Blogs - Security
CVE / NIST CISA News CISA Blog Cybersecurity Advisories ICS Advisories ICS Medical Advisories 
Packet Storm Security 
The Hacker News 
NIST News
- CAISI Issues Request for Information About Securing AI Agent Systems 2026-01-12The Center for AI Standards and Innovation (CAISI) at the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has published a Request for Information (RFI) seeking insights from industry, academia, and the securityPeter Cihon
- NIST Launches Centers for AI in Manufacturing and Critical Infrastructure 2025-12-22NIST has expanded its collaboration with the nonprofit MITRE Corporation as part of its efforts to ensure U.S. leadership in artificial intelligence.Sarah Henderson
- NIST Physicists Bring Unruly Molecules to the Quantum Party 2025-12-18Molecules can serve as versatile building blocks for quantum technologies, but they are much harder to control than atoms.Sarah Henderson
- Securing Smart Speakers for Home Health Care: NIST Offers New Guidelines 2025-12-17Cybersecurity and privacy risks can threaten patient confidentiality.Sarah Henderson
- Draft NIST Guidelines Rethink Cybersecurity for the AI Era 2025-12-16New guidelines can help an organization determine ways to incorporate AI into its operations while mitigating cybersecurity risks.Sarah Henderson
- Department of Commerce Announces Transition of Baldrige Performance Excellence Program 2025-12-11Beginning with the 2026 award cycle, the Alliance for Performance Excellence and the Baldrige Foundation will take on most operations for the program.Sarah Henderson
- What Time Is It on Mars? NIST Physicists Have the Answer. 2025-12-01This calculation is necessary for future space navigation and communication networks.Sarah Henderson
- Building a Sustainable Metals Infrastructure: NIST Report Highlights Key Strategies 2025-11-20Making metals processing more sustainable and resilient will support U.S industrial innovation and competitiveness.Sarah Henderson
- CAISI Evaluation of DeepSeek AI Models Finds Shortcomings and Risks 2025-09-30The Center for AI Standards and Innovation at NIST evaluated several leading models from DeepSeek, an AI company based in the People’s Republic of China.Sarah Henderson
- NIST Engineers Design 5 New Ways to Connect Concrete Pieces for More Resilient Buildings 2025-09-29One of the biggest challenges with precast concrete is connecting the concrete pieces at a job site.Sarah Henderson
- NIST Issues Broad Agency Announcement for Proposals to Advance Microelectronics Technologies 2025-09-24The CHIPS for America funding opportunity will support critical research, prototyping and commercial solutions that advance microelectronics technology in the United States.Sarah Henderson
- NIST Awards More Than $3 Million to Support Cybersecurity Workforce Development Across 13 States 2025-09-17There are currently more than 514,000 cybersecurity job openings in the U.S.Sarah Henderson
- In Quantum Sensing, What Beats Beating Noise? Meeting Noise Halfway. 2025-09-10A team including scientists at NIST may have found a new way of dealing with noise at the microscopic scales where quantum physics reigns.Sarah Henderson
- Champlain Towers South Investigation Nears Completion of Technical Work 2025-09-09Investigators share likely failure scenarios, advance indicators of building’s distress.Sarah Henderson
- NIST’s ‘Living Reference Material’ Could Accelerate R&D of Lifesaving Biological Drugs 2025-09-08The NIST reference material, called NISTCHO, will help the biopharmaceutical industry develop new drugs more quickly and ensure that they are safe and effective.Sarah Henderson
- Some Air Cleaners Release Harmful By-Products. Now We Have a Way to Measure Them. 2025-09-02Many types of air cleaners can generate small amounts of air pollution. Until now, there was no standard way to measure these negative by-products.Sarah Henderson
- NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases 2025-08-27The catalog revision is part of NIST’s response to a recent executive order on strengthening the nation’s cybersecurity.Sarah Henderson
- New Technique for Measuring DNA Damage Could Improve Cancer Therapy and Radiological Emergency Response 2025-08-21The technology, which may someday be as portable as a smartphone, promises faster and more accurate measurements of radiation exposure, potentially saving lives in critical situations.Sarah Henderson
- NIST Researchers Develop More Accurate Formula for Measuring Particle Concentration 2025-08-20The new method will be useful in various fields, including nanomedicine, food science, environmental science and advanced manufacturing.Sarah Henderson
- NIST Awards Over $1.8 Million to Small Businesses Advancing AI, Semiconductors, Additive Manufacturing and More 2025-08-18The winning projects were competitively selected following a call for innovative proposals that address technical needs related to NIST’s research areas.Sarah Henderson
NIST Events
- 19th Annual NICE Conference and Expo 2028-06-05The NICE Conference and Expo will take place June 5-7, 2028. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 18th Annual NICE Conference and Expo 2027-06-07The NICE Conference and Expo will take place June 7-9, 2027. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2068 Mass Metrology Seminar 2026-10-19The Mass Metrology Seminar is a two-week, "hands-on" seminar. It incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying procedures and equationsYvonne A. Branden
- 2083 MidAmerica Measurement Assurance Program, MidMAP** 2026-09-22NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- NIST Small Business Community of Interest Quarterly Calls 2026-09-16NIST's Small Business Cybersecurity Community of Interest (COI) has been established to convene the public and private sectors to share business insights, expertise, challenges, and perspectives to guide our work and assist NIST in addressing theVontress Henderson
- 2082 Southwest Assurance Program, SWAP** 2026-09-01NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2064 Calibration Method Validation 2026-08-13This 2-hour webinar on Calibration Method Validation will examine the ISO/IEC 17025:2017 requirements for selection of calibration methods and for method validation and provide guidance on developing a process for validating a new or modifiedYvonne A. Branden
- 2070 Balance and Scale Calibration and Uncertainties 2026-08-03This 4-day seminar will cover the calibration and use of analytical weighing instruments (balances and laboratory/bench-top scales), including sources of weighing errors in analytical environments, methodologies for quantifying the errors, andYvonne A. Branden
- 2066 Fundamentals of Metrology 2026-07-27The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assurance, traceabilityYvonne A. Branden
- 2063 State Laboratory Annual Submission Process 2026-07-16The State Laboratory Annual Submission Process webinar provides guidance on how to successfully submit all required materials to develop a complete and timely Recognition Application according to NIST Handbook (HB) 143, State Weights and MeasuresYvonne A. Branden
- 2065 Volume Metrology Seminar 2026-07-06The 5-day OWM Volume Metrology Seminar is designed to enable metrologists to apply fundamental measurement concepts to volume calibrations. A large percentage of time is spent on hands-on measurements, applying procedures and equations discussed inYvonne A. Branden
- 2062 Documenting Traceability and Calibration Intervals 2026-06-25This 2-hour webinar covers the essential elements of metrological traceability and the documentary evidence required to support traceability and calibration intervals. It uses NISTIR 6969, GMP 11, and GMP 13 as the baseline for instructions and alsoYvonne A. Branden
- NIST Small Business Community of Interest Quarterly Calls 2026-06-10NIST's Small Business Cybersecurity Community of Interest (COI) has been established to convene the public and private sectors to share business insights, expertise, challenges, and perspectives to guide our work and assist NIST in addressing theVontress Henderson
- 2080 Northeastern Measurement Assurance Program, NEMAP** 2026-06-09NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 17th Annual NICE Conference and Expo 2026-06-01The NICE Conference and Expo will take place June 1-3, 2026. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2059 Basic Uncertainty Concepts 2026-05-28This 2-hour webinar provides a very basic introduction to uncertainty calculations and reporting using the 8-step process published in NIST SOP 29 (NISTIR 6969), beginning with some definitions and concepts from the Guide to the Expression ofYvonne A. Branden
- 2081 Western Regional Assurance Program, WRAP** 2026-05-05NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2056 Fundamentals of Metrology 2026-04-20The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assurance, traceabilityYvonne A. Branden
- NIST Diffusion Workshop: Data and Model Needs for Efficient Critical Material Usage and Recovery 2026-04-14As global demand for critical materials accelerates, the ability to accurately model transport phenomena is essential for optimizing both material efficiency and recycling processes. This workshop will bring together leading academic researchers andMegan N. Spangler
- 2079 Southeast Measurement Assurance Program, SEMAP** 2026-03-24NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
CISA Blog
- Protecting Your Privacy 2009-07-29Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should explain how the information will be used and whether or not the information will be distributed to other organizations.CISA
- Protecting Against Malicious Code 2009-07-14What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.CISA
- Understanding Anti-Virus Software 2009-06-30Keep anti-virus software up to date to help protect your systems and information.CISA
- Good Security Habits 2009-06-02There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.CISA
- Choosing and Protecting Passwords 2009-05-21Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords.CISA
- 2009 National Infrastructure Protection Plan Released 2009-03-06Risk management and stakeholder engagement are key elements of TSA's surface transportation initiatives. Unlike in aviation, where TSA has employees performing security functions, we utilize stakeholder partnerships, grant funding and rulemaking to enhance security in surface modes.CISA
- Recovering from Viruses, Worms, and Trojan Horses 2008-03-19If your computer gets infected with malicious code, there are steps you can take to recover.CISA
- Evaluating Your Web Browser's Security Settings 2008-01-09The security settings within your browser are an important safeguard.CISA
- Safeguarding Your Data 2006-09-06Protect both your personal and work-related data.CISA
- Securing Network Infrastructure Devices 2006-09-06Learn about the threats and risks associated with network infrastructure devices and how you can protect your network from cyber-attacks.CISA
CISA Blog
- Protecting Your Privacy 2009-07-29Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should explain how the information will be used and whether or not the information will be distributed to other organizations.CISA
- Protecting Against Malicious Code 2009-07-14What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.CISA
- Understanding Anti-Virus Software 2009-06-30Keep anti-virus software up to date to help protect your systems and information.CISA
- Good Security Habits 2009-06-02There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.CISA
- Choosing and Protecting Passwords 2009-05-21Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords.CISA
- 2009 National Infrastructure Protection Plan Released 2009-03-06Risk management and stakeholder engagement are key elements of TSA's surface transportation initiatives. Unlike in aviation, where TSA has employees performing security functions, we utilize stakeholder partnerships, grant funding and rulemaking to enhance security in surface modes.CISA
- Recovering from Viruses, Worms, and Trojan Horses 2008-03-19If your computer gets infected with malicious code, there are steps you can take to recover.CISA
- Evaluating Your Web Browser's Security Settings 2008-01-09The security settings within your browser are an important safeguard.CISA
- Safeguarding Your Data 2006-09-06Protect both your personal and work-related data.CISA
- Securing Network Infrastructure Devices 2006-09-06Learn about the threats and risks associated with network infrastructure devices and how you can protect your network from cyber-attacks.CISA
ICS Advisories
- Siemens Tecnomatix FactoryLink Vulnerabilities (Update A) 2011-04-05Overview This ICS-CERT Advisory is a follow-up to ICS-ALERT-11-080-01. An independent researcher has identified six vulnerabilities in the Siemens Tecnomatix FactoryLink supervisory control and data acquisition (SCADA) product. The researcher has also publicly released exploit code. The researcher identified the following vulnerabilities types: Buffer overflow (2 vul) Absolute Path Traversal (3 vul) NULL Pointer Dereference […]CISA
- Solar Magnetic Storm Impact on Control Systems 2011-03-26Overview The sun generates solar flare and coronal mass ejection (CME) events in an approximate 11-year cycle. The plasma clouds generated from these events have the potential to cause geomagnetic storms that can interfere with terrestrial communications and other electronic systems, posing a risk to critical infrastructure.In a recent case, Earth-orbiting satellites detected the strongest […]CISA
- Ecava IntegraXor SQL 2011-03-23Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research (VSR) of an unauthenticated Structured Query Language (SQL) vulnerability in the Ecava IntegraXor human machine interface (HMI) product that could allow data leakage, data manipulation, and remote code execution against the backend host running the database service. ICS-CERT has […]CISA
- WellinTech KingView 6.53 KVWebSvr ActiveX 2011-03-15Overview This advisory is a follow-up to ICS-ALERT-11-066-01 - WellinTech KingView 6.53 ActiveX Vulnerability, published on the ICS-CERT Web page on March 7, 2011. An independent security researcher reported a stack-based buffer overflow vulnerability in an ActiveX control in WellinTech KingView V6.53. The researcher has publicly released exploit code for this vulnerability. Successful exploitation of […]CISA
- Wonderware InBatch Vulnerability (Update A) 2011-03-02Overview An independent security researcher has published information to a vulnerability disclosure website regarding a buffer overflow vulnerability in the Wonderware InBatch and I/A Series Batch software products (all supported versions). According to the researcher’s report, the service listening on TCP Port 9001 is vulnerable to a buffer overflow that could cause denial of service […]CISA
- ClearScada Vulnerabilities (Update A) 2011-02-15Overview Researchers at Digital Bond have identified multiple vulnerabilities in the Control Microsystems ClearSCADA application. The following vulnerabilities have been identified: Heap Overflow Vulnerability Cross-site Scripting Vulnerabilities Insecure Web Authentication. Affected Products The following ClearSCADA versions are affected: ClearSCADA 2005 (all versions) ClearSCADA 2007 (all versions) ClearSCADA 2009 (all versions except R2.3 and R1.4). --------- […]CISA
- McAfee Night Dragon Report (Update A) 2011-02-11Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain sensitive data from targeted organizations in the global oil, energy, and petrochemical industries. According to the report, this activity began in 2009 or potentially as early as 2007. […]CISA
- 7-Technologies IGSS 8 ODBC Server Remote Heap Corruption 2011-02-08Overview ICS-CERT has received a report from independent security researcher Jeremy Brown that a remote heap corruption vulnerability exists in IGSS (Interactive Graphical SCADA System) Version 8 from 7-Technologies (7T). 7T has verified the vulnerability and has developed a patch. Affected Products This vulnerability affects only IGSS Versions 8 and 9. Users can contact 7T […]CISA
- Federal Aviation Administration GPS Testing 2011-01-25Overview The US Federal Aviation Administration (FAA) has issued two flight advisories identifying planned Global Positioning System (GPS) temporary outages and the affected areas, due Department of Defense testing. During testing, the GPS signal may be unreliable or unavailable. ICS-CERT is issuing this advisory as a follow up to yesterday’s alert to notify industrial control […]CISA
- AGG SCADA Viewer OPC Buffer Overflow Vulnerability 2011-01-18Overview The ICS-CERT has received a report from independent security researcher Steven James that a stack-based buffer overflow exists in the AGG Software OPC SCADA Viewer software. The vulnerability could allow arbitrary code execution. ICS-CERT has coordinated with AGG Software, which has developed a patch to address this vulnerability. The researcher has also verified that […]CISA
- Sielco Sistemi WinLog Stack Overflow 2011-01-17Overview Independent researcher Luigi Auriemma reported a stack overflow vulnerability in Version 2.07.00 of the Sielco Sistemi WinLog Lite and Winlog Pro HMI software. Sielco Sistemi has developed an update (Version 2.07.01) to address this vulnerability. The researcher has verified that the update is effective in correcting this vulnerability. Affected Products This vulnerability affects all […]CISA
- WellinTech Kingview 6.53 Remote Heap Overflow 2011-01-17Overview This advisory is a follow-up to ICS-ALERT-11-011-01 WellinTech Kingview Buffer Overflow, published on the ICS-CERT Web site on January 11, 2011. Independent security researcher Dillon Beresford reported a heap overflow vulnerability in WellinTech KingView V6.53, which may allow a remote, unauthenticated attacker to execute arbitrary code. ICS-CERT has verified the vulnerability. WellinTech has developed […]CISA
- Advantech Studio Test Web Server Buffer Overflow 2011-01-02Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the test web server bundled with Advantech Studio Version 6.1. This web server is intended to be used for testing purposes and should not be used in a production environment. Advantech has verified the […]CISA
- Ecava IntegraXor Directory Traversal 2010-12-28Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow data leakage. ICS-CERT is currently in contact with representatives of Ecava who […]CISA
- Intellicom NetBiter WebSCADA Vulnerabilities (Update A) 2010-12-15OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data Acquisition (SCADA) applications. A directory traversal vulnerability is present in all affected devices that lead to […]CISA
- Ecava IntegraXor Buffer Overflow 2010-12-14Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow the execution of arbitrary code. Ecava has verified the claim and has released a patch to mitigate the vulnerability (igsetup-3.5.3900.10.msi or later). Affected Products […]CISA
- Automated Solutions OPC Vulnerability (Update) 2010-11-17Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server. Automated Solutions has confirmed that their most recent patch mitigates the vulnerability for Version 3.0.0. ICS-CERT has verified that the software update resolves the vulnerability identified by the […]CISA
- MOXA Device Manager Buffer Overflow (Update A) 2010-11-10Overview --------- Begin Update A Part 1 of 2 ---------- On October 20, 2010, an independent security researcher postedRubén Santamarta, http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=1, website last visited October 28, 2010. information regarding a vulnerability in MOXA Device Manager (MDM) Version 2.1. MOXA has confirmed this vulnerability and released Version 2.3 on November 11, 2010 to resolve this issue. […]CISA
- RealFlex RealWin Buffer Overflow 2010-11-08Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows, which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt, website last visited November 4, 2010. regarding vulnerabilities in RealFlex Technologies Ltd. RealWin SCADA software products. The security researcher’s analysis […]CISA
- Primary Stuxnet Advisory 2010-09-29OVERVIEW ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software (including Updates B & C) and ICSA-10-238-01 - Stuxnet Mitigations (including Update B). Stuxnet uses four zero-day exploits (two of which have been patched) and takes advantage of a vulnerability also […]CISA
ICS Medical Advisories
- Philips Xper-IM Connect Vulnerabilities 2022-11-25OVERVIEW Independent researchers Mike Ahmadi of Synopsys and Billy Rios of Whitescope LLC, in collaboration with Philips, have identified numerous vulnerabilities with an automated software composition analysis tool in the Philips Xper-IM Connect system running on Windows XP. Philips reports that the identified vulnerabilities can be addressed by upgrading the affected system to a newer […]CISA
- Abbott Laboratories Defibrillator 2022-11-251. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Abbott Laboratories Equipment: Implantable Cardioverter Defibrillator and Cardiac Synchronization Therapy Defibrillator Vulnerabilities: Improper Authentication and Improper Restriction of Power Consumption MedSec Holdings Ltd., has identified vulnerabilities in Abbott Laboratories’ (formerly St. Jude Medical) Implantable Cardioverter Defibrillator (ICD) and Cardiac Synchronization Therapy Defibrillator (CRT-D). Abbott has […]CISA
- Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B) 2022-11-251. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable Remotely / Low skill level to exploit / Public exploits are available Vendors: Silex Technology, GE Healthcare Equipment: SX-500, SD-320AN, MobileLink Vulnerabilities: Improper Authentication, OS Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSMA-18-128-01 Silex Technology SX-500/SD-320AN or GE […]CISA
- GE Medical Devices Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the HSIN ICS-CERT library on February 6, 2018, and is being released to the NCCIC/ICS-CERT website. Independent researcher Scott Erven submitted information regarding the potential use of default or hard-coded credentials in multiple GE Healthcare products. Following the researcher’s report, GE performed a self-assessment and validated that multiple […]CISA
- Philips iSite/IntelliSpace PACS Vulnerabilities (Update A) 2022-11-251. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code Vulnerabilities, Information Exposure, Code Injection, Weaknesses in OWASP Top Ten, and Improper Restriction of XML External Entity Reference […]CISA
- Ethicon Endo-Surgery Generator G11 Vulnerability 2022-11-25OVERVIEW Johnson & Johnson, the parent company of Ethicon Endo-Surgery, LLC, reported an improper authentication vulnerability in the Ethicon Endo-Surgery Generator Gen11. EthiconEndo-Surgery, LLC has produced updates that mitigate this vulnerability in the affected product. AFFECTED PRODUCTS The following versions of the Ethicon Endo-Surgery Generator Gen11 are affected: Ethicon Endo-Surgery Generator Gen11, all versions released […]CISA
- Vyaire Medical CareFusion Upgrade Utility Vulnerability 2022-11-25OVERVIEW Independent researcher Mark Cross (@xerubus) has identified an uncontrolled search path element vulnerability in Vyaire Medical’s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability. AFFECTED PRODUCTS The following versions of CareFusion Upgrade Utility, designed to upgrade compatible units to the latest software versions, are affected: CareFusion Upgrade Utility […]CISA
- B. Braun Medical SpaceCom Open Redirect Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the NCCIC Portal on March 23, 2017, and is being released to the ICS-CERT web site. Marc Ruef and Rocco Gagliardi of scip AG have identified an open redirect vulnerability in B. Braun Medical’s SpaceCom module, which is integrated into the SpaceStation docking station. B. Braun has produced […]CISA
- Siemens Molecular Imaging Vulnerabilities 2022-11-25OVERVIEW Siemens has identified two vulnerabilities in Siemens’ Molecular Imaging products running on Windows XP. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following products: Siemens PET/CT Systems: All Windows XP-based versions, Siemens SPECT/CT Systems: All Windows XP-based versions, Siemens […]CISA
- BD Alaris 8000 Insufficiently Protected Credentials Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. Becton, Dickinson and Company (BD) has identified an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care (PC) unit, which provides a common user interface for programming intravenous infusions. BD […]CISA
- BD Kiestra PerformA and KLA Journal Service Applications Hard-Coded Passwords Vulnerability 2022-11-25OVERVIEW Becton, Dickinson and Company (BD) has identified a hard-coded password vulnerability in BD’s Kiestra PerformA and KLA Journal Service applications that access the BD Kiestra Database. BD has produced compensating controls to reduce the risk of exploitation of the identified vulnerability by issuing product updates and defensive measures to be applied by end users. […]CISA
- St. Jude Merlin@home Transmitter Vulnerability (Update A) 2022-11-25OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-009-01 St. Jude Merlin@home Transmitter Vulnerability that was published January 9, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- MedSec Holdings has identified a channel accessible by nonendpoint (“man-in-the-middle”) vulnerability in St. Jude Medical's Merlin@home transmitter, […]CISA
- Smiths Medical CADD-Solis Medication Safety Software Vulnerabilities 2022-11-25OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Smiths Medical has reported two vulnerabilities in Smiths Medical’s CADD-Solis Medication Safety Software that were identified by Andrew Gothard of Newcastle Upon Tyne Hospitals NHS Foundations Trust. Smiths Medical has […]CISA
- Animas OneTouch Ping Insulin Pump Vulnerabilities 2022-11-25OVERVIEW Rapid7 has identified vulnerabilities in the cybersecurity of the Animas OneTouch Ping insulin pump system. Animas will not be releasing a patch or new version to mitigate these vulnerabilities. Animas has provided compensating controls to help reduce the risk associated with the exploitation of the identified vulnerabilities, and these compensating controls may impact device […]CISA
- Boston Scientific ZOOM LATITUDE PRM Vulnerabilities 2022-11-25OVERVIEW Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation. AFFECTED PRODUCTS The following ZOOM LATITUDE PRM versions are affected: ZOOM LATITUDE PRM – Model 3120, all versions. IMPACT Successful […]CISA
- Siemens Molecular Imaging Vulnerabilities 2022-11-25OVERVIEW Siemens has identified four vulnerabilities in Siemens’ Molecular Imaging products running on Windows 7. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available. AFFECTED PRODUCTS Siemens reports that the vulnerabilities affect the following products: Siemens PET/CT Systems: All […]CISA
- Philips IntelliSpace Cardiovascular System and Xcelera System Vulnerability 2022-11-25OVERVIEW Philips reported a vulnerability in the Philips’ IntelliSpace Cardiovascular and Xcelera cardiac image and information management systems. Philips has produced updates that mitigate this vulnerability in the affected products. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Philips reports that the vulnerability affects the following versions of the IntelliSpace Cardiovascular and Xcelera cardiac image […]CISA
- BMC Medical and 3B Medical Luna CPAP Machine 2022-11-25OVERVIEW MedSec has identified an improper input validation vulnerability in BMC Medical’s and 3B Medical’s Luna continuous positive airway pressure (CPAP) therapy machine. For devices released after July 1, 2017, this vulnerability has been addressed. For devices released prior to July 1, 2017, BMC Medical and 3B Medical offer no mitigations. AFFECTED PRODUCTS The following […]CISA
- Philips IntelliSpace Cardiovascular System Vulnerability 2022-11-25OVERVIEW Philips reported an insufficient session expiration vulnerability in the Philips’ IntelliSpace Cardiovascular cardiac image and information management systems. Philips is creating a software update to mitigate this vulnerability in the affected products. AFFECTED PRODUCTS Philips reports that the vulnerability affects the following versions of the IntelliSpace Cardiovascular: IntelliSpace Cardiovascular, Version 2.3.0 and prior. IMPACT […]CISA
- Philips' DoseWise Portal Vulnerabilities 2022-11-25OVERVIEW Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal (DWP) web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Philips DWP versions are affected: DoseWise Portal, Versions 1.1.7.333 and 2.1.1.3069 […]CISA
The Hacker News
- Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access 2026-01-30Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome
- China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware 2026-01-30Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale […]
- Badges, Bytes and Blackmail 2026-01-30Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in the crimescape? Introduction: One view on the scattered fight against cybercrime The growing sophistication and diversification of cybercrime have compelled law enforcement agencies worldwide to […]
- Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup 2026-01-30A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday. Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft […]
- SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score 2026-01-30SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0. "SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API
- Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released 2026-01-30Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog. The critical-severity vulnerabilities are listed below - CVE-2026-1281 (CVSS […]
- Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries 2026-01-29A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deployment has created a vast "unmanaged, publicly accessible layer of AI compute infrastructure" that spans 175,000 unique Ollama hosts across 130 countries. These systems, which span both cloud and residential networks across the world, operate outside the
- ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories 2026-01-29This week’s updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every day. Many of the stories point to the same trend: familiar tools being used in unexpected ways. Security controls are […]
- Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps 2026-01-29A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues that leave critical energy infrastructure vulnerable to cyber threats. The findings are based on
- 3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026 2026-01-29Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more costly risk: operational downtime, any amount of which translates into very real damage. That’s why for CISOs, it’s key to prioritize decisions that reduce dwell time and protect their company from risk. Three strategic steps you can take this year […]
- SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass 2026-01-29SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution (RCE). The list of vulnerabilities is as follows - CVE-2025-40536 (CVSS score: 8.1) - A security control bypass vulnerability that could allow an unauthenticated
- Google Disrupts IPIDEA — One of the World’s Largest Residential Proxy Networks 2026-01-29Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that end, the company said it took legal action to take down dozens of domains used to control devices and proxy traffic through them. As of […]
- Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware 2026-01-28Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts. The extension, named "ClawdBot Agent - AI Coding Assistant" ("clawdbot.clawdbot-agent")
- Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid 2026-01-28The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy
- Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution 2026-01-28Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the JFrog Security Research team, are listed below - CVE-2026-1470 (CVSS score: 9.9) - An eval injection vulnerability that could allow an authenticated user to bypass […]
- From Triage to Threat Hunts: How AI Accelerates SecOps 2026-01-28If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the idea of the "Autonomous SOC" and suggested a future where algorithms replaced analysts. That future has not arrived. We have not seen mass layoffs or empty security operations centers. We […]
- Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution 2026-01-28A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system. The vulnerability, tracked as CVE-2026-22709, carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system. "In vm2 for version 3.10.0, Promise.prototype.then […]
- Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks 2026-01-28Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints. The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against […]
- Password Reuse in Disguise: An Often-Missed Risky Workaround 2026-01-28When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. These attack methods continue to evolve and rightly command attention. However, one of the most persistent and underestimated risks to organizational security remains far more ordinary. Near-identical password reuse continues to slip past security controls, often
- Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 2026-01-28Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. "Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated