Security Issues, Vulnerabilities, Exploits & Government Alerts
View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes…
View CSAF Summary ABB became aware of vulnerabilities in AC500 V2 listed as affected in the advisory. An attacker who successfully exploited this vulnerability could access fragments of Modbus telegrams that have been sent earlier…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) today announced a revised schedule for a series of virtual town hall meetings to gather stakeholder input on the Cyber Incident Reporting for Critical Infrastructure Act…
The Hacker NewsMay 26, 2026Web Security / Artificial Intelligence Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone.…
Ravie LakshmananMay 26, 2026Vulnerability / Enterprise Security Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions…
Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn’t log in without the second factor. While that logic…
The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where “feasible” to safeguard against potential threats stemming…
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe,…
Ravie LakshmananMay 26, 2026Vulnerability / Threat Intelligence A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell…
Ravie LakshmananMay 25, 2026Cybersecurity / Hacking Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A…