Critical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert

Researchers reveal CVE-2025-54322, a critical unpatched flaw in XSpeeder networking gear found by AI agents. 70,000 industrial and branch devices are exposed...

⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More

It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn't just patching fast, but watching smarter and staying alert for what you don't...

PT-2024-5372 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana versions prior to 8.14.2 Kibana versions prior to 7.17.23 Description: A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to interna...

PT-2024-4078 · Zyxel · Zyxel Nas326 +1

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 versions prior to V5.21AAZF.17C0 Zyxel NAS542 versions prior to V5.21ABAG.14C0 Description: The command injection vulnerability in the setCookie parameter could allow an unauthenticated attacker to execute some operating system O...

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

On Monday, October 16, Cisco’s Talos group published a blog on an active threat campaign exploiting CVE-2023-20198, a “previously unknown” zero-day vulnerability in the web UI component of Cisco IOS XE software. IOS XE is an operating system that runs on a wide range of Cisco networking devices,...

Researchers Warn of Critical Flaw Affecting Industrial Automation Systems

A critical vulnerability uncovered in Real-Time Automation's RTA 499ES EtherNet/IP ENIP stack could open up the industrial control systems to remote attacks by adversaries. RTA's ENIP stack is one of the widely used industrial automation devices and is billed as the "standard for factory floor I/...

Protecting Critical Infrastructure and Roadways: How Smart Cities Create New Risks

Advanced technology has changed countless facets of everyday life, from internal enterprise processes to consumer pursuits and beyond. Even the design, management and support for large and small cities has shifted thanks to innovative smart city systems. While advanced components to support...

How connected devices put health care at risk

The health care industry is one of the most attractive sectors to hackers. Not only do hospitals, doctor offices and other facilities store and have access to an array of patients' personal information, but many organizations also have financial details on file to facilitate billing processes. On...

Challenges with Critical Infrastructure: IoT, Smart Cities Under Attack

Internet of Things technology is now more widespread than many people realize. Systems that fall under the IoT umbrella are popping up in an array of settings, even outside consumer circles. Today, every group from enterprise businesses to city governments is utilizing intelligent, internet- and...