OffSequence

@[email protected]
126 Followers
0 Following
2.4K Posts
OffSeq is a cybersecurity company enhancing organizational digital resilience through comprehensive protection against evolving cyber threats. We offer specialized services for businesses of all sizes, with particular expertise in Baltic, Scandinavian, Belgian markets and EU regulatory compliance.
Websitehttps://offseq.com
Threat Radarhttps://radar.offseq.com
Guardhttps://guard.offseq.com
Breachhttps://breach.offseq.com
Training & Certificationshttps://training.offseq.com
OffSequence1h ago
🚨 CRITICAL OpenMRS Core vuln: Path traversal (CVE-2026-40076, CVSS 9.4) lets auth users upload .omod files to gain RCE via crafted ZIPs. Affects ≤2.7.8, 2.8.0 – 2.8.5. Upgrade to 2.7.9/2.8.6+ now! https://radar.offseq.com/threat/cve-2026-40076-cwe-22-improper-limitation-of-a-pat-ec2c9c3f #OffSeq #OpenMRS #Vuln
OffSequence14h ago
CISA issues CRITICAL guidance for US critical infrastructure: Focus on OT network isolation & recovery to counter persistent nation-state threats. Not a specific vuln — strategic resilience is key. Operators: review CI Fortify steps. Details: https://radar.offseq.com/threat/cisa-critical-infrastructure-must-master-isolation-66f6157e #OffSeq #OTSecurity #CISA
OffSequence16h ago
CVE-2026-7853: CRITICAL buffer overflow in D-Link DI-8100 (16.07.26A1) via /auto_reboot.asp. Remote attackers can execute code or DoS; public exploit available. Restrict access & monitor! https://radar.offseq.com/threat/cve-2026-7853-buffer-overflow-in-d-link-di-8100-d6444c63 #OffSeq #CVE20267853 #DLink #Cybersecurity
OffSequence17h ago
Oracle introduces monthly Critical Security Patch Updates for CRITICAL vulnerabilities, supplementing quarterly CPUs. Self-managed customers should patch quickly; Oracle Cloud updates automatically. No known exploits. More: https://radar.offseq.com/threat/oracle-debuts-monthly-critical-security-patch-upda-68f28d1e #OffSeq #Oracle #VulnMgmt #PatchTuesday
OffSequence19h ago
⚠️ CRITICAL: Buffer overflow in D-Link DI-8100 (16.07.26A1) via /url_rule.asp POST handler. Remote, unauthenticated RCE possible. Public exploit available. No official patch yet. Details: https://radar.offseq.com/threat/cve-2026-7854-buffer-overflow-in-d-link-di-8100-87d0fee7 #OffSeq #CVE20267854 #Vuln #IoTSecurity
OffSequence20h ago
🚩 CRITICAL: OpenCTI-Platform opencti (6.6.0 – 6.9.12) hit by CVE-2026-27960 (improper authentication). Unauthenticated attackers can impersonate any user, even admin. Upgrade to 6.9.13 or disable default admin ASAP. https://radar.offseq.com/threat/cve-2026-27960-cwe-287-improper-authentication-in--0f5e78f0 #OffSeq #Vuln #CVE202627960
OffSequence22h ago
🚨 CRITICAL: dataease SQLBot <1.7.1 (CVE-2026-33324) is vulnerable to SQL injection via prompt injection. Authenticated users can trigger RCE on PostgreSQL. Upgrade to 1.7.1+ now! https://radar.offseq.com/threat/cve-2026-33324-cwe-89-improper-neutralization-of-s-5605c7fd #OffSeq #SQLInjection #Vuln
OffSequence23h ago
🚨 PHPOffice PhpSpreadsheet CRITICAL vuln (CVE-2026-34084): RCE & SSRF possible via user input to IOFactory::load() (phar://, ftp://, ssh2.sftp://). Affected: v1.x – 5.5.0. Upgrade to a fixed version now! https://radar.offseq.com/threat/cve-2026-34084-cwe-502-deserialization-of-untruste-a9be2322 #OffSeq #CVE202634084 #infosec #php
OffSequence1d ago
🚨 CVE-2026-34458: Sandboxie-Plus (<=1.17.2) has a CRITICAL CRLF injection bug. Local users can inject config, escape sandboxes, and escalate to SYSTEM. Patch to 1.17.3 ASAP! https://radar.offseq.com/threat/cve-2026-34458-cwe-93-improper-neutralization-of-c-e575dfc0 #OffSeq #SandboxiePlus #Vuln #PrivilegeEscalation
OffSequence1d ago
🚨 CVE-2026-41924 (CRITICAL): OS command injection in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauthenticated remote shell command execution. No patch yet — immediate isolation & monitoring advised. https://radar.offseq.com/threat/cve-2026-41924-improper-neutralization-of-special--62b0b2d6 #OffSeq #Vuln #IoTSecurity