Lightnews — Scholar-powered news

Offensive Sequence

Offensive Sequence

@offseq.bsky.social

12 followers 0 following 680 posts

OffSeq is a cutting-edge European cybersecurity company helping organizations build digital resilience through tailored, proactive security solutions. #CyberSecurity https://www.offseq.com/ https://radar.offseq.com/ https://guard.offseq.com/

Posts Media Videos Starter Packs

Pinned

Offensive Sequence @offseq.bsky.social · 16d

🚨 Radar v2 is live!
Major upgrades have landed at radar.offseq.com

🧠 New in Version 2:
1️⃣ Submit a community link — share high-signal threat analysis, incident reports.
2️⃣ Join community reviews
3️⃣ Revamped UI/UX

💥 Fresh intel awaits — jump back in and add your insights: radar.offseq.com

Threat Radar | OffSeq - Live Threat Intelligence

Real-time cyber threat intelligence radar showing the latest vulnerabilities, malware, and cyber threats affecting European countries and beyond.

radar.offseq.com

Offensive Sequence @offseq.bsky.social · 6h

CRITICAL: NetBird VPN flaw (CVE-2025-10678) leaves default admin creds exposed—remote attackers get full access. Upgrade to 0.57.0+ & check your credentials ASAP. https://radar.offseq.com/threat/cve-2025-10678-cwe-1392-use-of-default-credentials-8231ef9e #OffSeq #NetBird #Security

Security threat visualization

Offensive Sequence @offseq.bsky.social · 8h

🚨 CRITICAL: ABB ALS-mini-s4/s8 IP (SN 2000–5166) vulnerable to unauthenticated remote access (CVE-2025-9574). Patch, segment, and restrict access immediately! https://radar.offseq.com/threat/cve-2025-9574-cwe-306-missing-authentication-for-c-2fbe3678 #OffSeq #ICS #ABB

Security threat visualization

Offensive Sequence @offseq.bsky.social · 9h

⚠️ CVE-2025-12004: CRITICAL bug in Mediawiki Lockdown Extension (<1.42) lets attackers exploit permissions remotely—no login needed. Upgrade to v1.42+ immediately! https://radar.offseq.com/threat/cve-2025-12004-cwe-732-incorrect-permission-assign-e4ef87a4 #OffSeq #Mediawiki #SecurityAlert

Security threat visualization

Offensive Sequence @offseq.bsky.social · 10h

CRITICAL: Better-Auth flaw allows unauthenticated API key creation—risk of total account takeover for 300k+ weekly users. Disable API key creation and monitor activity. https://radar.offseq.com/threat/better-auth-critical-account-takeover-via-unauthen-f2040d12 #OffSeq #AppSec #CVE202561928

Security threat visualization

Offensive Sequence @offseq.bsky.social · 12h

Critical RCE bug found in 75,000+ WatchGuard devices—no patch yet. Unauthenticated attackers could gain remote access. Restrict management, monitor networks, and await vendor fixes. https://radar.offseq.com/threat/over-75000-watchguard-security-devices-vulnerable--83aaced6 #OffSeq #WatchGuard #Se...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 13h

CRITICAL: TP-Link Omada gateways vulnerable to remote OS command injection (CVE-2025-6542). Restrict management access, monitor for suspicious activity, and prep for urgent patching. https://radar.offseq.com/threat/cve-2025-6542-cwe-78-improper-neutralization-of-sp-d3ffc6ee #OffSeq #TPLink #VulnA...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 14h

TP-Link Omada gateways hit by CRITICAL CVE-2025-7850: OS command injection possible after admin login. Patch quickly, lock down admin access, use MFA! Details: https://radar.offseq.com/threat/cve-2025-7850-cwe-78-improper-neutralization-of-sp-ea7871c4 #OffSeq #Vulnerability #NetworkSecurity

Security threat visualization

Offensive Sequence @offseq.bsky.social · 16h

⚠️ CRITICAL: Azure BLU-IC2/IC4 (≤1.19.5) vulnerable to stored XSS (CVE-2025-12001). No auth needed—patch when available, deploy WAF, and audit input validation. Details: https://radar.offseq.com/threat/cve-2025-12001-cwe-20-improper-input-validation-in-96c4a1a6 #OffSeq #Azure #XSS

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

🚨 CRITICAL SQL Injection in Epsilon RH v3.03.36.0121: attackers can access or alter HR data without auth. Deploy WAF, validate input, restrict DB access until patch arrives. https://radar.offseq.com/threat/cve-2025-41028-cwe-89-improper-neutralization-of-s-e49230fe #OffSeq #SQLi #CVE202541028

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

CRITICAL: Galaxy Vitals ESP Forum Module (≤1.3) lets auth'd users upload dangerous files & run commands. Audit upload functions, enforce validation, monitor activity now! https://radar.offseq.com/threat/cve-2025-31342-cwe-434-unrestricted-upload-of-file-4391e83b #OffSeq #CVE202531342 #security

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

Nixdorf Wincor PORT IO Driver stack overflow (HIGH, v1.0.0.0/1.0.0.1) — public exploit out! Patch to v3.0.0.1 now to prevent privilege escalation. https://radar.offseq.com/threat/cve-2025-5555-stack-based-buffer-overflow-in-nixdo-1a9e9be3 #OffSeq #Vulnerability #BankingSecurity

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

ETERNUS SF AdvancedCopy Manager (Solaris 10/11) HIGH vuln: Incorrect permissions let low-priv users grab DB creds & run admin-level OS commands. Audit server permissions ASAP. https://radar.offseq.com/threat/cve-2025-62577-incorrect-default-permissions-in-fs-7000f9c4 #OffSeq #Vulnerability #Solaris

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

CRITICAL: CVE-2025-11948 in Excellent Infotek DMS lets unauth'd users upload/execute files—remote code execution risk. No patch. Restrict uploads, deploy WAFs, monitor closely. https://radar.offseq.com/threat/cve-2025-11948-cwe-434-unrestricted-upload-of-file-efde2151 #OffSeq #CyberSecurity #Vuln...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

Silver Fox targets Japan & Malaysia with Winos 4.0 via HoldingHands RAT—HIGH severity. Watch for persistent RAT activity in Windows environments. Prioritize EDR and strict access controls. https://radar.offseq.com/threat/silver-fox-expands-winos-40-attacks-to-japan-and-m-b27e1677 #OffSeq #ThreatI...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

Experian hit with $3.2M fine for mass personal data collection. Severity: HIGH. Key risk: regulatory penalties for non-compliance. Review your data governance and privacy practices now. https://radar.offseq.com/threat/experian-fined-32-million-for-mass-collecting-pers-0cd8e478 #OffSeq #Privacy #D...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 1d

F5 breach (CRITICAL): Nation-state actor stole BIG-IP source & unpublished vulnerabilities. No known exploits yet. Monitor BIG-IP systems, segment, and patch fast once updates drop! https://radar.offseq.com/threat/f5-data-breach-what-happened-and-how-it-impacts-yo-8c427a49 #OffSeq #BIGIP #Securit...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

LibreWolf on Windows ≤143.0.4-1 hit by HIGH severity installer flaw—local, complex attack could lead to privilege escalation. Upgrade to 144.0-1 ASAP. https://radar.offseq.com/threat/cve-2025-11940-uncontrolled-search-path-in-librewo-7cc9289e #OffSeq #Vulnerability #BrowserSecurity

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

ConnectWise Automate fixed a HIGH severity bug enabling AiTM update attacks. EU orgs/MSPs: Patch ASAP, segment RMM, monitor updates. No active exploits yet — stay vigilant! https://radar.offseq.com/threat/connectwise-fixes-automate-bug-allowing-aitm-updat-85668075 #OffSeq #SupplyChain #PatchNow

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

Envoy, part of American Airlines, reports a HIGH severity Oracle data theft. Sensitive data exfiltrated. Audit Oracle systems & access logs—review incident response plans. Details limited. https://radar.offseq.com/threat/american-airlines-subsidiary-envoy-confirms-oracle-501bab35 #OffSeq #Oracle ...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

New .NET CAPI backdoor (HIGH severity) hits Russian auto & e-commerce via phishing ZIPs. RCE, stealth, & persistence—Euro orgs: boost email security & watch .NET/CAPI activity. Details: https://radar.offseq.com/threat/new-net-capi-backdoor-targets-russian-auto-and-e-c-14dece74 #OffSeq #malware #t...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

HIGH severity DoS in rplay 3.3.2 🚦: Unauthenticated attackers can crash the daemon with crafted packets. Restrict access & monitor for issues till a patch is out. https://radar.offseq.com/threat/cve-2025-62672-na-a500cfe1 #OffSeq #Security #DoS

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

WatchGuard Fireware OS VPN flaw (CRITICAL) enables remote code execution—no auth required. Patch Fireware OS now and restrict VPN exposure to trusted IPs. Details: https://radar.offseq.com/threat/researchers-uncover-watchguard-vpn-bug-that-could--9bfb583e #OffSeq #WatchGuard #VPN

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

Everest Gang hits Collins Aerospace (HIGH severity). Supply chain & sensitive data risk for aerospace/defense sectors—especially Europe. Boost monitoring & review access controls. https://radar.offseq.com/threat/from-airport-chaos-to-cyber-intrigue-everest-gang--71029c3b #OffSeq #cybersecurity #s...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 2d

Google Gemini AI flaw: CRITICAL — Can auto-dial 911/112 & create Gmail drafts without user OK on Android. Disable 'Make calls without unlocking' & review logs urgently. Big risk for EU users! https://radar.offseq.com/threat/notice-google-gemini-ais-undisclosed-911-auto-dial-93405d38 #OffSeq #Andr...

Security threat visualization

Offensive Sequence @offseq.bsky.social · 3d

WordPress admins: HIGH severity CSRF in mndpsingh287 Theme Editor (all versions ≤3.0) can lead to RCE if an admin clicks a malicious link. Limit admin access & monitor for fixes. https://radar.offseq.com/threat/cve-2025-9890-cwe-352-cross-site-request-forgery-c-55937c52 #OffSeq #WordPress #CSRF

Security threat visualization