Offensive Sequence
@offseq.bsky.social
OffSeq is a cutting-edge European cybersecurity company helping organizations build digital resilience through tailored, proactive security solutions. #CyberSecurity https://www.offseq.com/ https://radar.offseq.com/ https://guard.offseq.com/
Mozart FM Transmitter flaw (CRITICAL, CVE-2025-66257): Unauthenticated file deletion via patch_contents.php. Isolate devices, restrict access, monitor logs—await DB Electronica patch. Details: https://radar.offseq.com/threat/cve-2025-66257-cwe-73-unauthenticated-arbitrary-fi-71769393 #OffSeq #Vul...
November 26, 2025 at 9:03 AM
Mozart FM Transmitter flaw (CRITICAL, CVE-2025-66257): Unauthenticated file deletion via patch_contents.php. Isolate devices, restrict access, monitor logs—await DB Electronica patch. Details: https://radar.offseq.com/threat/cve-2025-66257-cwe-73-unauthenticated-arbitrary-fi-71769393 #OffSeq #Vul...
🚨 CRITICAL: RCE via CVE-2025-66259 in DB Mozart FM Transmitters (v30-7000). Authenticated attackers can run code as root. Restrict access, monitor logs, and await patches. https://radar.offseq.com/threat/cve-2025-66259-cwe-20-improper-input-validation-in-9a138e69 #OffSeq #CVE202566259 #BroadcastS...
November 26, 2025 at 7:33 AM
🚨 CRITICAL: RCE via CVE-2025-66259 in DB Mozart FM Transmitters (v30-7000). Authenticated attackers can run code as root. Restrict access, monitor logs, and await patches. https://radar.offseq.com/threat/cve-2025-66259-cwe-20-improper-input-validation-in-9a138e69 #OffSeq #CVE202566259 #BroadcastS...
Mozart FM Transmitter (DB Electronica) faces CRITICAL OS command injection (CVSS 9.9). Models 30–7000 at risk for unauth RCE. Restrict access, monitor logs, deploy WAF ASAP. https://radar.offseq.com/threat/cve-2025-66261-cwe-78-unauthenticated-os-command-i-e3fa977a #OffSeq #BroadcastSecurity #Inf...
November 26, 2025 at 6:03 AM
Mozart FM Transmitter (DB Electronica) faces CRITICAL OS command injection (CVSS 9.9). Models 30–7000 at risk for unauth RCE. Restrict access, monitor logs, deploy WAF ASAP. https://radar.offseq.com/threat/cve-2025-66261-cwe-78-unauthenticated-os-command-i-e3fa977a #OffSeq #BroadcastSecurity #Inf...
CRITICAL: Mozart FM Transmitter (v30–7000) hit by CVE-2025-66262 path traversal flaw—attackers can overwrite system files via crafted tar archives. Disable uploads & patch fast! https://radar.offseq.com/threat/cve-2025-66262-cwe-22-arbitrary-file-overwrite-via-a79c9cf2 #OffSeq #FMTransmitter #CVE...
November 26, 2025 at 5:02 AM
CRITICAL: Mozart FM Transmitter (v30–7000) hit by CVE-2025-66262 path traversal flaw—attackers can overwrite system files via crafted tar archives. Disable uploads & patch fast! https://radar.offseq.com/threat/cve-2025-66262-cwe-22-arbitrary-file-overwrite-via-a79c9cf2 #OffSeq #FMTransmitter #CVE...
Critical RCE in Faction (<1.7.1): CVE-2025-66022 lets unauthenticated attackers upload malicious extensions & run arbitrary commands. Upgrade to 1.7.1+ ASAP! https://radar.offseq.com/threat/cve-2025-66022-cwe-829-inclusion-of-functionality--623a9be1 #OffSeq #RCE #vulnerability
November 26, 2025 at 3:34 AM
Critical RCE in Faction (<1.7.1): CVE-2025-66022 lets unauthenticated attackers upload malicious extensions & run arbitrary commands. Upgrade to 1.7.1+ ASAP! https://radar.offseq.com/threat/cve-2025-66022-cwe-829-inclusion-of-functionality--623a9be1 #OffSeq #RCE #vulnerability
⚠️ CRITICAL: MegaTec UPSilon 2000 V6.0.5 lets local attackers get SYSTEM privileges via insecure permissions (CVE-2025-66266). Audit & restrict file access fast! https://radar.offseq.com/threat/cve-2025-66266-cwe-269-improper-privilege-manageme-76992282 #OffSeq #CVE202566266 #Vulnerability
November 26, 2025 at 2:33 AM
⚠️ CRITICAL: MegaTec UPSilon 2000 V6.0.5 lets local attackers get SYSTEM privileges via insecure permissions (CVE-2025-66266). Audit & restrict file access fast! https://radar.offseq.com/threat/cve-2025-66266-cwe-269-improper-privilege-manageme-76992282 #OffSeq #CVE202566266 #Vulnerability
🚨 CVE-2025-64657: Critical stack overflow in Azure App Gateway. Allows unauth RCE & full compromise. Restrict access, monitor logs, and patch ASAP once available. https://radar.offseq.com/threat/cve-2025-64657-cwe-121-stack-based-buffer-overflow-b2c66871 #OffSeq #CloudSecurity #Azure
November 26, 2025 at 1:04 AM
🚨 CVE-2025-64657: Critical stack overflow in Azure App Gateway. Allows unauth RCE & full compromise. Restrict access, monitor logs, and patch ASAP once available. https://radar.offseq.com/threat/cve-2025-64657-cwe-121-stack-based-buffer-overflow-b2c66871 #OffSeq #CloudSecurity #Azure
🚨 soportecibeles AI Feeds for WordPress (≤1.0.11) faces CRITICAL RCE risk from unauthenticated file uploads. Restrict access to 'actualizador_git.php' & monitor plugin dirs. No patch yet. https://radar.offseq.com/threat/cve-2025-13597-cwe-434-unrestricted-upload-of-file-188b0f58 #OffSeq #WordPres...
November 26, 2025 at 12:02 AM
🚨 soportecibeles AI Feeds for WordPress (≤1.0.11) faces CRITICAL RCE risk from unauthenticated file uploads. Restrict access to 'actualizador_git.php' & monitor plugin dirs. No patch yet. https://radar.offseq.com/threat/cve-2025-13597-cwe-434-unrestricted-upload-of-file-188b0f58 #OffSeq #WordPres...
MaLion Security Point (Windows) faces CRITICAL stack overflow (CVE-2025-62691). Remote code execution as SYSTEM possible—upgrade to 7.1.1.9+ now! https://radar.offseq.com/threat/cve-2025-62691-stack-based-buffer-overflow-in-inte-93f6b262 #OffSeq #Vulnerability #Security
November 25, 2025 at 10:32 AM
MaLion Security Point (Windows) faces CRITICAL stack overflow (CVE-2025-62691). Remote code execution as SYSTEM possible—upgrade to 7.1.1.9+ now! https://radar.offseq.com/threat/cve-2025-62691-stack-based-buffer-overflow-in-inte-93f6b262 #OffSeq #Vulnerability #Security
ASUS Routers hit by CRITICAL flaw: CVE-2025-59366 in AiCloud/Samba allows auth bypass (CVSS 9.2). Check firmware, patch ASAP or disable services. More info: https://radar.offseq.com/threat/cve-2025-59366-cwe-22-path-traversal-in-asus-route-0b36589e #OffSeq #ASUS #SecurityAlert
November 25, 2025 at 9:03 AM
ASUS Routers hit by CRITICAL flaw: CVE-2025-59366 in AiCloud/Samba allows auth bypass (CVSS 9.2). Check firmware, patch ASAP or disable services. More info: https://radar.offseq.com/threat/cve-2025-59366-cwe-22-path-traversal-in-asus-route-0b36589e #OffSeq #ASUS #SecurityAlert
🚨 CRITICAL: Heap overflow in Intercom Security Point (Windows) of MaLion before 7.1.1.9. Remote code execution as SYSTEM possible. Patch urgently! https://radar.offseq.com/threat/cve-2025-64693-heap-based-buffer-overflow-in-inter-ce979d27 #OffSeq #CVE202564693 #WindowsSecurity
November 25, 2025 at 7:34 AM
🚨 CRITICAL: Heap overflow in Intercom Security Point (Windows) of MaLion before 7.1.1.9. Remote code execution as SYSTEM possible. Patch urgently! https://radar.offseq.com/threat/cve-2025-64693-heap-based-buffer-overflow-in-inter-ce979d27 #OffSeq #CVE202564693 #WindowsSecurity
CRITICAL: EduKart Pro WordPress plugin (all versions <=1.0.3) lets attackers gain admin access without auth. Disable plugin & review admin users immediately. https://radar.offseq.com/threat/cve-2025-13559-cwe-269-improper-privilege-manageme-9ab9ee47 #OffSeq #WordPress #SecurityAlert
November 25, 2025 at 6:03 AM
CRITICAL: EduKart Pro WordPress plugin (all versions <=1.0.3) lets attackers gain admin access without auth. Disable plugin & review admin users immediately. https://radar.offseq.com/threat/cve-2025-13559-cwe-269-improper-privilege-manageme-9ab9ee47 #OffSeq #WordPress #SecurityAlert
🚨 CRITICAL vuln: Desktop Alert PingAlert (6.1.0.11–6.1.1.2) directory traversal lets attackers write files. No patch—restrict access, deploy WAF/IPS, monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-54347-na-477a6049 #OffSeq #Vulnerability #Security
November 25, 2025 at 4:33 AM
🚨 CRITICAL vuln: Desktop Alert PingAlert (6.1.0.11–6.1.1.2) directory traversal lets attackers write files. No patch—restrict access, deploy WAF/IPS, monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-54347-na-477a6049 #OffSeq #Vulnerability #Security
CRITICAL: Sneeit Framework plugin for WordPress (all versions) has an RCE flaw (CVE-2025-6389). Exploitable by unauthenticated attackers — disable plugin now & monitor for threats. https://radar.offseq.com/threat/cve-2025-6389-cwe-94-improper-control-of-generatio-740e50f0 #OffSeq #WordPress #CVE2...
November 25, 2025 at 3:03 AM
CRITICAL: Sneeit Framework plugin for WordPress (all versions) has an RCE flaw (CVE-2025-6389). Exploitable by unauthenticated attackers — disable plugin now & monitor for threats. https://radar.offseq.com/threat/cve-2025-6389-cwe-94-improper-control-of-generatio-740e50f0 #OffSeq #WordPress #CVE2...
CRITICAL vuln in lunary-ai/lunary v1.9.34: Google OAuth flaw allows account takeover—no credentials needed. Upgrade to 1.9.35 now! https://radar.offseq.com/threat/cve-2025-9803-cwe-287-improper-authentication-in-l-b3eaaf9d #OffSeq #OAuth #SecurityAlert
November 25, 2025 at 1:34 AM
CRITICAL vuln in lunary-ai/lunary v1.9.34: Google OAuth flaw allows account takeover—no credentials needed. Upgrade to 1.9.35 now! https://radar.offseq.com/threat/cve-2025-9803-cwe-287-improper-authentication-in-l-b3eaaf9d #OffSeq #OAuth #SecurityAlert
CRITICAL: Bjango iStats 7.10.4 lets local macOS users escalate to root via insecure XPC. No patch—restrict access & monitor for abuse. Act now! https://radar.offseq.com/threat/cve-2025-11921-cwe-732-incorrect-permission-assign-588b2598 #OffSeq #macOS #PrivilegeEscalation
November 25, 2025 at 12:03 AM
CRITICAL: Bjango iStats 7.10.4 lets local macOS users escalate to root via insecure XPC. No patch—restrict access & monitor for abuse. Act now! https://radar.offseq.com/threat/cve-2025-11921-cwe-732-incorrect-permission-assign-588b2598 #OffSeq #macOS #PrivilegeEscalation
ShadowPad is exploiting a HIGH-severity WSUS vulnerability—full system access at stake! Euro orgs: restrict WSUS access, watch for patches, monitor for unusual activity. Act now. https://radar.offseq.com/threat/shadowpad-malware-actively-exploits-wsus-vulnerabi-669b068b #OffSeq #WSUS #ShadowPad
November 24, 2025 at 10:33 AM
ShadowPad is exploiting a HIGH-severity WSUS vulnerability—full system access at stake! Euro orgs: restrict WSUS access, watch for patches, monitor for unusual activity. Act now. https://radar.offseq.com/threat/shadowpad-malware-actively-exploits-wsus-vulnerabi-669b068b #OffSeq #WSUS #ShadowPad
D-Link DIR-822K & DWR-M920 face HIGH severity buffer overflow (CVSS 8.7). Exploit public, no patch yet—restrict access & monitor devices! https://radar.offseq.com/threat/cve-2025-13550-buffer-overflow-in-d-link-dir-822k-bf09d948 #OffSeq #Vulnerability #DLink
November 24, 2025 at 9:02 AM
D-Link DIR-822K & DWR-M920 face HIGH severity buffer overflow (CVSS 8.7). Exploit public, no patch yet—restrict access & monitor devices! https://radar.offseq.com/threat/cve-2025-13550-buffer-overflow-in-d-link-dir-822k-bf09d948 #OffSeq #Vulnerability #DLink
D-Link DIR-822K & DWR-M920 (HIGH, CVE-2025-13551): Remote buffer overflow flaw w/ public exploit—patch when available, isolate routers, monitor network. Details: https://radar.offseq.com/threat/cve-2025-13551-buffer-overflow-in-d-link-dir-822k-fa75096a #OffSeq #VulnAlert #DLink
November 24, 2025 at 7:33 AM
D-Link DIR-822K & DWR-M920 (HIGH, CVE-2025-13551): Remote buffer overflow flaw w/ public exploit—patch when available, isolate routers, monitor network. Details: https://radar.offseq.com/threat/cve-2025-13551-buffer-overflow-in-d-link-dir-822k-fa75096a #OffSeq #VulnAlert #DLink
Ads Pro Plugin for WordPress hit by HIGH severity SQL Injection (CVE-2025-7402). All versions ≤4.95 at risk. No patch—deploy WAF, restrict DB access, and monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-7402-cwe-89-improper-neutralization-of-sp-c1c197c1 #OffSeq #WordPress #Vuln
November 24, 2025 at 6:03 AM
Ads Pro Plugin for WordPress hit by HIGH severity SQL Injection (CVE-2025-7402). All versions ≤4.95 at risk. No patch—deploy WAF, restrict DB access, and monitor logs. Act now! https://radar.offseq.com/threat/cve-2025-7402-cwe-89-improper-neutralization-of-sp-c1c197c1 #OffSeq #WordPress #Vuln
D-Link DIR-822K routers hit by HIGH severity buffer overflow (CVE-2025-13552). Public exploit out—disable WAN admin, segment networks, monitor for updates! https://radar.offseq.com/threat/cve-2025-13552-buffer-overflow-in-d-link-dir-822k-4ad6c40a #OffSeq #DLink #Vulnerability
November 24, 2025 at 4:31 AM
D-Link DIR-822K routers hit by HIGH severity buffer overflow (CVE-2025-13552). Public exploit out—disable WAN admin, segment networks, monitor for updates! https://radar.offseq.com/threat/cve-2025-13552-buffer-overflow-in-d-link-dir-822k-4ad6c40a #OffSeq #DLink #Vulnerability
D-Link DWR-M920 (v1.1.50) faces a HIGH severity buffer overflow—remote exploit possible with public code available. Restrict access, monitor for attacks, and patch ASAP. More: https://radar.offseq.com/threat/cve-2025-13553-buffer-overflow-in-d-link-dwr-m920-19b8e301 #OffSeq #DLink #SecurityAlert
November 24, 2025 at 3:03 AM
D-Link DWR-M920 (v1.1.50) faces a HIGH severity buffer overflow—remote exploit possible with public code available. Restrict access, monitor for attacks, and patch ASAP. More: https://radar.offseq.com/threat/cve-2025-13553-buffer-overflow-in-d-link-dwr-m920-19b8e301 #OffSeq #DLink #SecurityAlert
🚨 HIGH severity: AMD Kria™ SOM affected by CVE-2025-48507 — improper validation allows non-secure access to secure memory & crypto. Patch when available & limit device access. https://radar.offseq.com/threat/cve-2025-48507-cwe-1284-improper-validation-of-spe-d9783ee6 #OffSeq #FirmwareSecurity
November 24, 2025 at 1:34 AM
🚨 HIGH severity: AMD Kria™ SOM affected by CVE-2025-48507 — improper validation allows non-secure access to secure memory & crypto. Patch when available & limit device access. https://radar.offseq.com/threat/cve-2025-48507-cwe-1284-improper-validation-of-spe-d9783ee6 #OffSeq #FirmwareSecurity
CRITICAL 7-Zip flaw: public exploit available! Manual update needed — no auto-patch. All users at risk from malicious archives; prioritize patching & monitor activity. https://radar.offseq.com/threat/critical-7-zip-vulnerability-with-public-exploit-r-52105bbd #OffSeq #Security #Vulnerability
November 24, 2025 at 12:03 AM
CRITICAL 7-Zip flaw: public exploit available! Manual update needed — no auto-patch. All users at risk from malicious archives; prioritize patching & monitor activity. https://radar.offseq.com/threat/critical-7-zip-vulnerability-with-public-exploit-r-52105bbd #OffSeq #Security #Vulnerability
HIGH severity: Roo-Code (<3.26.7) suffers command injection (CVE-2025-65946). Patch to 3.26.7+ now to prevent remote exploitation! 🛡️ https://radar.offseq.com/threat/cve-2025-65946-cwe-77-improper-neutralization-of-s-2fc11be1 #OffSeq #RooCode #security
November 23, 2025 at 10:33 AM
HIGH severity: Roo-Code (<3.26.7) suffers command injection (CVE-2025-65946). Patch to 3.26.7+ now to prevent remote exploitation! 🛡️ https://radar.offseq.com/threat/cve-2025-65946-cwe-77-improper-neutralization-of-s-2fc11be1 #OffSeq #RooCode #security