Blogs - Security








NIST News
- NIST Updates Critical Wildfire Evacuation and Sheltering Guidance 2025-04-24The ESCAPE report redefines how to save lives in the face of fast-moving wildfires.Sarah Henderson
- NIST’s Curved Neutron Beams Could Deliver Benefits Straight to Industry 2025-04-17In a physics first, a team including scientists from the National Institute of Standards and Technology (NIST) has created a way to make beams of neutrons travel in curves. These Airy beams (named for English scientist George Airy), which the teamMegan King
- NIST Updates Privacy Framework, Tying It to Recent Cybersecurity Guidelines 2025-04-14Targeted changes to content and structure respond to stakeholder needs and make the document easier to use.Sarah Henderson
- Champlain Towers South Investigation Team Provides Update to Structural Engineers 2025-04-11This outreach will help ensure that the team’s findings and recommendations lead to improvements to codes, standards and practices that can prevent similar tragedies from occurring in the future.Sarah Henderson
- Rare Crystal Shape Found to Increase the Strength of 3D-Printed Metal 2025-04-07NIST researchers have found special atomic patterns called quasicrystals in 3D-printed aluminum alloys.Sarah Henderson
- NIST Releases Reference Material to Aid Gut Microbiome Research 2025-03-17Researchers hope this material will help usher in a new era of diagnostics and treatments involving the gut microbiome.Sarah Henderson
- NIST Researchers Develop Material for Measuring Arsenic in Shellfish 2025-03-13NIST’s new standard reference material will help ensure that geoduck clams and other shellfish are safe to eat.Sarah Henderson
- NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption 2025-03-11The new algorithm will serve as a backup for the general encryption needed to protect data from quantum computers developed in the future.Sarah Henderson
- NIST Finalizes Guidelines for Evaluating ‘Differential Privacy’ Guarantees to De-Identify Data 2025-03-06Using differential privacy can help organizations glean useful insights from databases while protecting individuals’ data.Sarah Henderson
- NIST Report to Congress Provides Update on Champlain Towers South Investigation 2025-02-05The report notes that the team has completed all experimental work on the physical evidence from the building’s structural elements.Sarah Henderson
- New Atom-Based Thermometer Measures Temperature More Accurately 2025-01-23This atomic thermometer provides accurate measurements “out of the box” because it relies on the basic principles of quantum physics.Sarah Henderson
- Novel ‘Quantum Refrigerator’ Is Great at Erasing Quantum Computer’s Chalkboard 2025-01-09Quantum computers need a "clean" workspace, and a team including scientists at NIST has found a way to make one.Sarah Henderson
- NIST Database Can Help Increase Recycling of Textiles and Clothing 2025-01-07Picture this: You have a bag of heavily used clothes that can no longer be donated taking up space in your closet, so you drop it off at your local recycling center. But what happens to that bag of clothes? You might assume that the clothes would getSarah Henderson
- Study Highlights Need for Standardized Measurement Methods in Gene Therapy 2025-01-06Scientists looked at multiple techniques used to measure the modified viruses deployed in some gene therapy research and treatments.Sarah Henderson
- Biden-Harris Administration Awards Semiconductor Research Corporation Manufacturing Consortium Corporation $285M for New CHIPS Manufacturing USA Institute for Digital Twins, Headquartered in North Carolina 2025-01-03Today, the U.S. Department of Commerce announced that CHIPS for America awarded the Semiconductor Research Corporation Manufacturing Consortium Corporation (SRC) $285 million to establish and operate a CHIPS Manufacturing USA institute headquarteredJoy Antwi
- NIST Develops Genetic Material for Validating H5N1 Bird Flu Diagnostic Tests 2025-01-02To bolster the nation’s preparedness for a pandemic, the National Institute of Standards and Technology (NIST) has developed a synthetic, nonhazardous genetic material to support the development and validation of diagnostic tests for the H5N1 virusMegan King
- PFAS Found in Firefighter Gloves, Hoods and Wildland Gear 2024-12-17The amount of PFAS in each sample varied greatly, so it may be possible to design gear that reduces exposure.Sarah Henderson
- 3 NIST Researchers Receive Presidential Rank Awards 2024-12-05All three were awarded the “Distinguished Rank,” the highest category of Presidential Rank Awards.Sarah Henderson
- NIST Transfers Evidence From Champlain Towers South to Miami-Dade Police Department 2024-11-21The National Construction Safety Team has reached an important milestone in its investigation into the 2021 partial collapse of Champlain Towers South.Sarah Henderson
- FACT SHEET: U.S. Department of Commerce & U.S. Department of State Launch the International Network of AI Safety Institutes at Inaugural Convening in San Francisco 2024-11-20San Francisco, California – Today the U.S. Department of Commerce and U.S. Department of State are co-hosting the inaugural convening of the International Network of AI Safety Institutes, a new global effort to advance the science of AI safety andVictoria Ballagh
NIST Events
- 17th Annual NICE Conference and Expo 2026-06-01The NICE Conference and Expo will take place June 1-3, 2026. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 2059 Basic Uncertainty Concepts 2026-05-28Class Description This 2-hour webinar provides a very basic introduction to uncertainty calculations and reporting using the 8-step process published in NIST SOP 29 (NISTIR 6969), beginning with some definitions and concepts from the Guide to theYvonne A. Branden
- 2056 Fundamentals of Metrology 2026-04-06Class Description The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurement assuranceYvonne A. Branden
- 2057 Mass Metrology Seminar 2026-03-02The two-week Mass Metrology Seminar is a "hands-on" seminar that incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying procedures and equationsYvonne A. Branden
- 2058 Document Control and Record Keeping 2026-02-12Class Description Managing controlled documents and records are essential calibration laboratory processes. This 2-hour webinar will introduce the fundamentals of Laboratory Management System Document Control and Record Keeping that are necessary toYvonne A. Branden
- 2055 Fundamentals of Metrology 2026-01-26Course Description The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurementYvonne A. Branden
- 11th Annual NICE K12 Cybersecurity Education Conference 2025-12-08The next NICE K12 Cybersecurity Education Conference will take place December 8-9, 2025 in Nashville, Tennessee. This event is supported by NICE, a program of the National Institute of Standards and Technology in the U.S. Department of CommerceSusana Barraza
- 2054 Mass Metrology Seminar 2025-10-27Course Description The Mass Metrology Seminar is a two-week, "hands-on" seminar. It incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying proceduresYvonne A. Branden
- NIST OWM Info Hour: Proficiency Testing Program for U.S. State Weights and Measures Laboratories 2025-10-16This Info Hour will provide attendees with an overview of OWM’s proficiency testing (PT) program, describe how the program operates, and demonstrate the vital role it plays in evaluating the competency and traceability of participating laboratories’Yvonne A. Branden
- 72 Volume Metrology Seminar 2025-09-22The 5-day OWM Volume Metrology Seminar is designed to enable metrologists to apply fundamental measurement concepts to volume calibrations. A large percentage of time is spent on hands-on measurements, applying procedures and equations discussed inYvonne A. Branden
- NIST OWM Info Hour: OWM Study Results on the Use of a Portable Digital Density Meter as a Field Inspection Device 2025-09-18The current NIST Handbook 133 test procedure for testing liquid food packages uses a gravimetric method to determine the density of the liquid. Determining the density gravimetrically can be very time-consuming and could result in reduced inspectionsYvonne A. Branden
- 73 Fundamentals of Metrology 2025-09-15Course Description The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurementYvonne A. Branden
- ANSI/NIST-ITL Update Workshop 2025-08-25Join us virtually for a directed discussion of the ANSI/NIST-ITL 1-2025 standard update. We will review, discuss, and vote on the results of the expert working groups, including adding support for contactless fingerprints, redesigning the DNA recordCrissy Robinson
- Additive Construction – The Path to Standardization Continues III 2025-08-18The event, Additive Construction – The Path to Standardization Continues, will bring together industry and academic stakeholders to discuss gaps in the current standard documents and how the gaps can be filled. Building on previous engagements, thisPauline Truong
- NIST Small Business Cybersecurity Webinar: Protecting Your Small Business from Phishing Risks 2025-08-14Phishing is one of the most common types of cyber crime. These scams use convincing emails or other messages, such as text messages or social media messages, to trick users into opening harmful links, downloading malicious software, or submittingNicole Keller
- 75 Contract Review 2025-08-14Class Description This two-hour webinar will consider internal auditing techniques and best practices used by a metrology laboratory to comply with ISO/IEC 17025:2017 criteria.Yvonne A. Branden
- Pulsed Laser Metrology Workshop 2025-08-06The National Institute of Standards and Technology is sponsoring a one-and-a-half-day workshop bringing together international experts from industry, academia, and government organizations to identify key optical metrology needs for extreme pulsedCrissy Robinson
- 2025 NIST Time and Frequency Seminar 2025-07-29NIST Time and Frequency Division's annual seminar covers precision clocks and oscillators, atomic frequency standards, rf and optical synchronization, optical oscillators, quantum information, optical cooling and heating; making precise frequencyCrissy Robinson
- 2053 Advanced Mass Seminar 2025-07-28The 9-day, hands-on Advanced Mass calibration seminar focuses on the comprehension and application of the advanced mass dissemination procedures, the equations, and associated calculations. It includes the operation of the laboratory equipmentYvonne A. Branden
- 76 State Laboratory Annual Submission Process 2025-07-10Class Description The State Laboratory Annual Submission Process webinar provides guidance on how to successfully submit all required materials to develop a complete and timely Recognition Application according to NIST Handbook (HB) 143, StateYvonne A. Branden
CISA Blog
- April is Emergency Communications Month! 2025-04-01 CISA
- Building Resilient ICT Supply Chains: 8th Annual Supply Chain Integrity Month 2025-04-01 CISA
- SAFECOM Publishes Fall 2024 SAFECOM Bi-Annual Meeting Executive Summary 2025-03-31 CISA
- NCSWIC Publishes Spring 2024 Bi-Annual Meeting Executive Summaries 2025-02-25 CISA
- SAFECOM Publishes Spring 2024 SAFECOM Bi-Annual Meeting Executive Summary 2025-02-11 CISA
- Unlocking Vulnrichment: Enriching CVE Data 2025-01-21 CISA
- Defending Democracy: The #PROTECT2024 Chapter in Election Infrastructure Security 2025-01-17 CISA
- Forging National Resilience for an Era of Disruption 2025-01-16 CISA
- United in Cyber Defense: A Model for Operational Collaboration 2025-01-16 CISA
- Strengthening America’s Resilience Against the PRC Cyber Threats 2025-01-15 CISA
CISA Blog
- April is Emergency Communications Month! 2025-04-01 CISA
- Building Resilient ICT Supply Chains: 8th Annual Supply Chain Integrity Month 2025-04-01 CISA
- SAFECOM Publishes Fall 2024 SAFECOM Bi-Annual Meeting Executive Summary 2025-03-31 CISA
- NCSWIC Publishes Spring 2024 Bi-Annual Meeting Executive Summaries 2025-02-25 CISA
- SAFECOM Publishes Spring 2024 SAFECOM Bi-Annual Meeting Executive Summary 2025-02-11 CISA
- Unlocking Vulnrichment: Enriching CVE Data 2025-01-21 CISA
- Defending Democracy: The #PROTECT2024 Chapter in Election Infrastructure Security 2025-01-17 CISA
- Forging National Resilience for an Era of Disruption 2025-01-16 CISA
- United in Cyber Defense: A Model for Operational Collaboration 2025-01-16 CISA
- Strengthening America’s Resilience Against the PRC Cyber Threats 2025-01-15 CISA
ICS Advisories
- Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool 2025-04-24View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: iSTAR Configuration Utility (ICU) Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports the following versions of […]CISA
- Schneider Electric Modicon Controllers 2025-04-24View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum Vulnerabilities: Trust Boundary Violation, Uncaught Exception, Exposure of Sensitive Information to an Unauthorized Actor, Authentication Bypass by Spoofing, Improper Access Control, Reliance on Untrusted Inputs in a Security Decision, […]CISA
- ALBEDO Telecom Net.Time - PTP/NTP Clock 2025-04-24View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: ALBEDO Telecom Equipment: Net.Time - PTP/NTP clock Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception. 3. TECHNICAL DETAILS 3.1 […]CISA
- Vestel AC Charger 2025-04-24View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vestel Equipment: AC Charger Vulnerability: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could subsequently enable them to cause […]CISA
- Nice Linear eMerge E3 2025-04-24View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Nice Equipment: Linear eMerge E3 Vulnerability: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary OS commands. 3. TECHNICAL DETAILS 3.1 AFFECTED […]CISA
- Planet Technology Network Products 2025-04-24View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Planet Technology Equipment: Planet Technology Network Products Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Use of Hard-coded Credentials, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an […]CISA
- Siemens TeleControl Server Basic SQL 2025-04-22As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens TeleControl Server Basic 2025-04-22As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely Vendor: […]CISA
- Schneider Electric Wiser Home Controller WHC-5918A 2025-04-22View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Wiser Home Controller WHC-5918A Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports […]CISA
- ABB MV Drives 2025-04-22View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: MV Drives Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the drive or […]CISA
- Schneider Electric Sage Series 2025-04-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Sage series Vulnerabilities: Out-of-bounds Write, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Incorrect Default Permissions, Unchecked Return Value, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Read 2. RISK EVALUATION Successful […]CISA
- Yokogawa Recorder Products 2025-04-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: GX10, GX20, GP10, GP20, GM Data Acquisition System, DX1000, DX2000, DX1000N, FX1000, μR10000, μR20000, MW100, DX1000T, DX2000T, CX1000, CX2000 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate […]CISA
- Schneider Electric Trio Q Licensed Data Radio 2025-04-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.4 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Trio Q Licensed Data Radio Vulnerabilities: Insecure Storage of Sensitive Information, Initialization of a Resource with an Insecure Default 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access confidential information, compromise the integrity, or […]CISA
- Schneider Electric ConneXium Network Manager 2025-04-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: ConneXium Network Manager Vulnerabilities: Files or Directories Accessible to External Parties, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data, escalate privileges, or perform remote code execution. 3. […]CISA
- Mitsubishi Electric Europe B.V. smartRTU 2025-04-15View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Europe B.V. Equipment: smartRTU Vulnerability: Missing Authentication for Critical Function, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to disclose, tamper with, destroy or delete information in the product, or […]CISA
- National Instruments LabVIEW 2025-04-15View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: LabVIEW Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory writes. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
- ABB M2M Gateway 2025-04-15View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: M2M Gateway Vulnerabilities: Integer Overflow or Wraparound, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Unquoted Search Path or Element, Untrusted Search Path, Use After Free, Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Missing […]CISA
- Growatt Cloud Applications 2025-04-15View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Growatt Equipment: Cloud Applications Vulnerabilities: Cross-site Scripting, Authorization Bypass Through User-Controlled Key, Insufficient Type Distinction, External Control of System or Configuration Setting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or […]CISA
- Siemens SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX 2025-04-15As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens Industrial Edge Device Kit 2025-04-15As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack […]CISA
ICS Medical Advisories
- INFINITT Healthcare INFINITT PACS 2025-04-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: INFINITT Healthcare Equipment: INFINITT PACS Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Exposure of Sensitive System Information to an Unauthorized Control Sphere, 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to upload malicious […]CISA
- Santesoft Sante DICOM Viewer Pro 2025-03-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption that would result in execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Santesoft […]CISA
- Philips Intellispace Cardiovascular (ISCV) 2025-03-13View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Philips Equipment: Intellispace Cardiovascular (ISCV) Vulnerabilities: Improper Authentication, Use of Weak Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to replay the session of the logged in ISCV user and gain access to patient records. 3. TECHNICAL […]CISA
- Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application 2025-02-27View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dario Health Equipment: USB-C Blood Glucose Monitoring System Starter Kit Android Application, Application Database and Internet-based Server Infrastructure Vulnerabilities: Exposure of Private Personal Information to an Unauthorized Actor, Improper Output Neutralization For Logs, Storage of Sensitive Data In a Mechanism Without […]CISA
- Medixant RadiAnt DICOM Viewer 2025-02-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.7 ATTENTION: Low attack complexity Vendor: Medixant Equipment: RadiAnt DICOM Viewer Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a machine-in-the-middle attack (MITM), resulting in malicious updates being delivered to the user. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS […]CISA
- Qardio Heart Health IOS and Android Application and QardioARM A100 2025-02-13View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.2 ATTENTION: Low attack complexity Vendor: Qardio Equipment: Heart Health IOS application, Heart Health Android Application, QardioARM A100 Vulnerabilities: Exposure of Private Personal Information to an Unauthorized Actor, Uncaught Exception, Files or Directories Accessible to External Parties 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an […]CISA
- Orthanc Server 2025-02-06View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Orthanc Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
- MicroDicom DICOM Viewer 2025-02-06View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.7 ATTENTION: Low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to alter network traffic and perform a machine-in-the-middle (MITM) attack. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following MicroDicom DICOM Viewer are […]CISA
- Contec Health CMS8000 Patient Monitor (Update A) 2025-01-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Contec Health Equipment: CMS8000 Patient Monitor Vulnerabilities: Out-of-Bounds Write, Hidden Functionality, Privacy Leakage 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely send specially formatted UDP requests or connect to an unknown external network that would […]CISA
- Ossur Mobile Logic Application 2024-12-19View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.6 ATTENTION: Low attack complexity Vendor: Ossur Equipment: Mobile Logic Application Vulnerabilities: Exposure of Sensitive System Information to an Unauthorized Control Sphere, Command Injection, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker unauthorized access to sensitive information. 3. TECHNICAL DETAILS […]CISA
- BD Diagnostic Solutions Products (Update A) 2024-12-17View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: Diagnostic Solutions Products Vulnerability: Use of Default Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use default credentials to access, modify, or delete sensitive data, which could impact the availability […]CISA
- Baxter Life2000 Ventilation System 2024-11-14View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Life2000 Ventilation System Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Excessive Authentication Attempts, Use of Hard-Coded Credentials, Improper Physical Access Control, Download of Code Without Integrity Check, On-Chip Debug and Test Interface With Improper Access Control, Missing […]CISA
- BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application 2024-09-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Low attack complexity/public exploits are available Vendor: BPL Medical Technologies Equipment: PWS-01-BT, Be Well Android App Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to intercept and modify information as it being processed 3. TECHNICAL DETAILS […]CISA
- Baxter Connex Health Portal 2024-09-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Connex Health Portal Vulnerabilities: SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to malicious code injection, shutdown of database service, or the ability to access, modify, or delete sensitive data from the […]CISA
- Philips Vue PACS (Update A) 2024-07-18View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.0 ATTENTION: Low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Allocation of Resources Without Limits or Throttling, Use of Default Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain access to the database, which could impact system availability and data integrity […]CISA
- MicroDicom DICOM Viewer 2024-06-11View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Improper Authorization in Handler for Custom URL Scheme, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to both retrieve and plant medical image files on a victim's system and […]CISA
- Baxter Welch Allyn Connex Spot Monitor 2024-05-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Connex Spot Monitor (CSM) Vulnerability: Use of Default Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify device configuration and firmware data. Tampering with this data could lead to device compromise, resulting […]CISA
- Baxter Welch Allyn Configuration Tool 2024-05-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Configuration Tool Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the unintended exposure of credentials to unauthorized users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Baxter (formerly Hillrom and Welch Allyn) […]CISA
- Santesoft Sante FFT Imaging 2024-03-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code once a user opens a malicious DCM file on affected FFT Imaging installations. 3. TECHNICAL DETAILS 3.1 […]CISA
- MicroDicom DICOM Viewer 2024-02-29View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Heap-based Buffer Overflow, Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption issues leading to execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions […]CISA
The Hacker News
- ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion 2025-04-26Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka […]
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures 2025-04-25North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
- New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework 2025-04-25Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this […]
- Why NHIs Are Security's Most Dangerous Blind Spot 2025-04-25When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs). At the top of mind when NHIs are mentioned, most […]
- Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers 2025-04-25Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below - CVE-2025-27610 (CVSS score: 7.5) - A path […]
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks 2025-04-25Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma
- Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware 2025-04-24At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in
- Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools 2025-04-24Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said […]
- Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign 2025-04-24The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector
- 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure 2025-04-24As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure," VulnCheck said in a report shared […]
- Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals 2025-04-24The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a fresh report shared with The Hacker News.
- Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely 2025-04-24A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028, carries a CVSS score of 9.0 out of a maximum of 10.0. "A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute […]
- WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads 2025-04-24WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users to block participants from sharing the contents of a conversation in traditional chats and groups. "This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," […]
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack 2025-04-23Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. "The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North […]
- Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign 2025-04-23The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber espionage-related operations. The intrusion set is said to have distributed […]
- Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices 2025-04-23Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software. "The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs," […]
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks 2025-04-23Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before. Attackers are increasingly leveraging identity-based techniques over software exploits, with phishing and stolen credentials (a byproduct of phishing) now the primary
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp 2025-04-23Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025. The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device […]
- Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack 2025-04-23The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys. The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been […]
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito 2025-04-23Google on Tuesday revealed that it will no longer offer a standalone prompt for third-party cookies in its Chrome browser as part of its Privacy Sandbox initiative. "We've made the decision to maintain our current approach to offering users third-party cookie choice in Chrome, and will not be rolling out a new standalone prompt for […]