EUVD-2026-23196

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs, potentially causing the iOS device to become temporarily inoperable...

Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation

Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts – but executives want ...

Device Status Modification Detected (Medium)

Changes in the controller state can stop operations altogether or start an operation that should not have been started. These operations can be used by an attacker to disrupt normal operation, cause production losses, or create safety concerns. This plugin only works with Tenable.ot. Please visit...

Agentic AI in the SOC - Dawn of Autonomous Alert Triage

Security Operations Centers SOCs today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the...

CVE-2024-8053 Improper Authentication in open-webui/open-webui

In version v0.3.10 of open-webui/open-webui, the api/v1/utils/pdf endpoint lacks authentication mechanisms, allowing unauthenticated attackers to access the PDF generation service. This vulnerability can be exploited by sending a POST request with an excessively large payload, potentially leading...

[Whitepaper] XDR vs. NDR/NTA – What do Organizations Truly Need to Stay Safe?

Security teams whose organizations are outside the Fortune 500 are faced with a dilemma. Most teams will have to choose between deploying either a network traffic analysis NTA or network detection and response NDR tool or an endpoint detection and response EDR tool to supplement their existing...

Food-Supply Giant Americold Admits Cyberattack

Americold, a company whose cold-storage capabilities are integral to the U.S. food-supply chain and soon, COVID-19 vaccine distribution, has confirmed an operations-impacting cyberattack, according to a filing with the Securities and Exchange Commission SEC. The filing was brief and read in part:...

US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency CISA earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in respons...

Unexpected shutdown of one of the Xenmobile servers

Unexpected shutdown of one of the Xenmobile servers...

Philips Xper-IM Connect Vulnerabilities

OVERVIEW Independent researchers Mike Ahmadi of Synopsys and Billy Rios of Whitescope LLC, in collaboration with Philips, have identified numerous vulnerabilities with an automated software composition analysis tool in the Philips Xper-IM Connect system running on Windows XP. Philips reports that...

F5 BIG-IP 10.1.0 - Directory Traversal Vulnerability

F5 BIG-IP version 10.1.0 suffers from a directory traversal vulnerability that can allow an authenticated user the ability to delete any system file and enumerate their existence. +------------------------------------------------------+ + F5 BIG-IP 10.1.0 - Directory Traversal Vulnerability +...

F5 BIG-IP 10.1.0 - Directory Traversal

+------------------------------------------------------+ + F5 BIG-IP 10.1.0 - Directory Traversal Vulnerability + +------------------------------------------------------+ Affected Product : F5 BIG-IP Vendor Homepage : http://www.f5.com/ Version : 10.1.0 Vulnerability Category : Local vulnerabilit...

Default configuration

Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote...