Lucene search
K

11 matches found

The Hacker News
The Hacker News
added 2026/04/08 4:23 a.m.11 views

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...

6.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/02/25 1:9 a.m.2 views

CVE-2025-67752 OpenEMR Has Disabled SSL Certificate Verification in HTTP Client

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper oeHttp/oeHttpRequest disables SSL/TLS certificate verification by default verify: false, making all external HTTPS connections vulnerable ...

8.1CVSS5.9AI score0.00233EPSS
Exploits1References2
CISA
CISA
added 2025/12/04 12:0 p.m.17 views

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...

6.6AI score
Exploits0References10
The Hacker News
The Hacker News
added 2025/12/04 9:27 a.m.7 views

GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections

Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/05/22 10:0 a.m.19 views

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

The trove has now been taken down but included users’ logins for platforms including Apple, Google, and Meta, plus services from multiple governments...

7.4AI score
Exploits0
HackRead
HackRead
added 2023/07/11 5:10 p.m.15 views

DDoS Attacks Soar by 168% on Government Services, StormWall Warns

By Waqas The telecommunications sector also faced a significant onslaught in Q2 2023, becoming the second most targeted industry with an 83% YoY increase in DDoS attacks. This is a post from HackRead.com Read the original post: DDoS Attacks Soar by 168% on Government Services, StormWall Warns...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/24 8:41 a.m.9 views

eservices.cyprus.gov.cy Cross Site Scripting vulnerability OBB-1361033

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/17 4:7 p.m.42 views

Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts

Canadian authorities said almost 15,000 online accounts for various government services have been targeted in three recent waves of credential-stuffing attacks. These accounts could give attackers access to Canadians’ tax-related and benefits information, coronavirus relief fund money and more...

1.2AI score
Exploits0References7
Information Security Automation
Information Security Automation
added 2017/04/22 8:25 p.m.204 views

Why you can’t update it all at once?

It’s the second part of our talk with Daniil Svetlov at his radio show “Safe Environment” recorded 29.03.2017. In this part we talk about vulnerabilities in Linux and proprietary software, problems of patch an vulnerability management, and mention some related compliance requirements. Video with...

7.2CVSS8.1AI score0.01029EPSS
Exploits2
FireEye
FireEye
added 2015/12/20 7:45 p.m.287 views

The EPS Awakens - Part 2

On Wednesday, Dec. 16, 2015, FireEye published The EPS Awakens, detailing an exploit targeting a previously unknown Microsoft Encapsulated Postscript EPS dict copy use-after-free vulnerability that was silently patched by Microsoft on November 10, 2015. The blog described the technical details of...

7.2CVSS8.3AI score0.562EPSS
Exploits38
ThreatPost
ThreatPost
added 2015/01/13 2:0 p.m.10 views

DHS Not Addressing Cyber Threats to Building Access Systems

Civil watchdogs at the Government Accountability Office are warning the Department of Homeland Security and the Government Services Agency about unaddressed risks posed to building access control systems at federal facilities. The systems in question are those that prevent unauthorized access to...

0.2AI score
Exploits0References1
Rows per page
Query Builder