Trusted Design

Weekly Threat Bulletin – January 28th, 2026

概要

This weekly threat bulletin highlights several critical vulnerabilities and emerging threats. A severe RCE vulnerability in React Server Components and Next.js (CVE-2025-55182) is being actively exploited. CISA added four critical flaws to its 'Must-Patch' list, including vulnerabilities in Versa Concerto, eslint-config-prettier, Zimbra Collaboration Suite, and Vite. GitLab released patches for multiple high-severity vulnerabilities. A new macOS malware called MonetaStealer targets crypto wallets and financial data. Lastly, a critical RCE vulnerability in Oracle E-Business Suite (CVE-2025-61882) is being actively exploited by threat actors, including the Clop ransomware group.

Created: 2026-02-27

Indicators

• FileHash-MD5 - b296d3b3115762096286f225696a9bb1 -
• CVE - CVE-2026-1102 -
• CVE - CVE-2025-13927 -
• FileHash-SHA256 - 858874057e3df990ccd7958a38936545938630410bde0c0c4b116f92733b1ddb -
• FileHash-MD5 - 85e08bd5d598a304d5cdc7d8de7bbf06 -
• FileHash-SHA1 - 99c208a55513bde70d4322fdcab86c8cb4188616 -
• CVE - CVE-2025-66478 -
• FileHash-MD5 - 820bb19966ec22c2b7951c18e4515893 -
• FileHash-MD5 - c798b4bcf337d1c7420871b9a4f55fa8 -
• FileHash-MD5 - eb0a94a018e12799b195c1f865137cf2 -
• FileHash-SHA1 - 7e2124cf2c804b787f8ef5f25e241adb800f3616 -
• FileHash-SHA1 - ca5515cb5a378bf71c5bef02184b083c126786b7 -
• FileHash-MD5 - bf96a24b2d6dfb98fa2d94e8c03a484e -
• FileHash-MD5 - 3ba4d5e0cf0557f03ee5a97a2de56511 -
• FileHash-SHA1 - 0d06a21e029b74ce2bf6222a6fe4f57c9a9060fa -
• URL - https://ns1.bafairforce.army -
• hostname - vps-zap812595-1.zap-srv.com -
• FileHash-MD5 - 23094d64721a279c0ce637584b87d6f1 -
• CVE - CVE-2025-54313 -
• URL - https://sploitus.com/exploit?id=3B6E5425-973F-56B4-AC0A-FA3EDC02389C -
• FileHash-SHA1 - 365a958d8f30090579faa32cc404db00a15541c0 -
• FileHash-SHA256 - 172a9ee9601ef0eb6fbd2676742edfb201c10369712dbf721e5d105aa1320a32 -
• URL - http://vps-zap812595-1.zap-srv.com:3000/sex.sh -
• FileHash-SHA256 - 1a5027adf99076470444c5ffdd83a4313ab1d21827700699d0ee6ab1337beb70 -
• hostname - ns1.bafairforce.army -
• FileHash-SHA1 - dc057522e04f37a6143cf6ce9b5d4a19aab8ef7a -
• FileHash-MD5 - d01b2644b4f0e178f7c9aef3076dac73 -
• FileHash-SHA256 - a01e57611537699d85e9767023638dbd88a224075a866c17509dc17d7e5ddbde -
• FileHash-SHA256 - aa0d3859d6633b62bccfb69017d33a8979a3be1f3f0a5a4bf6960d6c73d41121 -
• FileHash-SHA1 - 4871816be6a1128d2cf2f516788a6b8bc39b0d60 -
• hostname - 2f7ac6.ceye.io -
• FileHash-SHA256 - 4086057b9a0f9898c07318e093814ae9cfdaaf6ad71a45b2d0d4cd75e57f9354 -
• CVE - CVE-2023-1389 -
• CVE - CVE-2025-13928 -
• FileHash-SHA256 - 3c24f30f2ca89d408d42293cab8fbb81cb9c2b0801074ef40f0a79770dac5956 -
• hostname - 5axzi7.dnslog.cn -
• CVE - CVE-2025-55183 -
• CVE - CVE-2025-61882 -
• FileHash-SHA1 - 473eb4ee20ff86b443458861ba7387ff5fcc3ae6 -
• CVE - CVE-2026-0723 -
• FileHash-SHA1 - d4c34f5626be565162e8163bbf4f1e230dcfbdf7 -
• CVE - CVE-2025-24893 -
• CVE - CVE-2025-13335 -
• hostname - ns1.ubunutpackages.store -
• FileHash-SHA1 - f90ac7ef934cb7d4d5e7f21338961727ca72fa6d -
• FileHash-SHA256 - 2897ee24de4cca2a4c6a085cf6fdccb6a89c6c23978529d81b4f4e6db46b0b96 -
• FileHash-SHA256 - 4885adc9de7e91b74a3ac01187775459acf3e4e026ee2fa776b3419cf8dbaf00 -
• CVE - CVE-2025-34026 -
• URL - https://ns1.ubunutpackages.store -
• FileHash-SHA256 - 8e0bc23a87d349e5a5356252ce17576093b7858fdf6ea84919fbdcb2e117168e -
• hostname - testing.caai.in -
• FileHash-SHA1 - cb85338c2cc758da00cc37a1fde7a73383e1c4c7 -
• FileHash-SHA256 - 964473ffbd593fc52a779b1d699c79cc66b459cf842c2e6221703e2e6a2322c0 -
• FileHash-SHA256 - 6f746388853178a3b4c2c91a6bd98438fb59e760caa273a8d6a4c03936498c39 -
• FileHash-SHA1 - 0bc9bf8ebf17941ba2750edd09e032d5f677351d -
• FileHash-SHA256 - 6fd538e4a8e3493dda6f9fcdc96e814bdd14f3e2ef8aa46f0143bff34b882c1b -
• FileHash-MD5 - 47d086d0f4b284a574ea5fa61e263647 -
• FileHash-MD5 - d3bbb54a9e93f355f7830e298a99161d -
• CVE - CVE-2025-55182 -
• CVE - CVE-2025-31125 -
• FileHash-SHA1 - 50d97cb4407ab005e0deb31b4a4c0d0f6a116b67 -
• FileHash-SHA256 - 895f8dff9cd26424b691a401c92fa7745e693275c38caf6a6aff277eadf2a70b -
• FileHash-SHA256 - dafc7517669e931de858464966af995c44c2e7c6bdf684d53c54d6503cd48a38 -
• FileHash-MD5 - df79e51dafc39e0acf74151c674e0e10 -
• FileHash-SHA256 - 50be5257678412f0810d46e0b0bc573eb65c6ce4617346c1527ff0dc9b7fc79e -
• CVE - CVE-2025-55184 -
• CVE - CVE-2025-68645 -
• FileHash-SHA256 - 76b6d36e04e367a2334c445b51e1ecce97e4c614e88dfb4f72b104ca0f31235d -
• FileHash-MD5 - 03c90fd77221e1b5b9d98e32ada70990 -

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る