Security Issues, Vulnerabilities, Exploits & Government Alerts
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign. The activity has been attributed by Arctic Wolf Labs to…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: Schneider Electric Equipment: EcoStruxure Power Operation Vulnerabilities: Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: DuraComm Corporation Equipment: SPM-500 DP-10iN-100-MU Vulnerabilities: Cleartext Transmission of Sensitive Information, Missing Authentication for a Critical Function, Improper Neutralization of Input…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: Provisioning Manager Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: System Monitor Application Vulnerability: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2. RISK EVALUATION Successful exploitation of…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure IT Data Center Expert Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command (‘OS Command…
Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid foundation of tech knowledge but…
The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting an…
Jul 21, 2025Ravie LakshmananSpyware / Mobile Security Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by…
Jul 21, 2025Ravie LakshmananBrowser Security / Malware The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. “The attackers used hardcoded names…