Offensive Sequence
LightNews LightNews
banner
offseq.bsky.social
Offensive Sequence
@offseq.bsky.social
24 followers 0 following 1.2K posts
OffSeq is a cutting-edge European cybersecurity company helping organizations build digital resilience through tailored, proactive security solutions. #CyberSecurity https://www.offseq.com/ https://radar.offseq.com/ https://guard.offseq.com/
Posts Replies Media Videos
Pinned
offseq.bsky.social
Offensive Sequence @offseq.bsky.social · 1d
Happy 2026 from OffSeq ⚡
Threat Radar moved to a larger server after strong growth (100k users, 500k events last month). Timeline posts resume shortly.

Meanwhile, meet Veil — a local-only steganography studio. Encrypt data in your browser, hide it in images. No uploads.

veil.offseq.com
Veil - client-side steganography studio
Veil is a client-side steganography studio that encrypts messages and files into images using password-based encryption.
veil.offseq.com
offseq.bsky.social
Happy 2026 from OffSeq ⚡
Threat Radar moved to a larger server after strong growth (100k users, 500k events last month). Timeline posts resume shortly.

Meanwhile, meet Veil — a local-only steganography studio. Encrypt data in your browser, hide it in images. No uploads.

veil.offseq.com
Veil - client-side steganography studio
Veil is a client-side steganography studio that encrypts messages and files into images using password-based encryption.
veil.offseq.com
January 1, 2026 at 4:35 PM
offseq.bsky.social
MongoDB (3.6–8.2.3) hit by HIGH severity bug—unauthenticated attackers can read uninitialized memory if zlib is enabled. Patch or disable zlib compression now! https://radar.offseq.com/threat/new-mongodb-flaw-lets-unauthenticated-attackers-re-701f4a01 #OffSeq #MongoDB #SecurityAlert
Security threat visualization
December 27, 2025 at 10:04 AM
offseq.bsky.social
LangChain Core CRITICAL vuln! Serialization injection enables secret theft & LLM manipulation in <1.2.5—upgrade ASAP, disable secrets_from_env, use allowlists. Protect your AI apps! https://radar.offseq.com/threat/critical-langchain-core-vulnerability-exposes-secr-24b8ea8d #OffSeq #LangChain #AIs...
Security threat visualization
December 27, 2025 at 8:36 AM
offseq.bsky.social
LangChain Core faces CRITICAL serialization injection risk—unauthorized access to AI secrets possible. No patch yet: validate/sanitize all serialized inputs & monitor closely! https://radar.offseq.com/threat/critical-langchain-core-vulnerability-exposes-secr-ecd8d0fa #OffSeq #LangChain #AIsecurity
Security threat visualization
December 27, 2025 at 7:35 AM
offseq.bsky.social
🚨 CRITICAL: IBM API Connect (10.0.8.0–10.0.8.5, 10.0.11.0) hit by auth bypass flaw. Restrict access, enable MFA, watch for alerts until patches land! More info: https://radar.offseq.com/threat/cve-2025-13915-cwe-305-authentication-bypass-by-pr-11cca0f4 #OffSeq #IBM #APIsecurity
Security threat visualization
December 27, 2025 at 6:04 AM
offseq.bsky.social
Eigent-ai Eigent v0.0.60 hit by CRITICAL RCE (CVE-2025-68952). Unauthenticated attackers can take control remotely. Patch to 0.0.61 ASAP! 🚨 https://radar.offseq.com/threat/cve-2025-68952-cwe-94-improper-control-of-generati-d00ad68e #OffSeq #vulnerability #AIsecurity
Security threat visualization
December 27, 2025 at 4:34 AM
offseq.bsky.social
🚨 CRITICAL: Prototype pollution in apidoc-core ≥0.2.0 lets remote attackers disrupt JS apps. Audit use, sanitize inputs, and isolate processing ASAP. Patch pending. Details: https://radar.offseq.com/threat/cve-2025-13158-cwe-1321-improperly-controlled-modi-61fce7bb #OffSeq #Security #JavaScript
Security threat visualization
December 27, 2025 at 3:07 AM
offseq.bsky.social
n8n-io n8n (v1.0.0–<2.0.0) hit by CRITICAL vuln: CVE-2025-68668 lets auth'd users run arbitrary commands via Python Code Node. Upgrade to v2.0.0+ or disable node now. https://radar.offseq.com/threat/cve-2025-68668-cwe-693-protection-mechanism-failur-bcbb4231 #OffSeq #n8n #Vulnerability
Security threat visualization
December 27, 2025 at 1:37 AM
offseq.bsky.social
CRITICAL: RCE in lemon8866 StreamVault (<251126) via /admin/api/saveConfig. Exploitable OS command injection. Patch to 251126 now! https://radar.offseq.com/threat/cve-2025-66203-cwe-78-improper-neutralization-of-s-bc8f18e3 #OffSeq #CVE202566203 #StreamVault
Security threat visualization
December 27, 2025 at 12:05 AM
offseq.bsky.social
Eaton UPS Companion Software hit by HIGH severity vuln—arbitrary code exec possible via uncontrolled search path. Local access needed. Patch urgently! https://radar.offseq.com/threat/cve-2025-59887-cwe-427-uncontrolled-search-path-el-b954d403 #OffSeq #Vulnerability #IncidentResponse
Security threat visualization
December 26, 2025 at 9:05 AM
offseq.bsky.social
HIGH severity: Eaton UPS Companion flaw lets local attackers execute code due to insecure library loading. Update to latest version ASAP to secure critical power systems! https://radar.offseq.com/threat/cve-2025-67450-cwe-427-uncontrolled-search-path-el-730bb734 #OffSeq #Eaton #Security
Security threat visualization
December 26, 2025 at 8:04 AM
offseq.bsky.social
HIGH severity: Delta DVP-12SE PLCs send Modbus/TCP data in cleartext, allowing attackers to intercept or disrupt operations. Segment your networks & monitor Modbus traffic until a patch is available. https://radar.offseq.com/threat/cve-2025-62578-cwe-319-cleartext-transmission-of-s-5af203d7 #OffS...
Security threat visualization
December 26, 2025 at 6:34 AM
offseq.bsky.social
HIGH severity vuln in UTT 进取 512W (≤1.7.7-171114) enables remote buffer overflow via wepkey1. Public exploit code raises risk—patch or segment devices now! https://radar.offseq.com/threat/cve-2025-15089-buffer-overflow-in-utt-512w-d90fd5fc #OffSeq #Vulnerability #UTT
Security threat visualization
December 26, 2025 at 5:06 AM
offseq.bsky.social
HIGH-severity buffer overflow in UTT 进取 512W (v1.7.7-171114) lets attackers execute code remotely. PoC code is public. Isolate devices and restrict endpoint access now! https://radar.offseq.com/threat/cve-2025-15090-buffer-overflow-in-utt-512w-48838686 #OffSeq #Vulnerability #NetworkSecurity
Security threat visualization
December 26, 2025 at 4:05 AM
offseq.bsky.social
UTT 进取 512W (≤1.7.7-171114) faces a HIGH severity buffer overflow—remote, no-auth exploit possible. Isolate devices, monitor for attacks, and apply patches ASAP when released. https://radar.offseq.com/threat/cve-2025-15091-buffer-overflow-in-utt-512w-a4ed831e #OffSeq #CyberAlert #IoTSecurity
Security threat visualization
December 26, 2025 at 2:35 AM
offseq.bsky.social
UTT 进取 512W (≤1.7.7-171114) faces HIGH severity buffer overflow vulnerability. Public exploit out — restrict access, segment networks, and monitor for attacks. https://radar.offseq.com/threat/cve-2025-15092-buffer-overflow-in-utt-512w-4ff41af4 #OffSeq #NetworkSecurity #UTT
Security threat visualization
December 26, 2025 at 1:06 AM
offseq.bsky.social
Critical RCE in FreeBSD rtsold 15.x: Malicious IPv6 router ads exploiting DNSSL can lead to full system compromise. No patch—disable rtsold & enhance segmentation now. https://radar.offseq.com/threat/freebsd-rtsold-15x-remote-code-execution-via-dnssl-4131792e #OffSeq #FreeBSD #Security
Security threat visualization
December 26, 2025 at 12:05 AM
offseq.bsky.social
Critical alert: Digiever DS-2105 Pro NVRs have an unpatched RCE flaw (CVE-2023-52163) exploited for botnets. Remove internet access & change default creds now. Device is end-of-life—replace ASAP. https://radar.offseq.com/threat/cisa-flags-actively-exploited-digiever-nvr-vulnera-5de96a0c #OffSeq #...
Security threat visualization
December 25, 2025 at 10:34 AM
offseq.bsky.social
JayBee Twitch Player (<=2.1.3) hit by CRITICAL missing auth flaw—CVE-2025-68565. Remote attackers can access or manipulate Twitch embeds. Audit & restrict usage ASAP; patch awaited. https://radar.offseq.com/threat/cve-2025-68565-missing-authorization-in-jaybee-twi-49be1953 #OffSeq #TwitchSecurity...
Security threat visualization
December 25, 2025 at 9:04 AM
offseq.bsky.social
CRITICAL: Captivate Sync (≤3.2.2) hit by Blind SQLi (CVE-2025-68570) — no auth needed! Audit now, enforce input validation, watch for patches. Protect your data. https://radar.offseq.com/threat/cve-2025-68570-improper-neutralization-of-special--dfb7803e #OffSeq #SQLi #SecurityAlert
Security threat visualization
December 25, 2025 at 7:36 AM
offseq.bsky.social
CRITICAL: Blind SQL Injection in CRM Perks Integration for Contact Form 7 HubSpot (<=1.4.2) 🚨 No auth needed — risk of data breach. Audit & patch sites now! https://radar.offseq.com/threat/cve-2025-68590-improper-neutralization-of-special--5849784a #OffSeq #WordPress #SQLInjection
Security threat visualization
December 25, 2025 at 6:05 AM
offseq.bsky.social
CRITICAL SSRF in Yannick Lefebvre Link Library (≤7.8.4) lets attackers access internal systems—no auth required. Lock down outbound traffic & monitor requests. Act before exploits emerge! https://radar.offseq.com/threat/cve-2025-68600-server-side-request-forgery-ssrf-in-c3cb034b #OffSeq #SSRF #Cy...
Security threat visualization
December 25, 2025 at 4:35 AM
offseq.bsky.social
MongoDB faces a critical RCE vuln—patch now to block unauthenticated remote attacks. No exploits yet, but risk is high for anyone running MongoDB in production. Act fast! https://radar.offseq.com/threat/mongodb-warns-admins-to-patch-severe-rce-flaw-imme-69c4c61c #OffSeq #MongoDB #security
Security threat visualization
December 25, 2025 at 3:05 AM
offseq.bsky.social
CRITICAL: CVE-2025-68916 in Riello NetMan 208 (<1.12) lets privileged users exploit path traversal for code exec. Restrict access, monitor uploads, and apply updates ASAP. More info: https://radar.offseq.com/threat/cve-2025-68916-cwe-25-path-traversal-filedir-in-ri-5d011025 #OffSeq #Vulnerability...
Security threat visualization
December 25, 2025 at 1:36 AM
offseq.bsky.social
🚨 CRITICAL RCE risk in MegaSys Telenium Online Web App! Perl input validation bug (CVE-2025-8769) allows unauthenticated code execution. Restrict login page access & watch for patches. https://radar.offseq.com/threat/cve-2025-8769-cwe-20-in-megasys-computer-technolog-34cd1760 #OffSeq #WebSecurity...
Security threat visualization
December 25, 2025 at 12:06 AM