Security Issues, Vulnerabilities, Exploits & Government Alerts
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and…
Ravie LakshmananFeb 06, 2026Artificial Intelligence / Vulnerability Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source…
Ravie LakshmananFeb 05, 2026Botnet / Network Security The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds.…
Ravie LakshmananFeb 05, 2026Cybersecurity / Hacking News This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that…
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption. The following versions of o6 Automation GmbH Open62541 are affected: Open62541 >=1.5-rc1|=1.5-rc1|
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary shell commands and the disclosure of sensitive system information. The following versions of Ilevia EVE X1 Server are affected: EVE…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) today issued Binding Operational Directive 26-02, Mitigating Risk From End-of-Support Edge Devices. The directive requires Federal Civilian Executive Branch (FCEB) agencies to take specific actions to drive down technical debt and minimize…
View CSAF Summary Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity…
An authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state.…
View CSAF Summary Successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause…