🚨 CRITICAL: LazyTasks plugin for WordPress lets unauthenticated attackers hijack admin accounts via REST API flaw. Disable 'user/role/edit/' endpoint now! Full details: https://radar.offseq.com/threat/cve-2025-12963-cwe-862-missing-authorization-in-la-b7f1f84a #OffSeq #WordPress #Security
Security threat visualization
December 12, 2025 at 4:34 AM
offseq.bsky.social
CRITICAL: CVE-2025-14534 — UTT 进取 512W up to 3.1.7.7-171114 vulnerable to remote buffer overflow. Public exploit, no patch! Isolate, restrict access, and monitor endpoints ASAP. https://radar.offseq.com/threat/cve-2025-14534-buffer-overflow-in-utt-512w-46bf1244 #OffSeq #CVE #Vulnerability
Security threat visualization
December 12, 2025 at 3:05 AM
offseq.bsky.social
CRITICAL: Buffer overflow in UTT 进取 512W (≤3.1.7.7-171114) — remote exploit available, no patch from vendor. Segment devices, restrict access, and monitor for attacks now. Details: https://radar.offseq.com/threat/cve-2025-14535-buffer-overflow-in-utt-512w-d00ee28b #OffSeq #SecurityAlert #IoT
Security threat visualization
December 12, 2025 at 1:35 AM
offseq.bsky.social
Sandboxie-Plus (<1.16.7) hit by CRITICAL vuln (CVSS 9.9): attackers can escape the sandbox & gain SYSTEM access. Upgrade to 1.16.7+ now! 🚨 https://radar.offseq.com/threat/cve-2025-64721-cwe-190-integer-overflow-or-wraparo-1c3827ed #OffSeq #WindowsSecurity #CVE202564721
Security threat visualization
December 12, 2025 at 12:04 AM
offseq.bsky.social
QND Premium/Advance/Standard ≤11.0.9i hit by HIGH severity vuln (CVE-2025-64701): local users can escalate to admin. Audit privileges & monitor for suspicious actions. Patch ASAP! https://radar.offseq.com/threat/cve-2025-64701-privilege-chaining-in-qualitysoft-c-9f7cc552 #OffSeq #Vulnerability #S...
Security threat visualization
December 11, 2025 at 9:33 AM