Blogs - Security
CVE / NIST CISA News CISA Blog Cybersecurity Advisories ICS Advisories ICS Medical Advisories 
Packet Storm Security 
The Hacker News 
NIST News
- Department of Commerce Announces Transition of Baldrige Performance Excellence Program 2025-12-11Beginning with the 2026 award cycle, the Alliance for Performance Excellence and the Baldrige Foundation will take on most operations for the program.Sarah Henderson
- What Time Is It on Mars? NIST Physicists Have the Answer. 2025-12-01This calculation is necessary for future space navigation and communication networks.Sarah Henderson
- Building a Sustainable Metals Infrastructure: NIST Report Highlights Key Strategies 2025-11-20Making metals processing more sustainable and resilient will support U.S industrial innovation and competitiveness.Sarah Henderson
- CAISI Evaluation of DeepSeek AI Models Finds Shortcomings and Risks 2025-09-30The Center for AI Standards and Innovation at NIST evaluated several leading models from DeepSeek, an AI company based in the People’s Republic of China.Sarah Henderson
- NIST Engineers Design 5 New Ways to Connect Concrete Pieces for More Resilient Buildings 2025-09-29One of the biggest challenges with precast concrete is connecting the concrete pieces at a job site.Sarah Henderson
- NIST Issues Broad Agency Announcement for Proposals to Advance Microelectronics Technologies 2025-09-24The CHIPS for America funding opportunity will support critical research, prototyping and commercial solutions that advance microelectronics technology in the United States.Sarah Henderson
- NIST Awards More Than $3 Million to Support Cybersecurity Workforce Development Across 13 States 2025-09-17There are currently more than 514,000 cybersecurity job openings in the U.S.Sarah Henderson
- In Quantum Sensing, What Beats Beating Noise? Meeting Noise Halfway. 2025-09-10A team including scientists at NIST may have found a new way of dealing with noise at the microscopic scales where quantum physics reigns.Sarah Henderson
- Champlain Towers South Investigation Nears Completion of Technical Work 2025-09-09Investigators share likely failure scenarios, advance indicators of building’s distress.Sarah Henderson
- NIST’s ‘Living Reference Material’ Could Accelerate R&D of Lifesaving Biological Drugs 2025-09-08The NIST reference material, called NISTCHO, will help the biopharmaceutical industry develop new drugs more quickly and ensure that they are safe and effective.Sarah Henderson
- Some Air Cleaners Release Harmful By-Products. Now We Have a Way to Measure Them. 2025-09-02Many types of air cleaners can generate small amounts of air pollution. Until now, there was no standard way to measure these negative by-products.Sarah Henderson
- NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases 2025-08-27The catalog revision is part of NIST’s response to a recent executive order on strengthening the nation’s cybersecurity.Sarah Henderson
- New Technique for Measuring DNA Damage Could Improve Cancer Therapy and Radiological Emergency Response 2025-08-21The technology, which may someday be as portable as a smartphone, promises faster and more accurate measurements of radiation exposure, potentially saving lives in critical situations.Sarah Henderson
- NIST Researchers Develop More Accurate Formula for Measuring Particle Concentration 2025-08-20The new method will be useful in various fields, including nanomedicine, food science, environmental science and advanced manufacturing.Sarah Henderson
- NIST Guidelines Can Help Organizations Detect Face Photo Morphs, Deter Identity Fraud 2025-08-18Face morphing software, which combines photos of different people into a single image, is being used to commit identity fraud.Sarah Henderson
- NIST Awards Over $1.8 Million to Small Businesses Advancing AI, Semiconductors, Additive Manufacturing and More 2025-08-18The winning projects were competitively selected following a call for innovative proposals that address technical needs related to NIST’s research areas.Sarah Henderson
- NIST Finalizes ‘Lightweight Cryptography’ Standard to Protect Small Devices 2025-08-13Four related algorithms are now ready for use to protect data created and transmitted by the Internet of Things and other electronics.Sarah Henderson
- NIST to Provide Updates on Construction Safety Team Investigations in September Advisory Committee Meeting 2025-08-06The public meetings will include updates on NIST’s investigations into the impacts of Hurricane Maria and the partial collapse of the Champlain Towers South.Sarah Henderson
- New NIST Reference Material to Strengthen Quality Control for Biological Drugs 2025-07-31Impurities in these drugs can cause undesirable immune responses in patients and can significantly drive up costs for drug manufacturers.Sarah Henderson
- NIST Consortium and Draft Guidelines Aim to Improve Security in Software Development 2025-07-30NIST is soliciting comments from the public on the draft until Sept. 12, and the agency is planning a virtual event to showcase the project and gather feedback on Aug. 27.Sarah Henderson
NIST Events
- 19th Annual NICE Conference and Expo 2028-06-05The NICE Conference and Expo will take place June 5-7, 2028. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 18th Annual NICE Conference and Expo 2027-06-07The NICE Conference and Expo will take place June 7-9, 2027. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2068 Mass Metrology Seminar 2026-10-19The Mass Metrology Seminar is a two-week, "hands-on" seminar. It incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying procedures and equationsYvonne A. Branden
- 2083 MidAmerica Measurement Assurance Program, MidMAP** 2026-09-22NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- NIST Small Business Community of Interest Quarterly Calls 2026-09-16NIST's Small Business Cybersecurity Community of Interest (COI) has been established to convene the public and private sectors to share business insights, expertise, challenges, and perspectives to guide our work and assist NIST in addressing theVontress Henderson
- 2082 Southwest Assurance Program, SWAP** 2026-09-01NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2064 Calibration Method Validation 2026-08-13This 2-hour webinar on Calibration Method Validation will examine the ISO/IEC 17025:2017 requirements for selection of calibration methods and for method validation and provide guidance on developing a process for validating a new or modifiedYvonne A. Branden
- 2070 Balance and Scale Calibration and Uncertainties 2026-08-03This 4-day seminar will cover the calibration and use of analytical weighing instruments (balances and laboratory/bench-top scales), including sources of weighing errors in analytical environments, methodologies for quantifying the errors, andYvonne A. Branden
- 2066 Fundamentals of Metrology 2026-07-27The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assurance, traceabilityYvonne A. Branden
- 2063 State Laboratory Annual Submission Process 2026-07-16The State Laboratory Annual Submission Process webinar provides guidance on how to successfully submit all required materials to develop a complete and timely Recognition Application according to NIST Handbook (HB) 143, State Weights and MeasuresYvonne A. Branden
- 2065 Volume Metrology Seminar 2026-07-06The 5-day OWM Volume Metrology Seminar is designed to enable metrologists to apply fundamental measurement concepts to volume calibrations. A large percentage of time is spent on hands-on measurements, applying procedures and equations discussed inYvonne A. Branden
- 2062 Documenting Traceability and Calibration Intervals 2026-06-25This 2-hour webinar covers the essential elements of metrological traceability and the documentary evidence required to support traceability and calibration intervals. It uses NISTIR 6969, GMP 11, and GMP 13 as the baseline for instructions and alsoYvonne A. Branden
- NIST Small Business Community of Interest Quarterly Calls 2026-06-10NIST's Small Business Cybersecurity Community of Interest (COI) has been established to convene the public and private sectors to share business insights, expertise, challenges, and perspectives to guide our work and assist NIST in addressing theVontress Henderson
- 2080 Northeastern Measurement Assurance Program, NEMAP** 2026-06-09NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 17th Annual NICE Conference and Expo 2026-06-01The NICE Conference and Expo will take place June 1-3, 2026. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2059 Basic Uncertainty Concepts 2026-05-28This 2-hour webinar provides a very basic introduction to uncertainty calculations and reporting using the 8-step process published in NIST SOP 29 (NISTIR 6969), beginning with some definitions and concepts from the Guide to the Expression ofYvonne A. Branden
- 2081 Western Regional Assurance Program, WRAP** 2026-05-05NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2056 Fundamentals of Metrology 2026-04-20The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assurance, traceabilityYvonne A. Branden
- 2079 Southeast Measurement Assurance Program, SEMAP** 2026-03-24NIST Handbook 143, Program Handbook (2019) details the criteria used for OWM Laboratory Recognition. NIST Handbook 143, Section 4 and Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory RecognitionPamela L Corey
- 2057 Mass Metrology Seminar 2026-03-02The two-week Mass Metrology Seminar is a "hands-on" seminar that incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying procedures and equationsYvonne A. Branden
CISA Blog
- Protecting Your Privacy 2009-07-29Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should explain how the information will be used and whether or not the information will be distributed to other organizations.CISA
- Protecting Against Malicious Code 2009-07-14What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.CISA
- Understanding Anti-Virus Software 2009-06-30Keep anti-virus software up to date to help protect your systems and information.CISA
- Good Security Habits 2009-06-02There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.CISA
- Choosing and Protecting Passwords 2009-05-21Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords.CISA
- 2009 National Infrastructure Protection Plan Released 2009-03-06Risk management and stakeholder engagement are key elements of TSA's surface transportation initiatives. Unlike in aviation, where TSA has employees performing security functions, we utilize stakeholder partnerships, grant funding and rulemaking to enhance security in surface modes.CISA
- Recovering from Viruses, Worms, and Trojan Horses 2008-03-19If your computer gets infected with malicious code, there are steps you can take to recover.CISA
- Evaluating Your Web Browser's Security Settings 2008-01-09The security settings within your browser are an important safeguard.CISA
- Securing Network Infrastructure Devices 2006-09-06Learn about the threats and risks associated with network infrastructure devices and how you can protect your network from cyber-attacks.CISA
- Safeguarding Your Data 2006-09-06Protect both your personal and work-related data.CISA
CISA Blog
- Protecting Your Privacy 2009-07-29Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should explain how the information will be used and whether or not the information will be distributed to other organizations.CISA
- Protecting Against Malicious Code 2009-07-14What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.CISA
- Understanding Anti-Virus Software 2009-06-30Keep anti-virus software up to date to help protect your systems and information.CISA
- Good Security Habits 2009-06-02There are some simple habits you can adopt that, if performed consistently, may dramatically reduce the chances that the information on your computer will be lost or corrupted.CISA
- Choosing and Protecting Passwords 2009-05-21Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords.CISA
- 2009 National Infrastructure Protection Plan Released 2009-03-06Risk management and stakeholder engagement are key elements of TSA's surface transportation initiatives. Unlike in aviation, where TSA has employees performing security functions, we utilize stakeholder partnerships, grant funding and rulemaking to enhance security in surface modes.CISA
- Recovering from Viruses, Worms, and Trojan Horses 2008-03-19If your computer gets infected with malicious code, there are steps you can take to recover.CISA
- Evaluating Your Web Browser's Security Settings 2008-01-09The security settings within your browser are an important safeguard.CISA
- Securing Network Infrastructure Devices 2006-09-06Learn about the threats and risks associated with network infrastructure devices and how you can protect your network from cyber-attacks.CISA
- Safeguarding Your Data 2006-09-06Protect both your personal and work-related data.CISA
ICS Advisories
- Siemens Tecnomatix FactoryLink Vulnerabilities (Update A) 2011-04-05Overview This ICS-CERT Advisory is a follow-up to ICS-ALERT-11-080-01. An independent researcher has identified six vulnerabilities in the Siemens Tecnomatix FactoryLink supervisory control and data acquisition (SCADA) product. The researcher has also publicly released exploit code. The researcher identified the following vulnerabilities types: Buffer overflow (2 vul) Absolute Path Traversal (3 vul) NULL Pointer Dereference […]CISA
- Solar Magnetic Storm Impact on Control Systems 2011-03-26Overview The sun generates solar flare and coronal mass ejection (CME) events in an approximate 11-year cycle. The plasma clouds generated from these events have the potential to cause geomagnetic storms that can interfere with terrestrial communications and other electronic systems, posing a risk to critical infrastructure.In a recent case, Earth-orbiting satellites detected the strongest […]CISA
- Ecava IntegraXor SQL 2011-03-23Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research (VSR) of an unauthenticated Structured Query Language (SQL) vulnerability in the Ecava IntegraXor human machine interface (HMI) product that could allow data leakage, data manipulation, and remote code execution against the backend host running the database service. ICS-CERT has […]CISA
- WellinTech KingView 6.53 KVWebSvr ActiveX 2011-03-15Overview This advisory is a follow-up to ICS-ALERT-11-066-01 - WellinTech KingView 6.53 ActiveX Vulnerability, published on the ICS-CERT Web page on March 7, 2011. An independent security researcher reported a stack-based buffer overflow vulnerability in an ActiveX control in WellinTech KingView V6.53. The researcher has publicly released exploit code for this vulnerability. Successful exploitation of […]CISA
- Wonderware InBatch Vulnerability (Update A) 2011-03-02Overview An independent security researcher has published information to a vulnerability disclosure website regarding a buffer overflow vulnerability in the Wonderware InBatch and I/A Series Batch software products (all supported versions). According to the researcher’s report, the service listening on TCP Port 9001 is vulnerable to a buffer overflow that could cause denial of service […]CISA
- ClearScada Vulnerabilities (Update A) 2011-02-15Overview Researchers at Digital Bond have identified multiple vulnerabilities in the Control Microsystems ClearSCADA application. The following vulnerabilities have been identified: Heap Overflow Vulnerability Cross-site Scripting Vulnerabilities Insecure Web Authentication. Affected Products The following ClearSCADA versions are affected: ClearSCADA 2005 (all versions) ClearSCADA 2007 (all versions) ClearSCADA 2009 (all versions except R2.3 and R1.4). --------- […]CISA
- McAfee Night Dragon Report (Update A) 2011-02-11Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain sensitive data from targeted organizations in the global oil, energy, and petrochemical industries. According to the report, this activity began in 2009 or potentially as early as 2007. […]CISA
- 7-Technologies IGSS 8 ODBC Server Remote Heap Corruption 2011-02-08Overview ICS-CERT has received a report from independent security researcher Jeremy Brown that a remote heap corruption vulnerability exists in IGSS (Interactive Graphical SCADA System) Version 8 from 7-Technologies (7T). 7T has verified the vulnerability and has developed a patch. Affected Products This vulnerability affects only IGSS Versions 8 and 9. Users can contact 7T […]CISA
- Federal Aviation Administration GPS Testing 2011-01-25Overview The US Federal Aviation Administration (FAA) has issued two flight advisories identifying planned Global Positioning System (GPS) temporary outages and the affected areas, due Department of Defense testing. During testing, the GPS signal may be unreliable or unavailable. ICS-CERT is issuing this advisory as a follow up to yesterday’s alert to notify industrial control […]CISA
- AGG SCADA Viewer OPC Buffer Overflow Vulnerability 2011-01-18Overview The ICS-CERT has received a report from independent security researcher Steven James that a stack-based buffer overflow exists in the AGG Software OPC SCADA Viewer software. The vulnerability could allow arbitrary code execution. ICS-CERT has coordinated with AGG Software, which has developed a patch to address this vulnerability. The researcher has also verified that […]CISA
- Sielco Sistemi WinLog Stack Overflow 2011-01-17Overview Independent researcher Luigi Auriemma reported a stack overflow vulnerability in Version 2.07.00 of the Sielco Sistemi WinLog Lite and Winlog Pro HMI software. Sielco Sistemi has developed an update (Version 2.07.01) to address this vulnerability. The researcher has verified that the update is effective in correcting this vulnerability. Affected Products This vulnerability affects all […]CISA
- WellinTech Kingview 6.53 Remote Heap Overflow 2011-01-17Overview This advisory is a follow-up to ICS-ALERT-11-011-01 WellinTech Kingview Buffer Overflow, published on the ICS-CERT Web site on January 11, 2011. Independent security researcher Dillon Beresford reported a heap overflow vulnerability in WellinTech KingView V6.53, which may allow a remote, unauthenticated attacker to execute arbitrary code. ICS-CERT has verified the vulnerability. WellinTech has developed […]CISA
- Advantech Studio Test Web Server Buffer Overflow 2011-01-02Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the test web server bundled with Advantech Studio Version 6.1. This web server is intended to be used for testing purposes and should not be used in a production environment. Advantech has verified the […]CISA
- Ecava IntegraXor Directory Traversal 2010-12-28Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow data leakage. ICS-CERT is currently in contact with representatives of Ecava who […]CISA
- Intellicom NetBiter WebSCADA Vulnerabilities (Update A) 2010-12-15OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data Acquisition (SCADA) applications. A directory traversal vulnerability is present in all affected devices that lead to […]CISA
- Ecava IntegraXor Buffer Overflow 2010-12-14Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow the execution of arbitrary code. Ecava has verified the claim and has released a patch to mitigate the vulnerability (igsetup-3.5.3900.10.msi or later). Affected Products […]CISA
- Automated Solutions OPC Vulnerability (Update) 2010-11-17Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server. Automated Solutions has confirmed that their most recent patch mitigates the vulnerability for Version 3.0.0. ICS-CERT has verified that the software update resolves the vulnerability identified by the […]CISA
- MOXA Device Manager Buffer Overflow (Update A) 2010-11-10Overview --------- Begin Update A Part 1 of 2 ---------- On October 20, 2010, an independent security researcher postedRubén Santamarta, http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=1, website last visited October 28, 2010. information regarding a vulnerability in MOXA Device Manager (MDM) Version 2.1. MOXA has confirmed this vulnerability and released Version 2.3 on November 11, 2010 to resolve this issue. […]CISA
- RealFlex RealWin Buffer Overflow 2010-11-08Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows, which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt, website last visited November 4, 2010. regarding vulnerabilities in RealFlex Technologies Ltd. RealWin SCADA software products. The security researcher’s analysis […]CISA
- Primary Stuxnet Advisory 2010-09-29OVERVIEW ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software (including Updates B & C) and ICSA-10-238-01 - Stuxnet Mitigations (including Update B). Stuxnet uses four zero-day exploits (two of which have been patched) and takes advantage of a vulnerability also […]CISA
ICS Medical Advisories
- Philips Xper-IM Connect Vulnerabilities 2022-11-25OVERVIEW Independent researchers Mike Ahmadi of Synopsys and Billy Rios of Whitescope LLC, in collaboration with Philips, have identified numerous vulnerabilities with an automated software composition analysis tool in the Philips Xper-IM Connect system running on Windows XP. Philips reports that the identified vulnerabilities can be addressed by upgrading the affected system to a newer […]CISA
- Abbott Laboratories Defibrillator 2022-11-251. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Abbott Laboratories Equipment: Implantable Cardioverter Defibrillator and Cardiac Synchronization Therapy Defibrillator Vulnerabilities: Improper Authentication and Improper Restriction of Power Consumption MedSec Holdings Ltd., has identified vulnerabilities in Abbott Laboratories’ (formerly St. Jude Medical) Implantable Cardioverter Defibrillator (ICD) and Cardiac Synchronization Therapy Defibrillator (CRT-D). Abbott has […]CISA
- Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B) 2022-11-251. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable Remotely / Low skill level to exploit / Public exploits are available Vendors: Silex Technology, GE Healthcare Equipment: SX-500, SD-320AN, MobileLink Vulnerabilities: Improper Authentication, OS Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSMA-18-128-01 Silex Technology SX-500/SD-320AN or GE […]CISA
- GE Medical Devices Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the HSIN ICS-CERT library on February 6, 2018, and is being released to the NCCIC/ICS-CERT website. Independent researcher Scott Erven submitted information regarding the potential use of default or hard-coded credentials in multiple GE Healthcare products. Following the researcher’s report, GE performed a self-assessment and validated that multiple […]CISA
- Philips iSite/IntelliSpace PACS Vulnerabilities (Update A) 2022-11-251. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code Vulnerabilities, Information Exposure, Code Injection, Weaknesses in OWASP Top Ten, and Improper Restriction of XML External Entity Reference […]CISA
- Ethicon Endo-Surgery Generator G11 Vulnerability 2022-11-25OVERVIEW Johnson & Johnson, the parent company of Ethicon Endo-Surgery, LLC, reported an improper authentication vulnerability in the Ethicon Endo-Surgery Generator Gen11. EthiconEndo-Surgery, LLC has produced updates that mitigate this vulnerability in the affected product. AFFECTED PRODUCTS The following versions of the Ethicon Endo-Surgery Generator Gen11 are affected: Ethicon Endo-Surgery Generator Gen11, all versions released […]CISA
- Vyaire Medical CareFusion Upgrade Utility Vulnerability 2022-11-25OVERVIEW Independent researcher Mark Cross (@xerubus) has identified an uncontrolled search path element vulnerability in Vyaire Medical’s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability. AFFECTED PRODUCTS The following versions of CareFusion Upgrade Utility, designed to upgrade compatible units to the latest software versions, are affected: CareFusion Upgrade Utility […]CISA
- B. Braun Medical SpaceCom Open Redirect Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the NCCIC Portal on March 23, 2017, and is being released to the ICS-CERT web site. Marc Ruef and Rocco Gagliardi of scip AG have identified an open redirect vulnerability in B. Braun Medical’s SpaceCom module, which is integrated into the SpaceStation docking station. B. Braun has produced […]CISA
- Siemens Molecular Imaging Vulnerabilities 2022-11-25OVERVIEW Siemens has identified two vulnerabilities in Siemens’ Molecular Imaging products running on Windows XP. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following products: Siemens PET/CT Systems: All Windows XP-based versions, Siemens SPECT/CT Systems: All Windows XP-based versions, Siemens […]CISA
- BD Alaris 8000 Insufficiently Protected Credentials Vulnerability 2022-11-25OVERVIEW This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. Becton, Dickinson and Company (BD) has identified an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care (PC) unit, which provides a common user interface for programming intravenous infusions. BD […]CISA
- BD Kiestra PerformA and KLA Journal Service Applications Hard-Coded Passwords Vulnerability 2022-11-25OVERVIEW Becton, Dickinson and Company (BD) has identified a hard-coded password vulnerability in BD’s Kiestra PerformA and KLA Journal Service applications that access the BD Kiestra Database. BD has produced compensating controls to reduce the risk of exploitation of the identified vulnerability by issuing product updates and defensive measures to be applied by end users. […]CISA
- St. Jude Merlin@home Transmitter Vulnerability (Update A) 2022-11-25OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-009-01 St. Jude Merlin@home Transmitter Vulnerability that was published January 9, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- MedSec Holdings has identified a channel accessible by nonendpoint (“man-in-the-middle”) vulnerability in St. Jude Medical's Merlin@home transmitter, […]CISA
- Smiths Medical CADD-Solis Medication Safety Software Vulnerabilities 2022-11-25OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Smiths Medical has reported two vulnerabilities in Smiths Medical’s CADD-Solis Medication Safety Software that were identified by Andrew Gothard of Newcastle Upon Tyne Hospitals NHS Foundations Trust. Smiths Medical has […]CISA
- Animas OneTouch Ping Insulin Pump Vulnerabilities 2022-11-25OVERVIEW Rapid7 has identified vulnerabilities in the cybersecurity of the Animas OneTouch Ping insulin pump system. Animas will not be releasing a patch or new version to mitigate these vulnerabilities. Animas has provided compensating controls to help reduce the risk associated with the exploitation of the identified vulnerabilities, and these compensating controls may impact device […]CISA
- Boston Scientific ZOOM LATITUDE PRM Vulnerabilities 2022-11-25OVERVIEW Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation. AFFECTED PRODUCTS The following ZOOM LATITUDE PRM versions are affected: ZOOM LATITUDE PRM – Model 3120, all versions. IMPACT Successful […]CISA
- Siemens Molecular Imaging Vulnerabilities 2022-11-25OVERVIEW Siemens has identified four vulnerabilities in Siemens’ Molecular Imaging products running on Windows 7. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available. AFFECTED PRODUCTS Siemens reports that the vulnerabilities affect the following products: Siemens PET/CT Systems: All […]CISA
- Philips IntelliSpace Cardiovascular System and Xcelera System Vulnerability 2022-11-25OVERVIEW Philips reported a vulnerability in the Philips’ IntelliSpace Cardiovascular and Xcelera cardiac image and information management systems. Philips has produced updates that mitigate this vulnerability in the affected products. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Philips reports that the vulnerability affects the following versions of the IntelliSpace Cardiovascular and Xcelera cardiac image […]CISA
- BMC Medical and 3B Medical Luna CPAP Machine 2022-11-25OVERVIEW MedSec has identified an improper input validation vulnerability in BMC Medical’s and 3B Medical’s Luna continuous positive airway pressure (CPAP) therapy machine. For devices released after July 1, 2017, this vulnerability has been addressed. For devices released prior to July 1, 2017, BMC Medical and 3B Medical offer no mitigations. AFFECTED PRODUCTS The following […]CISA
- Philips IntelliSpace Cardiovascular System Vulnerability 2022-11-25OVERVIEW Philips reported an insufficient session expiration vulnerability in the Philips’ IntelliSpace Cardiovascular cardiac image and information management systems. Philips is creating a software update to mitigate this vulnerability in the affected products. AFFECTED PRODUCTS Philips reports that the vulnerability affects the following versions of the IntelliSpace Cardiovascular: IntelliSpace Cardiovascular, Version 2.3.0 and prior. IMPACT […]CISA
- Philips' DoseWise Portal Vulnerabilities 2022-11-25OVERVIEW Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal (DWP) web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Philips DWP versions are affected: DoseWise Portal, Versions 1.1.7.333 and 2.1.1.3069 […]CISA
The Hacker News
- CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks 2025-12-13The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. CVE-2018-4063 (CVSS score: 8.8/9.9) refers to an unrestricted file upload vulnerability that could be exploited to achieve remote code
- Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild 2025-12-13Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. The vulnerabilities are listed below - […]
- Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads 2025-12-12Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing
- New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale 2025-12-12Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale. BlackForce, first detected in August 2025, is designed to steal credentials and perform Man-in-the-Browser (MitB) attacks to capture one-time passwords (OTPs) and bypass multi-factor authentication (MFA). The kit
- Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work 2025-12-12The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the power of GenAI to draft emails, summarize documents, work on code, and analyze data, often by copying/pasting sensitive information directly into prompts or uploading files. […]
- New React RSC Vulnerabilities Enable DoS and Source Code Exposure 2025-12-12The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team said the issues were found by the security community while attempting to exploit the patches released for CVE-2025-55182 (CVSS score: 10.0), a critical […]
- React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation 2025-12-12The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation. The critical vulnerability, tracked as CVE-2025-55182 (CVSS score: 10.0), affects the React Server Components (RSC) Flight protocol. The underlying cause of the issue is an unsafe deserialization
- CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog 2025-12-12The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-58360 (CVSS score: 8.2), an unauthenticated XML External Entity (XXE) flaw that affects all versions prior […]
- ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories 2025-12-11This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life […]
- NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems 2025-12-11Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed FINALDRAFT (aka Squidoor) that employs Microsoft Graph API for C2. FINALDRAFT is attributed to a
- The Impact of Robotic Process Automation (RPA) on Identity and Access Management 2025-12-11As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber
- WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor 2025-12-11An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020. Palo Alto Networks Unit 42 is tracking the activity cluster under the name Ashen Lepus. Artifacts uploaded to the VirusTotal platform show that […]
- Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks 2025-12-11A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix […]
- Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw 2025-12-11Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other disclosures, Google has opted to keep information about the CVE […]
- Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution 2025-12-11Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. "Threat actors can potentially abuse this as a way to access the web.config file, opening the door for deserialization and remote code execution," security researcher […]
- React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors 2025-12-10React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress. This includes a Linux backdoor called PeerBlight, a reverse proxy tunnel named CowTunnel, and a Go-based
- .NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL 2025-12-10New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the "invalid cast vulnerability" SOAPwn, said the issue impacts Barracuda Service Center RMM, Ivanti Endpoint Manager (EPM), and Umbraco 8. But the number of affected vendors is likely […]
- Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling 2025-12-10Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE) protocol specification that could expose a local attacker to serious risks. The flaws impact PCIe Base Specification Revision 5.0 and onwards in the protocol mechanism introduced by the IDE Engineering Change Notice (ECN), according to the PCI […]
- Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes 2025-12-10Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code. Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly how these attacks happen in the real world. […]
- Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups 2025-12-10The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-6218 (CVSS score: 7.8), is a path traversal bug that could enable code execution. However, for exploitation