931 matches found
PT-2026-37659
Name of the Vulnerable Software and Affected Versions JohnsonControls AC2000 versions 10.6 through 10 JohnsonControls AC2000 versions 11.0 through 9 JohnsonControls AC2000 versions 12 through 3 Description An uncontrolled search path element issue allows for the manipulation of configuration file...
vulnerabilities present in Oracle E-Business Suite
Oracle has identified vulnerabilities in the Oracle E-Business Suite. These vulnerabilities exist in various components of the Oracle E-Business Suite, including Oracle Advanced Inbound Telephony, Oracle Enterprise Command Center Framework, Oracle Advanced Supply Chain Planning, and Oracle Flow...
ABB System 800xA, Symphony Plus IEC 61850
SUMMARY This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications used in some Automation control system products. Note: IEC 61850 communication typically supports MMS and GOOSE protocols. Some ABB products support...
Talos Takes: 2025's ransomware trends and zombie vulnerabilities
Join Amy and Pierre Cadieux as they unpack the ransomware and vulnerability trends that defined 2025. From the persistent ransomware threats targeting the manufacturing sector to the rise of stealthy living-off-the-land tactics, we break down what these shifts mean for your defense strategy. Why...
US Bans All Foreign-Made Consumer Routers
This is for new routers; you don't have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers 1 introduce "a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense" and 2 pose "a severe...
Ransomware in 2025: Blending in is the strategy
Ransomware attacks aren't smash-and-grab anymore. They're built on access that already looks legitimate -- closer to positioning chess pieces than breaking the door down. That's the big trend that comes through in the ransomware data from the Talos 2025 Year in Review. Once attackers have initial...
Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned...
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll...
Security Bulletin: IBM App Connect for Manufacturing is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core (CVE-2025-68161)
Summary IBM App Connect for Manufacturing is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostnam...
An Agentic Multi-Agent Architecture for Cybersecurity Risk Management
Getting a real cybersecurity risk assessment for a small organization is expensive -- a NIST CSF-aligned engagement runs $15,000 on the low end, takes weeks, and depends on practitioners who are genuinely scarce. Most small companies skip it entirely. We built a six-agent AI system where each age...
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group GTIG described the hacking group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have...
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT. Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active...
Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
Introduction Stan Ghouls also known as Bloody Wolf is an cybercriminal group that has been launching targeted attacks against organizations in Russia, Kyrgyzstan, Kazakhstan, and Uzbekistan since at least 2023. These attackers primarily have their sights set on the manufacturing, finance, and IT...
CVE-2021-27615
SAP Manufacturing Execution versions - 15.1, 1.5.2, 15.3, 15.4, does not contain some HTTP security headers in their HTTP response. The lack of these headers in response can be exploited by the attacker to execute Cross-Site Scripting XSS attacks...
Engineering Attack Vectors and Detecting Anomalies in Additive Manufacturing
Additive manufacturing AM is rapidly integrating into critical sectors such as aerospace, automotive, and healthcare. However, this cyber-physical convergence introduces new attack surfaces, especially at the interface between computer-aided design CAD and machine execution layers. In this work, ...
Security Bulletin: IBM App Connect for Manufacturing is vulnerable to Allocation of Resources Without Limits or Throttling due to Bouncy Castle (CVE-2025-8916)
Summary IBM App Connect for Manufacturing is vulnerable to Allocation of Resources Without Limits or Throttling due to Bouncy Castle. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Ja...
Zero-Day Zero: The AI Attack That Just Ended the Era of the Forgiving Internet
Why the Exploit Window Has Collapsed and How CISOs Must Pivot to Survive For decades, cybersecurity was a game of time. We banked on the buffer between a vulnerability’s disclosure and its widespread exploitation. We relied on the forgiving internet, where human attackers needed days or weeks to...
AI as Cyberattacker
From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree--using AI not just as an advisor, but to execute the cyberattacks...
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle AitM attacks. EdgeStepper "redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the...
Today’s threat landscape demands a proactive OT security strategy
Today’s threat landscape demands a proactive OT security strategy By John Fokker and Mo Cashman · November 18, 2025 Overview: The operational technology OT security landscape is undergoing rapid transformation, marked by an escalation in advanced threats. As reported in Trellix’s November...