1404 matches found
Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps
The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...
Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38086)
"In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during miinwayrestart In miinwayrestart the code attempts to call mii-mdioread which is ch9200mdioread. ch9200mdioread utilises a local buffer called buff, which is initialised with...
Next-Generation Cyberattack Detection with Large Language Models: Anomaly Analysis across Heterogeneous Logs
This project explores large language models LLMs for anomaly detection across heterogeneous log sources. Traditional intrusion detection systems suffer from high false positive rates, semantic blindness, and data scarcity, as logs are inherently sensitive, making clean datasets rare. We address...
CVE-2022-50979
An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...
PT-2026-5667
A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...
nightfury
NightFury Framework Version 2.0 | Professional Red Team Ope...
CERT.pl Energy Sector Incident 29 December
This is the official report from CERT.pl on the coordinated attacks against Poland's energy sector. These events affected both information systems IT and physical industrial equipment OT, which is rarely observed in attacks reported publicly to date...
Top 10 Cloud Compliance Tools for Enterprise Security and Audit Readiness in 2026
Key Takeaways Cloud compliance has shifted from periodic audits to a continuous operating requirement as hybrid and multi-cloud environments change faster than traditional controls can keep pace. Modern cloud compliance solutions provide continuous, automated compliance monitoring across AWS,...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1281link is external Ivanti Endpoint Manager Mobile EPMM Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...
Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps
A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology OT networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues...
Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology OT cybersecurity company Dragos, in a new intelligence brief published Tuesday,...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-37079link is external Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious...
CISA: Principles for the Secure Integration of Artificial Intelligence in Operational Technology V2
Artificial intelligence AI has the potential to increase efficiency and productivity, enhance decision-making, cut costs and improve customer experience, but introducing AI in operational technology OT environments can introduce risks that require careful management to support the safety, securit...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20805link is external Microsoft Windows Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actor...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-8110link is external Gogs Path Traversal Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significan...
SecureCAI: Injection-Resilient LLM Assistants for Cybersecurity Operations
Large Language Models have emerged as transformative tools for Security Operations Centers, enabling automated log analysis, phishing triage, and malware explanation; however, deployment in adversarial cybersecurity environments exposes critical vulnerabilities to prompt injection attacks where...
CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday said it's retiring 10 emergency directives Eds that were issued between 2019 and 2024. The list of the directives now considered closed is as follows - ED 19-01: Mitigate DNS Infrastructure Tampering ED 20-02: Mitigate...
CVE-2025-1551
IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, and 9.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
How to Integrate AI into Modern SOC Workflows
Artificial intelligence AI is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams...
PT-2025-53450
Name of the Vulnerable Software and Affected Versions Nozomi Networks affected versions not specified Description Inadequate validation of incoming XML format request messages can allow for cross-site scripting XSS attacks on a user's browser. The vulnerability affects Industrial Control Systems...