AXIS OS 安全漏洞

AXIS OS is an operating system for edge devices developed by Axis, a Swedish company. There is a security vulnerability in AXIS OS, which stems from improper validation of configuration file inputs in the local file system. This vulnerability may allow code execution and potentially escalate...

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent authentication and to access connected Industrial Edge Devices through the remote connection feature. Siemens has released new versions...

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

In this article 1. DNS hijacking attack chain: From compromised devices to AiTM and other follow-on activity 2. Mitigation and protection guidance 3. Microsoft Defender detection and hunting guidance Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been...

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60% of...

UAT-9244 targets South American telecommunication providers with three new malware implants

Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat APT actor closely associated with Famous Sparrow. Since 2024, UAT-9244 has targeted critical telecommunications infrastructure, including Windows and Linux-based endpoints and edge...

Gardyn Home Kit (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control edge devices, access cloud-based devices and user information without authentication, and pivot to other edge devices managed in the Gardyn cloud environment. 2. RECOMMENDED...

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base DIB sector, according to findings from Google Threat Intelligence Group GTIG. The tech giant's threat intelligence division...

LoRA-Based Parameter-Efficient LLMs for Continuous Learning in Edge-Based Malware Detection

The proliferation of edge devices has created an urgent need for security solutions capable of detecting malware in real time while operating under strict computational and memory constraints. Recently, Large Language Models LLMs have demonstrated remarkable capabilities in recognizing complex...

Resource-Aware Deployment Optimization for Collaborative Intrusion Detection in Layered Networks

Collaborative Intrusion Detection Systems CIDS are increasingly adopted to counter cyberattacks, as their collaborative nature enables them to adapt to diverse scenarios across heterogeneous environments. As distributed critical infrastructure operates in rapidly evolving environments, such as...

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...

China-Linked DKnife Spyware Hijacking Internet Routers Since 2019

Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks...

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle AitM framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019. The framework comprises seven Linux-based implants that are designed to perform deep packet inspection...

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

The U.S. Cybersecurity and Infrastructure Security Agency CISA has ordered Federal Civilian Executive Branch FCEB agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers OEMs over the...

CISA: Reducing the Attack Surface for End-of-Support Edge Devices

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the U.K.’s National Cyber Security Centre NCSC are releasing this fact sheet to urge defensive action against malicious cyber activity by nation-state threat actors. Nation-state threat actors...

Siemens Industrial Edge Devices

SUMMARY Siemens Industrial Edge Devices contain an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Siemens has released new versions for several affected products and recommends to update...

PT-2025-53622

Name of the Vulnerable Software and Affected Versions XSpeeder SXZOS through 2025-12-26 Description XSpeeder SXZOS through 2025-12-26 contains a critical flaw allowing unauthenticated attackers to achieve root remote code execution. The issue stems from the unsafe evaluation of base64-decoded inp...

CISA and Partners Release Advisory Update on Akira Ransomware

Today, Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the Federal Bureau of Investigation, Department of Defense Cyber Crime Center, Department of Health and Human Services, and international partners, released an updated joint Cybersecurity Advisory, StopRansomware:...

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from an escalation of privilege issue that could result in a VAPIX Administrator privileged user gaining Linux Root privileges...

EUVD-2024-0054

Malicious code in bioql PyPI...

GPU in the Blind Spot: Overlooked Security Risks in Transportation

Graphics processing units GPUs are becoming an essential part of the intelligent transportation system ITS for enabling video-based and artificial intelligence AI based applications. GPUs provide high-throughput and energy-efficient computing for tasks like sensor fusion and roadside video...