OffSequence

@[email protected]
120 Followers
0 Following
2.2K Posts
OffSeq is a cybersecurity company enhancing organizational digital resilience through comprehensive protection against evolving cyber threats. We offer specialized services for businesses of all sizes, with particular expertise in Baltic, Scandinavian, Belgian markets and EU regulatory compliance.
Websitehttps://offseq.com
Threat Radarhttps://radar.offseq.com
Guardhttps://guard.offseq.com
Breachhttps://breach.offseq.com
Training & Certificationshttps://training.offseq.com
OffSequence1h ago
⚠️ CVE-2026-27245: CRITICAL XSS in Adobe Connect (v2025.3, 12.10 & earlier). Allows malicious JS via crafted URLs — risk of session hijack. No patch yet. Monitor Adobe advisories, apply input filtering if possible. https://radar.offseq.com/threat/cve-2026-27245-cross-site-scripting-reflected-xss--e445a643 #OffSeq #AdobeConnect #XSS
OffSequence2h ago
🔴 CRITICAL DOM-based XSS (CVE-2026-27246) in Adobe Connect v2025.3, 12.10 & earlier. Exploitation risks data theft via malicious JS; no patch yet. Advise caution with unknown links & monitor Adobe for updates. https://radar.offseq.com/threat/cve-2026-27246-cross-site-scripting-dom-based-xss--d488fcd6 #OffSeq #AdobeConnect #XSS #Infosec
OffSequence4h ago
CRITICAL: CVE-2026-27303 in Adobe Connect (≤2025.3, 12.10) enables remote code execution via deserialization of untrusted data — no user interaction needed. No patch yet. Restrict access & monitor advisories. https://radar.offseq.com/threat/cve-2026-27303-deserialization-of-untrusted-data-c-dbcf2de2 #OffSeq #AdobeConnect #Vuln
OffSequence5h ago
⚠️ CRITICAL: Owen WebStack WordPress theme (CVE-2026-1555) lets unauthenticated attackers upload arbitrary files, risking RCE. No patch yet — restrict uploads & monitor activity! CVSS 9.8. Details: https://radar.offseq.com/threat/cve-2026-1555-cwe-434-unrestricted-upload-of-file--be10bbcf #OffSeq #WordPress #Vulnerability
OffSequence7h ago
🚨 CRITICAL: CVE-2026-5752 in Cohere cohere-terrarium (all versions) enables sandbox escape & root code execution via JavaScript prototype chain traversal. No patch yet — restrict access & monitor closely. Details: https://radar.offseq.com/threat/cve-2026-5752-cwe-94-improper-control-of-generatio-b7af0b75 #OffSeq #Vuln #Cohere #Infosec
OffSequence8h ago
⚠️ CRITICAL: CVE-2026-27304 in Adobe ColdFusion (2023.18, 2025.6 & earlier) enables attackers to execute code as the current user — no interaction needed. No patch yet. Limit ColdFusion exposure & monitor for anomalies. https://radar.offseq.com/threat/cve-2026-27304-improper-input-validation-cwe-20-in-1237c730 #OffSeq #ColdFusion #Vuln
OffSequence10h ago
⚠️ CRITICAL: NuGetGallery improper input validation (CVE-2026-39399, CVSS 9.6) allows crafted .nuspec files to trigger RCE & arbitrary blob writes. Update to commit 0e80f87628349207cdcaf55358491f8a6f1ca276. Details: https://radar.offseq.com/threat/cve-2026-39399-cwe-20-improper-input-validation-in-f5d85126 #OffSeq #NuGet #Vuln #infosec
OffSequence23h ago
🚨 CVE-2026-22562: CRITICAL path traversal (CWE-22) in Ubiquiti UniFi Play PowerAmp ≤1.0.35 & Audio Port ≤1.0.24 enables unauth RCE via arbitrary file write. Patch to 1.0.38+/1.1.9+ ASAP! https://radar.offseq.com/threat/cve-2026-22562-cwe-22-path-traversal-in-ubiquiti-i-464fb9b6 #OffSeq #CVE #Ubiquiti #Security
OffSequence1d ago
🚨 CRITICAL: CVE-2026-4365 in LearnPress LMS plugin (≤4.3.2.8) — missing auth in delete_question_answer() lets unauthenticated attackers delete quiz answers using public AJAX endpoints. Restrict access & monitor vendor updates. https://radar.offseq.com/threat/cve-2026-4365-cwe-862-missing-authorization-in-thi-8046e47d #OffSeq #WordPress #Vuln
OffSequence1d ago
🚨 CVE-2026-40288 (CRITICAL, CVSS 9.8): PraisonAI <4.5.139 vulnerable to OS command injection via untrusted YAML files. Attackers can achieve full system compromise. Upgrade ASAP! More: https://radar.offseq.com/threat/cve-2026-40288-cwe-78-improper-neutralization-of-s-06bb92e7 #OffSeq #PraisonAI #InfoSec