Lucene search
K

1404 matches found

CISA
CISA
added 2026/02/10 12:0 p.m.33 views

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...

5.7AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38086)

"In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during miinwayrestart In miinwayrestart the code attempts to call mii-mdioread which is ch9200mdioread. ch9200mdioread utilises a local buffer called buff, which is initialised with...

5.5CVSS6.5AI score0.00153EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/02/06 12:0 a.m.8 views

Next-Generation Cyberattack Detection with Large Language Models: Anomaly Analysis across Heterogeneous Logs

This project explores large language models LLMs for anomaly detection across heterogeneous log sources. Traditional intrusion detection systems suffer from high false positive rates, semantic blindness, and data scarcity, as logs are inherently sensitive, making clean datasets rare. We address...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/03 3:18 p.m.6 views

CVE-2022-50979

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...

6.5CVSS5.4AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.13 views

PT-2026-5667

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...

6.5CVSS5.3AI score0.00208EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/02/01 3:41 a.m.219 views

nightfury

NightFury Framework Version 2.0 | Professional Red Team Ope...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.5 views

CERT.pl Energy Sector Incident 29 December

This is the official report from CERT.pl on the coordinated attacks against Poland's energy sector. These events affected both information systems IT and physical industrial equipment OT, which is rarely observed in attacks reported publicly to date...

5.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/01/29 5:0 p.m.10 views

Top 10 Cloud Compliance Tools for Enterprise Security and Audit Readiness in 2026

Key Takeaways Cloud compliance has shifted from periodic audits to a continuous operating requirement as hybrid and multi-cloud environments change faster than traditional controls can keep pace. Modern cloud compliance solutions provide continuous, automated compliance monitoring across AWS,...

6AI score
Exploits0
CISA
CISA
added 2026/01/29 12:0 p.m.43 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1281link is external Ivanti Endpoint Manager Mobile EPMM Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS5.9AI score0.81231EPSS
In wildExploits6References6
The Hacker News
The Hacker News
added 2026/01/29 11:55 a.m.7 views

Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology OT networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues...

7.8CVSS6.1AI score0.74323EPSS
Exploits7
The Hacker News
The Hacker News
added 2026/01/28 4:6 p.m.7 views

Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology OT cybersecurity company Dragos, in a new intelligence brief published Tuesday,...

6.1AI score
Exploits0
CISA
CISA
added 2026/01/23 12:0 p.m.10 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-37079link is external Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS5.5AI score0.22377EPSS
In wildExploits0References6
Packet Storm News
Packet Storm News
added 2026/01/22 12:0 a.m.6 views

CISA: Principles for the Secure Integration of Artificial Intelligence in Operational Technology V2

Artificial intelligence AI has the potential to increase efficiency and productivity, enhance decision-making, cut costs and improve customer experience, but introducing AI in operational technology OT environments can introduce risks that require careful management to support the safety, securit...

5.5AI score
Exploits0
CISA
CISA
added 2026/01/13 12:0 p.m.16 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20805link is external Microsoft Windows Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actor...

5.5CVSS6.6AI score0.05028EPSS
In wildExploits5References6
CISA
CISA
added 2026/01/12 12:0 p.m.17 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-8110link is external Gogs Path Traversal Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significan...

8.8CVSS6.8AI score0.7654EPSS
In wildExploits16References6
Packet Storm News
Packet Storm News
added 2026/01/12 12:0 a.m.4 views

SecureCAI: Injection-Resilient LLM Assistants for Cybersecurity Operations

Large Language Models have emerged as transformative tools for Security Operations Centers, enabling automated log analysis, phishing triage, and malware explanation; however, deployment in adversarial cybersecurity environments exposes critical vulnerabilities to prompt injection attacks where...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/09 9:11 a.m.11 views

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday said it's retiring 10 emergency directives Eds that were issued between 2019 and 2024. The list of the directives now considered closed is as follows - ED 19-01: Mitigate DNS Infrastructure Tampering ED 20-02: Mitigate...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.26 views

CVE-2025-1551

IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, and 9.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

6.1CVSS6.5AI score0.00212EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/12/30 9:30 a.m.5 views

How to Integrate AI into Modern SOC Workflows

Artificial intelligence AI is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.5 views

PT-2025-53450

Name of the Vulnerable Software and Affected Versions Nozomi Networks affected versions not specified Description Inadequate validation of incoming XML format request messages can allow for cross-site scripting XSS attacks on a user's browser. The vulnerability affects Industrial Control Systems...

5.8CVSS5.8AI score0.00181EPSS
Exploits0References6
Rows per page
Query Builder