OffSequence

@[email protected]
133 Followers
0 Following
2.9K Posts
OffSeq is a cybersecurity company enhancing organizational digital resilience through comprehensive protection against evolving cyber threats. We offer specialized services for businesses of all sizes, with particular expertise in Baltic, Scandinavian, Belgian markets and EU regulatory compliance.
Websitehttps://offseq.com
Threat Radarhttps://radar.offseq.com
Guardhttps://guard.offseq.com
Breachhttps://breach.offseq.com
Training & Certificationshttps://training.offseq.com
OffSequence1h ago
CL-STA-1062 campaign (CRITICAL) targets Southeast Asian gov & critical infra with hybrid toolkit incl. TinyRCT backdoor 🕵️‍♂️. No public exploits seen. Review Palo Alto Unit 42 IOCs for detection. https://radar.offseq.com/threat/cl-sta-1062-targets-southeast-asian-governments-an-763b368a90e8fb4f #OffSeq #ThreatIntel #APT #CyberEspionage
OffSequence2h ago
Setracker2 Android app (com.tgelec.setracker) hit by CRITICAL vuln (CVE-2026-9222, CVSS 9.2): uses password hash for authentication. Anyone with the hash can access backend services. Update guidance pending. https://radar.offseq.com/threat/cve-2026-9222-cwe-836-use-of-password-hash-instead-9894d1554efb5333 #OffSeq #AndroidSec #CVE20269222
OffSequence13h ago
CVE-2026-33612 (HIGH, CVSS 7.5) impacts PowerDNS Recursor ≤5.4.3. Crafted zones from malicious servers can trigger cache poisoning via ZoneToCache. Review deployments, monitor for patches: https://radar.offseq.com/threat/cve-2026-33612-acceptance-of-extraneous-untrusted--38801b1c47b57c99 #OffSeq #PowerDNS #vuln #dns
OffSequence14h ago
CVE-2026-46752: CRITICAL heap-based buffer overflow in Apache Kvrocks (2.0.4 – 2.15.0) via Redis Lua cjson. RCE & DoS possible. Upgrade to 2.16.0 ASAP. https://radar.offseq.com/threat/cve-2026-46752-cwe-122-heap-based-buffer-overflow--87a83247c4a43c17 #OffSeq #Kvrocks #CVE202646752 #infosec
OffSequence16h ago
CVE-2026-41566 (CRITICAL, CVSS 9.4) in Apache Kvrocks 2.8.0 allows privilege escalation via improper permission handling. Upgrade to 2.16.0 is required — no other mitigation. Details: https://radar.offseq.com/threat/cve-2026-41566-cwe-280-improper-handling-of-insuff-5835abc74e4991d0 #OffSeq #CVE202641566 #Kvrocks #Security
OffSequence17h ago
Chrome <149.0.7827.196 is impacted by 18 severe vulnerabilities (4 critical, 14 high), mostly use-after-free flaws that may allow RCE or sandbox escape. No active exploits. Update to 149.0.7827.196/197 ASAP. https://radar.offseq.com/threat/chrome-149-update-resolves-18-severe-vulnerabiliti-9fd384b71a32d803 #OffSeq #Chrome #Infosec #PatchTuesday
OffSequence19h ago
HIGH severity: CVE-2026-9702 in InPost PL WordPress plugin (<1.9.1) lets unauthenticated attackers redirect WooCommerce order shipping. No patch yet — restrict access, monitor for changes. Details: https://radar.offseq.com/threat/cve-2026-9702-cwe-284-improper-access-control-in-i-050e346ad7520813 #OffSeq #WordPress #Vulnerability #Ecommerce
OffSequence20h ago
ljharb shell-quote <=1.8.4 is impacted by CVE-2026-13311 (HIGH). Inefficient parsing can let attackers trigger DoS by blocking the Node.js event loop. Patch to 1.8.5+ now! 🛡️ https://radar.offseq.com/threat/cve-2026-13311-cwe-407-inefficient-algorithmic-com-ed9f913ba365deea #OffSeq #InfoSec #NodeJS #CVE202613311
OffSequence22h ago
CVE-2026-54158: CRITICAL XSS in SiYuan (<3.7.0) allows persistent JS injection; on Electron clients, can escalate to RCE. Upgrade to 3.7.0+ ASAP. No active exploits reported. https://radar.offseq.com/threat/cve-2026-54158-cwe-79-improper-neutralization-of-i-cee0850f8d1e1264 #OffSeq #XSS #CVE202654158 #SiYuan
OffSequence23h ago
CVE-2026-50551: SiYuan (<3.7.0) suffers CRITICAL stored XSS in Attribute View, enabling RCE via Electron client. Upgrade to v3.7.0+ to mitigate. No workaround available. Details: https://radar.offseq.com/threat/cve-2026-50551-cwe-79-improper-neutralization-of-i-e91ef5b4d83fcdb8 #OffSeq #XSS #SiYuan #Cybersecurity