PT-2026-7719

Name of the Vulnerable Software and Affected Versions Pion DTLS versions 1.0.0 through 3.1.0 Description Pion DTLS, a Go implementation of Datagram Transport Layer Security, is susceptible to an issue where the use of random nonce generation with AES GCM ciphers allows remote attackers to...

From Ransomware to Residency: Inside the Rise of the Digital Parasite

Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them? According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and...

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

CVE-2024-52334

CVE-2024-52334 concerns syngo.plaza VB30E (all versions

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

Siemens syngo.plaza 安全漏洞

Siemens syngo.plaza is an image archiving and transmission platform developed by the German company Siemens. Previous versions of Siemens syngo.plaza, such as VB30EHF07, had security vulnerabilities. These vulnerabilities stemmed from improper password encryption, which could allow attackers to...

PT-2026-7249

Name of the Vulnerable Software and Affected Versions syngo.plaza versions prior to VB30E HF07 Description The application does not properly encrypt passwords. This could allow an attacker to recover original passwords and potentially gain unauthorized access. Recommendations Update to version...

I2P 2.11.0

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version...

Hackers Deliver Global Group Ransomware Offline via Phishing Emails

Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection...

neopythonlogger

chrome-privless-encryption A PoC demonstrating how to bypass...

CVE-2026-22906

User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass...

CVE-2026-22906

CVE-2026-22906 involves credentials disclosure caused by AES-ECB encryption with a hardcoded key in a configuration file. An unauthenticated remote attacker that can obtain the config file can decrypt and recover plaintext usernames and passwords, with higher risk when combined with an authentica...

PT-2026-7084

Name of the Vulnerable Software and Affected Versions WAGO 0852-1322 affected versions not specified Description User credentials are stored using AES-ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernam...

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the Yokogawa FAST/TOOLS R9.01 version up to R10.04. These vulnerabilities stem from the use of weak encryption algorithms, which may...

WeRSS 安全漏洞

WeRSS is a WeChat official account system developed by Rachel. Versions of WeRSS 1.4.8 and earlier contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the SECRETKEY parameter in the core/auth.py file of the JWT Handler component, which could lead to the us...

ROS-20260209-73-0033

A vulnerability in the JWE, JWS, JWT go-jose standards suite implementation package for the Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Panic in `libcrux-psq` on decryption of malformed AES-GCM ciphertext

The latest releases of the libcrux-psq crate contains the following bug-fix: 1319: Propagate AEADError instead of panicking The issue fixed in 1319 was first reported by Nadim Kobeissi...

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...