Security Issues, Vulnerabilities, Exploits & Government Alerts
Sep 19, 2025Ravie LakshmananData Breach / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation…
Sep 18, 2025Ravie LakshmananData Breach / Network Security SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts. The company said it recently…
Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Westermo Network Technologies Equipment: WeOS 5 Vulnerability: Improper Validation of Syntactic Correctness of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Cognex Equipment: In-Sight Explorer, In-Sight Camera Firmware Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Information, Incorrect Default Permissions, Improper…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Dover Fueling Solutions Equipment: ProGauge MagLink LX4, ProGauge MagLink LX4 Plus, ProGauge MagLink LX4 Ultimate Vulnerabilities: Integer Overflow or Wraparound, Use…
Sep 18, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on…
AI’s growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance…
Sep 18, 2025Ravie LakshmananVulnerability / Browser Security Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day…
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets. Russian cybersecurity vendor…