Blogs - Security
CVE / NIST CISA News CISA Blog Cybersecurity Advisories ICS Advisories ICS Medical Advisories 
Packet Storm Security 
The Hacker News 
NIST News
- NIST Launches Centers for AI in Manufacturing and Critical Infrastructure 2025-12-22NIST has expanded its collaboration with the nonprofit MITRE Corporation as part of its efforts to ensure U.S. leadership in artificial intelligence.Sarah Henderson
- NIST Physicists Bring Unruly Molecules to the Quantum Party 2025-12-18Molecules can serve as versatile building blocks for quantum technologies, but they are much harder to control than atoms.Sarah Henderson
- Securing Smart Speakers for Home Health Care: NIST Offers New Guidelines 2025-12-17Cybersecurity and privacy risks can threaten patient confidentiality.Sarah Henderson
- Draft NIST Guidelines Rethink Cybersecurity for the AI Era 2025-12-16New guidelines can help an organization determine ways to incorporate AI into its operations while mitigating cybersecurity risks.Sarah Henderson
- Department of Commerce Announces Transition of Baldrige Performance Excellence Program 2025-12-11Beginning with the 2026 award cycle, the Alliance for Performance Excellence and the Baldrige Foundation will take on most operations for the program.Sarah Henderson
- What Time Is It on Mars? NIST Physicists Have the Answer. 2025-12-01This calculation is necessary for future space navigation and communication networks.Sarah Henderson
- Building a Sustainable Metals Infrastructure: NIST Report Highlights Key Strategies 2025-11-20Making metals processing more sustainable and resilient will support U.S industrial innovation and competitiveness.Sarah Henderson
- CAISI Evaluation of DeepSeek AI Models Finds Shortcomings and Risks 2025-09-30The Center for AI Standards and Innovation at NIST evaluated several leading models from DeepSeek, an AI company based in the People’s Republic of China.Sarah Henderson
- NIST Engineers Design 5 New Ways to Connect Concrete Pieces for More Resilient Buildings 2025-09-29One of the biggest challenges with precast concrete is connecting the concrete pieces at a job site.Sarah Henderson
- NIST Issues Broad Agency Announcement for Proposals to Advance Microelectronics Technologies 2025-09-24The CHIPS for America funding opportunity will support critical research, prototyping and commercial solutions that advance microelectronics technology in the United States.Sarah Henderson
- NIST Awards More Than $3 Million to Support Cybersecurity Workforce Development Across 13 States 2025-09-17There are currently more than 514,000 cybersecurity job openings in the U.S.Sarah Henderson
- In Quantum Sensing, What Beats Beating Noise? Meeting Noise Halfway. 2025-09-10A team including scientists at NIST may have found a new way of dealing with noise at the microscopic scales where quantum physics reigns.Sarah Henderson
- Champlain Towers South Investigation Nears Completion of Technical Work 2025-09-09Investigators share likely failure scenarios, advance indicators of building’s distress.Sarah Henderson
- NIST’s ‘Living Reference Material’ Could Accelerate R&D of Lifesaving Biological Drugs 2025-09-08The NIST reference material, called NISTCHO, will help the biopharmaceutical industry develop new drugs more quickly and ensure that they are safe and effective.Sarah Henderson
- Some Air Cleaners Release Harmful By-Products. Now We Have a Way to Measure Them. 2025-09-02Many types of air cleaners can generate small amounts of air pollution. Until now, there was no standard way to measure these negative by-products.Sarah Henderson
- NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases 2025-08-27The catalog revision is part of NIST’s response to a recent executive order on strengthening the nation’s cybersecurity.Sarah Henderson
- New Technique for Measuring DNA Damage Could Improve Cancer Therapy and Radiological Emergency Response 2025-08-21The technology, which may someday be as portable as a smartphone, promises faster and more accurate measurements of radiation exposure, potentially saving lives in critical situations.Sarah Henderson
- NIST Researchers Develop More Accurate Formula for Measuring Particle Concentration 2025-08-20The new method will be useful in various fields, including nanomedicine, food science, environmental science and advanced manufacturing.Sarah Henderson
- NIST Guidelines Can Help Organizations Detect Face Photo Morphs, Deter Identity Fraud 2025-08-18Face morphing software, which combines photos of different people into a single image, is being used to commit identity fraud.Sarah Henderson
- NIST Awards Over $1.8 Million to Small Businesses Advancing AI, Semiconductors, Additive Manufacturing and More 2025-08-18The winning projects were competitively selected following a call for innovative proposals that address technical needs related to NIST’s research areas.Sarah Henderson
NIST Events
- 19th Annual NICE Conference and Expo 2028-06-05The NICE Conference and Expo will take place June 5-7, 2028. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 18th Annual NICE Conference and Expo 2027-06-07The NICE Conference and Expo will take place June 7-9, 2027. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2068 Mass Metrology Seminar 2026-10-19The Mass Metrology Seminar is a two-week, "hands-on" seminar. It incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying procedures and equationsYvonne A. Branden
- 2083 MidAmerica Measurement Assurance Program, MidMAP** 2026-09-22NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- NIST Small Business Community of Interest Quarterly Calls 2026-09-16NIST's Small Business Cybersecurity Community of Interest (COI) has been established to convene the public and private sectors to share business insights, expertise, challenges, and perspectives to guide our work and assist NIST in addressing theVontress Henderson
- 2082 Southwest Assurance Program, SWAP** 2026-09-01NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2064 Calibration Method Validation 2026-08-13This 2-hour webinar on Calibration Method Validation will examine the ISO/IEC 17025:2017 requirements for selection of calibration methods and for method validation and provide guidance on developing a process for validating a new or modifiedYvonne A. Branden
- 2070 Balance and Scale Calibration and Uncertainties 2026-08-03This 4-day seminar will cover the calibration and use of analytical weighing instruments (balances and laboratory/bench-top scales), including sources of weighing errors in analytical environments, methodologies for quantifying the errors, andYvonne A. Branden
- 2066 Fundamentals of Metrology 2026-07-27The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assurance, traceabilityYvonne A. Branden
- 2063 State Laboratory Annual Submission Process 2026-07-16The State Laboratory Annual Submission Process webinar provides guidance on how to successfully submit all required materials to develop a complete and timely Recognition Application according to NIST Handbook (HB) 143, State Weights and MeasuresYvonne A. Branden
- 2065 Volume Metrology Seminar 2026-07-06The 5-day OWM Volume Metrology Seminar is designed to enable metrologists to apply fundamental measurement concepts to volume calibrations. A large percentage of time is spent on hands-on measurements, applying procedures and equations discussed inYvonne A. Branden
- 2062 Documenting Traceability and Calibration Intervals 2026-06-25This 2-hour webinar covers the essential elements of metrological traceability and the documentary evidence required to support traceability and calibration intervals. It uses NISTIR 6969, GMP 11, and GMP 13 as the baseline for instructions and alsoYvonne A. Branden
- NIST Small Business Community of Interest Quarterly Calls 2026-06-10NIST's Small Business Cybersecurity Community of Interest (COI) has been established to convene the public and private sectors to share business insights, expertise, challenges, and perspectives to guide our work and assist NIST in addressing theVontress Henderson
- 2080 Northeastern Measurement Assurance Program, NEMAP** 2026-06-09NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 17th Annual NICE Conference and Expo 2026-06-01The NICE Conference and Expo will take place June 1-3, 2026. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2059 Basic Uncertainty Concepts 2026-05-28This 2-hour webinar provides a very basic introduction to uncertainty calculations and reporting using the 8-step process published in NIST SOP 29 (NISTIR 6969), beginning with some definitions and concepts from the Guide to the Expression ofYvonne A. Branden
- 2081 Western Regional Assurance Program, WRAP** 2026-05-05NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2056 Fundamentals of Metrology 2026-04-20The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assurance, traceabilityYvonne A. Branden
- 2079 Southeast Measurement Assurance Program, SEMAP** 2026-03-24NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2057 Mass Metrology Seminar 2026-03-02The two-week Mass Metrology Seminar is a "hands-on" seminar that incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying procedures and equationsYvonne A. Branden
CISA Blog
- Protecting Your Privacy 2009-07-29Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should explain how the information will be used and whether or not the information will be distributed to other organizations.CISA
- Protecting Against Malicious Code 2009-07-14What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.CISA
- Understanding Anti-Virus Software 2009-06-30Keep anti-virus software up to date to help protect your systems and information.CISA
- Good Security Habits 2009-06-02There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.CISA
- Choosing and Protecting Passwords 2009-05-21Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords.CISA
- 2009 National Infrastructure Protection Plan Released 2009-03-06Risk management and stakeholder engagement are key elements of TSA's surface transportation initiatives. Unlike in aviation, where TSA has employees performing security functions, we utilize stakeholder partnerships, grant funding and rulemaking to enhance security in surface modes.CISA
- Recovering from Viruses, Worms, and Trojan Horses 2008-03-19If your computer gets infected with malicious code, there are steps you can take to recover.CISA
- Evaluating Your Web Browser's Security Settings 2008-01-09The security settings within your browser are an important safeguard.CISA
- Securing Network Infrastructure Devices 2006-09-06Learn about the threats and risks associated with network infrastructure devices and how you can protect your network from cyber-attacks.CISA
- Safeguarding Your Data 2006-09-06Protect both your personal and work-related data.CISA
CISA Blog
- Protecting Your Privacy 2009-07-29Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should explain how the information will be used and whether or not the information will be distributed to other organizations.CISA
- Protecting Against Malicious Code 2009-07-14What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.CISA
- Understanding Anti-Virus Software 2009-06-30Keep anti-virus software up to date to help protect your systems and information.CISA
- Good Security Habits 2009-06-02There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.CISA
- Choosing and Protecting Passwords 2009-05-21Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords.CISA
- 2009 National Infrastructure Protection Plan Released 2009-03-06Risk management and stakeholder engagement are key elements of TSA's surface transportation initiatives. Unlike in aviation, where TSA has employees performing security functions, we utilize stakeholder partnerships, grant funding and rulemaking to enhance security in surface modes.CISA
- Recovering from Viruses, Worms, and Trojan Horses 2008-03-19If your computer gets infected with malicious code, there are steps you can take to recover.CISA
- Evaluating Your Web Browser's Security Settings 2008-01-09The security settings within your browser are an important safeguard.CISA
- Securing Network Infrastructure Devices 2006-09-06Learn about the threats and risks associated with network infrastructure devices and how you can protect your network from cyber-attacks.CISA
- Safeguarding Your Data 2006-09-06Protect both your personal and work-related data.CISA
ICS Advisories
- Siemens Tecnomatix FactoryLink Vulnerabilities (Update A) 2011-04-05Overview This ICS-CERT Advisory is a follow-up to ICS-ALERT-11-080-01. An independent researcher has identified six vulnerabilities in the Siemens Tecnomatix FactoryLink supervisory control and data acquisition (SCADA) product. The researcher has also publicly released exploit code. The researcher identified the following vulnerabilities types: Buffer overflow (2 vul) Absolute Path Traversal (3 vul) NULL Pointer Dereference […]CISA
- Solar Magnetic Storm Impact on Control Systems 2011-03-26Overview The sun generates solar flare and coronal mass ejection (CME) events in an approximate 11-year cycle. The plasma clouds generated from these events have the potential to cause geomagnetic storms that can interfere with terrestrial communications and other electronic systems, posing a risk to critical infrastructure.In a recent case, Earth-orbiting satellites detected the strongest […]CISA
- Ecava IntegraXor SQL 2011-03-23Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research (VSR) of an unauthenticated Structured Query Language (SQL) vulnerability in the Ecava IntegraXor human machine interface (HMI) product that could allow data leakage, data manipulation, and remote code execution against the backend host running the database service. ICS-CERT has […]CISA
- WellinTech KingView 6.53 KVWebSvr ActiveX 2011-03-15Overview This advisory is a follow-up to ICS-ALERT-11-066-01 - WellinTech KingView 6.53 ActiveX Vulnerability, published on the ICS-CERT Web page on March 7, 2011. An independent security researcher reported a stack-based buffer overflow vulnerability in an ActiveX control in WellinTech KingView V6.53. The researcher has publicly released exploit code for this vulnerability. Successful exploitation of […]CISA
- Wonderware InBatch Vulnerability (Update A) 2011-03-02Overview An independent security researcher has published information to a vulnerability disclosure website regarding a buffer overflow vulnerability in the Wonderware InBatch and I/A Series Batch software products (all supported versions). According to the researcher’s report, the service listening on TCP Port 9001 is vulnerable to a buffer overflow that could cause denial of service […]CISA
- ClearScada Vulnerabilities (Update A) 2011-02-15Overview Researchers at Digital Bond have identified multiple vulnerabilities in the Control Microsystems ClearSCADA application. The following vulnerabilities have been identified: Heap Overflow Vulnerability Cross-site Scripting Vulnerabilities Insecure Web Authentication. Affected Products The following ClearSCADA versions are affected: ClearSCADA 2005 (all versions) ClearSCADA 2007 (all versions) ClearSCADA 2009 (all versions except R2.3 and R1.4). --------- […]CISA
- McAfee Night Dragon Report (Update A) 2011-02-11Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain sensitive data from targeted organizations in the global oil, energy, and petrochemical industries. According to the report, this activity began in 2009 or potentially as early as 2007. […]CISA
- 7-Technologies IGSS 8 ODBC Server Remote Heap Corruption 2011-02-08Overview ICS-CERT has received a report from independent security researcher Jeremy Brown that a remote heap corruption vulnerability exists in IGSS (Interactive Graphical SCADA System) Version 8 from 7-Technologies (7T). 7T has verified the vulnerability and has developed a patch. Affected Products This vulnerability affects only IGSS Versions 8 and 9. Users can contact 7T […]CISA
- Federal Aviation Administration GPS Testing 2011-01-25Overview The US Federal Aviation Administration (FAA) has issued two flight advisories identifying planned Global Positioning System (GPS) temporary outages and the affected areas, due Department of Defense testing. During testing, the GPS signal may be unreliable or unavailable. ICS-CERT is issuing this advisory as a follow up to yesterday’s alert to notify industrial control […]CISA
- AGG SCADA Viewer OPC Buffer Overflow Vulnerability 2011-01-18Overview The ICS-CERT has received a report from independent security researcher Steven James that a stack-based buffer overflow exists in the AGG Software OPC SCADA Viewer software. The vulnerability could allow arbitrary code execution. ICS-CERT has coordinated with AGG Software, which has developed a patch to address this vulnerability. The researcher has also verified that […]CISA
- Sielco Sistemi WinLog Stack Overflow 2011-01-17Overview Independent researcher Luigi Auriemma reported a stack overflow vulnerability in Version 2.07.00 of the Sielco Sistemi WinLog Lite and Winlog Pro HMI software. Sielco Sistemi has developed an update (Version 2.07.01) to address this vulnerability. The researcher has verified that the update is effective in correcting this vulnerability. Affected Products This vulnerability affects all […]CISA
- WellinTech Kingview 6.53 Remote Heap Overflow 2011-01-17Overview This advisory is a follow-up to ICS-ALERT-11-011-01 WellinTech Kingview Buffer Overflow, published on the ICS-CERT Web site on January 11, 2011. Independent security researcher Dillon Beresford reported a heap overflow vulnerability in WellinTech KingView V6.53, which may allow a remote, unauthenticated attacker to execute arbitrary code. ICS-CERT has verified the vulnerability. WellinTech has developed […]CISA
- Advantech Studio Test Web Server Buffer Overflow 2011-01-02Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the test web server bundled with Advantech Studio Version 6.1. This web server is intended to be used for testing purposes and should not be used in a production environment. Advantech has verified the […]CISA
- Ecava IntegraXor Directory Traversal 2010-12-28Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow data leakage. ICS-CERT is currently in contact with representatives of Ecava who […]CISA
- Intellicom NetBiter WebSCADA Vulnerabilities (Update A) 2010-12-15OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data Acquisition (SCADA) applications. A directory traversal vulnerability is present in all affected devices that lead to […]CISA
- Ecava IntegraXor Buffer Overflow 2010-12-14Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow the execution of arbitrary code. Ecava has verified the claim and has released a patch to mitigate the vulnerability (igsetup-3.5.3900.10.msi or later). Affected Products […]CISA
- Automated Solutions OPC Vulnerability (Update) 2010-11-17Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server. Automated Solutions has confirmed that their most recent patch mitigates the vulnerability for Version 3.0.0. ICS-CERT has verified that the software update resolves the vulnerability identified by the […]CISA
- MOXA Device Manager Buffer Overflow (Update A) 2010-11-10Overview --------- Begin Update A Part 1 of 2 ---------- On October 20, 2010, an independent security researcher postedRubén Santamarta, http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=1, website last visited October 28, 2010. information regarding a vulnerability in MOXA Device Manager (MDM) Version 2.1. MOXA has confirmed this vulnerability and released Version 2.3 on November 11, 2010 to resolve this issue. […]CISA
- RealFlex RealWin Buffer Overflow 2010-11-08Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows, which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt, website last visited November 4, 2010. regarding vulnerabilities in RealFlex Technologies Ltd. RealWin SCADA software products. The security researcher’s analysis […]CISA
- Primary Stuxnet Advisory 2010-09-29OVERVIEW ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software (including Updates B & C) and ICSA-10-238-01 - Stuxnet Mitigations (including Update B). Stuxnet uses four zero-day exploits (two of which have been patched) and takes advantage of a vulnerability also […]CISA
ICS Medical Advisories
- Philips Xper-IM Connect Vulnerabilities 2022-11-25OVERVIEW Independent researchers Mike Ahmadi of Synopsys and Billy Rios of Whitescope LLC, in collaboration with Philips, have identified numerous vulnerabilities with an automated software composition analysis tool in the Philips Xper-IM Connect system running on Windows XP. Philips reports that the identified vulnerabilities can be addressed by upgrading the affected system to a newer […]CISA
- Abbott Laboratories Defibrillator 2022-11-251. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Abbott Laboratories Equipment: Implantable Cardioverter Defibrillator and Cardiac Synchronization Therapy Defibrillator Vulnerabilities: Improper Authentication and Improper Restriction of Power Consumption MedSec Holdings Ltd., has identified vulnerabilities in Abbott Laboratories’ (formerly St. Jude Medical) Implantable Cardioverter Defibrillator (ICD) and Cardiac Synchronization Therapy Defibrillator (CRT-D). Abbott has […]CISA
- Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B) 2022-11-251. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable Remotely / Low skill level to exploit / Public exploits are available Vendors: Silex Technology, GE Healthcare Equipment: SX-500, SD-320AN, MobileLink Vulnerabilities: Improper Authentication, OS Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSMA-18-128-01 Silex Technology SX-500/SD-320AN or GE […]CISA
- GE Medical Devices Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the HSIN ICS-CERT library on February 6, 2018, and is being released to the NCCIC/ICS-CERT website. Independent researcher Scott Erven submitted information regarding the potential use of default or hard-coded credentials in multiple GE Healthcare products. Following the researcher’s report, GE performed a self-assessment and validated that multiple […]CISA
- Philips iSite/IntelliSpace PACS Vulnerabilities (Update A) 2022-11-251. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code Vulnerabilities, Information Exposure, Code Injection, Weaknesses in OWASP Top Ten, and Improper Restriction of XML External Entity Reference […]CISA
- Ethicon Endo-Surgery Generator G11 Vulnerability 2022-11-25OVERVIEW Johnson & Johnson, the parent company of Ethicon Endo-Surgery, LLC, reported an improper authentication vulnerability in the Ethicon Endo-Surgery Generator Gen11. EthiconEndo-Surgery, LLC has produced updates that mitigate this vulnerability in the affected product. AFFECTED PRODUCTS The following versions of the Ethicon Endo-Surgery Generator Gen11 are affected: Ethicon Endo-Surgery Generator Gen11, all versions released […]CISA
- Vyaire Medical CareFusion Upgrade Utility Vulnerability 2022-11-25OVERVIEW Independent researcher Mark Cross (@xerubus) has identified an uncontrolled search path element vulnerability in Vyaire Medical’s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability. AFFECTED PRODUCTS The following versions of CareFusion Upgrade Utility, designed to upgrade compatible units to the latest software versions, are affected: CareFusion Upgrade Utility […]CISA
- B. Braun Medical SpaceCom Open Redirect Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the NCCIC Portal on March 23, 2017, and is being released to the ICS-CERT web site. Marc Ruef and Rocco Gagliardi of scip AG have identified an open redirect vulnerability in B. Braun Medical’s SpaceCom module, which is integrated into the SpaceStation docking station. B. Braun has produced […]CISA
- Siemens Molecular Imaging Vulnerabilities 2022-11-25OVERVIEW Siemens has identified two vulnerabilities in Siemens’ Molecular Imaging products running on Windows XP. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following products: Siemens PET/CT Systems: All Windows XP-based versions, Siemens SPECT/CT Systems: All Windows XP-based versions, Siemens […]CISA
- BD Alaris 8000 Insufficiently Protected Credentials Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. Becton, Dickinson and Company (BD) has identified an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care (PC) unit, which provides a common user interface for programming intravenous infusions. BD […]CISA
- BD Kiestra PerformA and KLA Journal Service Applications Hard-Coded Passwords Vulnerability 2022-11-25OVERVIEW Becton, Dickinson and Company (BD) has identified a hard-coded password vulnerability in BD’s Kiestra PerformA and KLA Journal Service applications that access the BD Kiestra Database. BD has produced compensating controls to reduce the risk of exploitation of the identified vulnerability by issuing product updates and defensive measures to be applied by end users. […]CISA
- St. Jude Merlin@home Transmitter Vulnerability (Update A) 2022-11-25OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-009-01 St. Jude Merlin@home Transmitter Vulnerability that was published January 9, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- MedSec Holdings has identified a channel accessible by nonendpoint (“man-in-the-middle”) vulnerability in St. Jude Medical's Merlin@home transmitter, […]CISA
- Smiths Medical CADD-Solis Medication Safety Software Vulnerabilities 2022-11-25OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Smiths Medical has reported two vulnerabilities in Smiths Medical’s CADD-Solis Medication Safety Software that were identified by Andrew Gothard of Newcastle Upon Tyne Hospitals NHS Foundations Trust. Smiths Medical has […]CISA
- Animas OneTouch Ping Insulin Pump Vulnerabilities 2022-11-25OVERVIEW Rapid7 has identified vulnerabilities in the cybersecurity of the Animas OneTouch Ping insulin pump system. Animas will not be releasing a patch or new version to mitigate these vulnerabilities. Animas has provided compensating controls to help reduce the risk associated with the exploitation of the identified vulnerabilities, and these compensating controls may impact device […]CISA
- Boston Scientific ZOOM LATITUDE PRM Vulnerabilities 2022-11-25OVERVIEW Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation. AFFECTED PRODUCTS The following ZOOM LATITUDE PRM versions are affected: ZOOM LATITUDE PRM – Model 3120, all versions. IMPACT Successful […]CISA
- Siemens Molecular Imaging Vulnerabilities 2022-11-25OVERVIEW Siemens has identified four vulnerabilities in Siemens’ Molecular Imaging products running on Windows 7. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available. AFFECTED PRODUCTS Siemens reports that the vulnerabilities affect the following products: Siemens PET/CT Systems: All […]CISA
- Philips IntelliSpace Cardiovascular System and Xcelera System Vulnerability 2022-11-25OVERVIEW Philips reported a vulnerability in the Philips’ IntelliSpace Cardiovascular and Xcelera cardiac image and information management systems. Philips has produced updates that mitigate this vulnerability in the affected products. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Philips reports that the vulnerability affects the following versions of the IntelliSpace Cardiovascular and Xcelera cardiac image […]CISA
- BMC Medical and 3B Medical Luna CPAP Machine 2022-11-25OVERVIEW MedSec has identified an improper input validation vulnerability in BMC Medical’s and 3B Medical’s Luna continuous positive airway pressure (CPAP) therapy machine. For devices released after July 1, 2017, this vulnerability has been addressed. For devices released prior to July 1, 2017, BMC Medical and 3B Medical offer no mitigations. AFFECTED PRODUCTS The following […]CISA
- Philips IntelliSpace Cardiovascular System Vulnerability 2022-11-25OVERVIEW Philips reported an insufficient session expiration vulnerability in the Philips’ IntelliSpace Cardiovascular cardiac image and information management systems. Philips is creating a software update to mitigate this vulnerability in the affected products. AFFECTED PRODUCTS Philips reports that the vulnerability affects the following versions of the IntelliSpace Cardiovascular: IntelliSpace Cardiovascular, Version 2.3.0 and prior. IMPACT […]CISA
- Philips' DoseWise Portal Vulnerabilities 2022-11-25OVERVIEW Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal (DWP) web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Philips DWP versions are affected: DoseWise Portal, Versions 1.1.7.333 and 2.1.1.3069 […]CISA
The Hacker News
- MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors 2026-01-10The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. "The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular
- Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime 2026-01-10Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28 arrests were made in Seville, along with […]
- China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines 2026-01-09Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final […]
- Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations 2026-01-09Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia and Uzbekistan. The activity has been attributed to APT28 (aka BlueDelta), which was attributed […]
- Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can't) 2026-01-09As organizations plan for 2026, cybersecurity predictions are everywhere. Yet many strategies are still shaped by headlines and speculation rather than evidence. The real challenge isn’t a lack of forecasts—it’s identifying which predictions reflect real, emerging risks and which can safely be ignored. An upcoming webinar hosted by Bitdefender aims to cut through the noise […]
- Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions 2026-01-09Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case […]
- CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024 2026-01-09The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it's retiring 10 emergency directives (Eds) that were issued between 2019 and 2024. The list of the directives now considered closed is as follows - ED 19-01: Mitigate DNS Infrastructure Tampering ED 20-02: Mitigate Windows Vulnerabilities from January 2020 Patch Tuesday ED 20-03: Mitigate […]
- FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing 2026-01-09The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country. "As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR)
- WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging 2026-01-08Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The campaign has been codenamed Boto Cor-de-Rosa by Acronis Threat Research Unit. "The malware retrieves the victim's WhatsApp contact list and automatically sends malicious messages to each contact […]
- China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes 2026-01-08A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe. The activity cluster, which has been active since at least 2022, primarily focuses on extensive technical reconnaissance of target organizations before initiating attacks, ultimately leading to the deployment of malware families such as RushDrop
- ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories 2026-01-08The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in. Read on to catch up before the next wave […]
- The State of Trusted Open Source 2026-01-08Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across a growing customer base and an extensive catalog of over 1800 container image projects, 148,000 versions, 290,000 images, and 100,000 language libraries, and almost half […]
- Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release 2026-01-08Cisco has released updates to address a medium-severity security flaw in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit. The vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), resides in the licensing feature and could allow an authenticated, remote attacker with administrative privileges to gain access to
- Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages 2026-01-08Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware called NodeCordRAT. The names of the packages, all of which were taken down as of November 2025, are listed below. They were uploaded by a user named "wenmoonx." bitcoin-main-lib (2,300 Downloads) bitcoin-lib-js (193 Downloads) bip40 (970 Downloads) "The
- Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances 2026-01-08Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution. The list of vulnerabilities is as follows - CVE-2025-66209 (CVSS score: 10.0) - A command injection vulnerability in the database backup functionality allows any authenticated
- OpenAI Launches ChatGPT Health with Isolated, Encrypted Health Data Controls 2026-01-08Artificial intelligence (AI) company OpenAI on Wednesday announced the launch of ChatGPT Health, a dedicated space that allows users to have conversations with the chatbot about their health. To that end, the sandboxed experience offers users the optional ability to securely connect medical records and wellness apps, including Apple Health, Function, MyFitnessPal, Weight Watchers, AllTrails,
- CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited 2026-01-08The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting Microsoft Office and Hewlett Packard Enterprise (HPE) OneView to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities are listed below - CVE-2009-0556 (CVSS score: 8.8) - A code injection vulnerability in Microsoft Office
- Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators 2026-01-07Security teams are still catching malware. The problem is what they're not catching. More attacks today don't arrive as files. They don't drop binaries. They don't trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment — scripts, remote access, browsers, and developer workflows. That shift is creating a blind […]
- Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches 2026-01-07A cybercrime gang known as Black Cat has been attributed to a search engine optimization (SEO) poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading a backdoor capable of stealing sensitive data. According to a report published by the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) […]
- Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control 2026-01-07Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances. The vulnerability, tracked as CVE-2026-21858 (CVSS score: 10.0), has been codenamed Ni8mare by Cyera Research Labs. Security researcher Dor Attias has been