CVE Alert: CVE-2025-31531 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31531/
CVE Alert: CVE-2025-31462 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31462/
CVE Alert: CVE-2025-31525 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31525/
CVE Alert: CVE-2025-31461 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31461/
CVE Alert: CVE-2025-31455 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31455/
CVE Alert: CVE-2025-31552 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31552/
CVE Alert: CVE-2025-31550 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31550/
CVE Alert: CVE-2025-31551 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31551/
CVE Alert: CVE-2025-31553 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31553/
CVE Alert: CVE-2025-31454 - https://www.redpacketsecurity.com/cve_alert_cve-2025-31454/
Get started with the CrowdSec WAF: https://doc.crowdsec.net/docs/next/appsec/intro
Virtual Patching WAF collection: https://app.crowdsec.net/hub/author/crowdsecurity/collections/appsec-virtual-patching [3/3]
Quite a big dump of UK PII via RoyalMail via Spectos
https://www.infostealers.com/article/royal-mail-group-loses-144gb-to-infostealers-same-samsung-hacker-same-2021-infostealer-log/
Cobalt Strike Beacon Detected - 154[.]82[.]92[.]74:80 - https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-154-82-92-74-port-80/
![Cobalt Strike Beacon Detected – 154[.]82[.]92[.]74:80](https://cdn.fosstodon.org/cache/preview_cards/images/046/981/670/original/637b1b377be13d47.jpg "Cobalt Strike Beacon Detected – 154[.]82[.]92[.]74:80")
Cobalt Strike Beacon Detected - 193[.]68[.]89[.]177:80 - https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-193-68-89-177-port-80/
![Cobalt Strike Beacon Detected – 193[.]68[.]89[.]177:80](https://cdn.fosstodon.org/cache/preview_cards/images/046/981/656/original/a2b2be6a1c6b5863.jpg "Cobalt Strike Beacon Detected – 193[.]68[.]89[.]177:80")
Cobalt Strike Beacon Detected - 118[.]178[.]128[.]98:8009 - https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-118-178-128-98-port-8009/
![Cobalt Strike Beacon Detected – 118[.]178[.]128[.]98:8009](https://cdn.fosstodon.org/cache/preview_cards/images/046/981/698/original/116bb6409cf83084.jpg "Cobalt Strike Beacon Detected – 118[.]178[.]128[.]98:8009")
Cobalt Strike Beacon Detected - 47[.]116[.]208[.]81:443 - https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-47-116-208-81-port-443/
![Cobalt Strike Beacon Detected – 47[.]116[.]208[.]81:443](https://cdn.fosstodon.org/cache/preview_cards/images/046/981/657/original/5c64def4b1aa9d58.jpg "Cobalt Strike Beacon Detected – 47[.]116[.]208[.]81:443")
Cobalt Strike Beacon Detected - 196[.]251[.]85[.]143:4433 - https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-196-251-85-143-port-4433/
![Cobalt Strike Beacon Detected – 196[.]251[.]85[.]143:4433](https://cdn.fosstodon.org/cache/preview_cards/images/046/981/659/original/c63d9e0396543f00.jpg "Cobalt Strike Beacon Detected – 196[.]251[.]85[.]143:4433")
New configuration detected for DDosia. Hosts:
* www.provincedeliege.be
* www.cpbourg.com
* www.automatic-systems.com
* www.busin.com.ua
* stad.gent
* www.tec.be
* skveles.kiev.ua
* online.beobank.be
* www.beobank.be
* www.aska-life.com.ua
* connect.alimakgroup.com
* www.agfa.com
* velta.kiev.ua
* alfagarant.com
* www.cnp.be
* insurance.vidi.ua
* www.hansa-flex.be
* asa.be
* www.allweb.be
* www.elsene.be
* www.const-court.be
* www.bpost.be
* askods.com
* www.grawe.ua
* alimak.com #ThreatIntel
https://spamhaus.org/blocklists/do-not-route-or-peer/
Remember, this is traffic you do not want to connect with.
Undercover.
