Security Issues, Vulnerabilities, Exploits & Government Alerts
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting…
Oct 16, 2025Ravie LakshmananVulnerability / Malware An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv.…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Linx Vulnerabilities: Privilege Chaining 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View Machine Edition and PanelView Plus 7 Vulnerabilities: Improper Limitation of a Pathname to a Restricted Directory…
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ArmorStart AOP Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to…
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MACH GWS Vulnerabilities: Incorrect Default Permissions, Improper Validation of Integrity Check Value, Improper Certificate Validation 2. RISK EVALUATION…
Scaling the SOC with AI – Why now? Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR’s AI-SOC Market Landscape 2025, the average organization now faces around 960 alerts per day, while large…
Oct 16, 2025Ravie LakshmananVulnerability / Linux Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on…