VulnHub

AI-Powered Cybersecurity Intelligence

Last Update Check:

Latest Intelligence

darkreading
Countries Begin NATO's Locked Shields Cyber Defense Exercise

The NATO-run Locked Shields cyber defense exercise enables countries to test and enhance their defenses against evolving cyber threats, including disinformation, quantum computing, and artificial intelligence. This initiative is significant as it fosters international cooperation and preparedness in the face of increasingly sophisticated cyber challenges.


Impact: Not specified

In the Wild: Unknown

Age: Unknown

Remediation: None available

Published:

SecurityWeek
Possible Zero-Day Patched in SonicWall SMA Appliances

SonicWall has released patches for three vulnerabilities in its SMA 100 appliances, including a potential zero-day that could allow attackers to execute arbitrary code remotely. This issue highlights significant security risks for users of these appliances and the importance of timely updates.


Impact: ["SMA 100 appliances"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Apply patches

Zero-day

Published:

All CISA Advisories
Mitsubishi Electric CC-Link IE TSN

AI summary not available. Read original article »

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
Horner Automation Cscape

Horner Automation's Cscape version 10.0 (10.0.415.2) SP1 contains a significant out-of-bounds read vulnerability (CVE-2025-4098) that could allow attackers to disclose sensitive information and execute arbitrary code. The vulnerability has a CVSS v4 score of 8.4, highlighting its critical nature and the importance of applying mitigations to protect control system environments.


Impact: ["Cscape: Version 10.0 (10.0.415.2) SP1"]

In the Wild: No

Age: Recently disclosed

Remediation: Horner Automation has released Cscape version 10.1 SP1; users are advised to minimize network exposure and implement secure remote access methods.

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
Hitachi Energy RTU500 Series

The Hitachi Energy RTU500 series has multiple vulnerabilities, including cross-site scripting and improper input validation, which could allow attackers to exploit the devices remotely. These vulnerabilities pose significant risks, including denial-of-service conditions and unauthorized execution of scripts, affecting critical manufacturing infrastructures worldwide.


Impact: ["Hitachi Energy RTU500 series: Versions 12.0.1 to 12.0.14", "Hitachi Energy RTU500 series: Versions 12.2.1 to 12.2.11", "Hitachi Energy RTU500 series: Versions 12.4.1 to 12.4.11", "Hitachi Energy RTU500 series: Versions 12.6.1 to 12.6.9", "Hitachi Energy RTU500 series: Versions 12.7.1 to 12.7.6", "Hitachi Energy RTU500 series: Versions 13.2.1 to 13.2.6", "Hitachi Energy RTU500 series: Versions 13.4.1 to 13.4.3"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Update to the latest CMU firmware as specified for each affected version.

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
CISA Releases Five Industrial Control Systems Advisories

CISA has released five advisories addressing security vulnerabilities in various Industrial Control Systems (ICS), highlighting the importance of staying informed about potential exploits. These advisories are critical for users and administrators to implement necessary mitigations to protect their systems.


Impact: ["Horner Automation Cscape", "Hitachi Energy RTU500 series", "Mitsubishi Electric CC-Link IE TSN", "Pixmeo OsiriX MD"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Review advisories for technical details and mitigations.

Update

Published:

All CISA Advisories
Pixmeo OsiriX MD

The Pixmeo OsiriX MD software has multiple vulnerabilities, including a use-after-free issue and cleartext transmission of sensitive information, which could allow attackers to exploit memory corruption and steal credentials. These vulnerabilities pose significant risks to healthcare and public health sectors, necessitating immediate attention and remediation.


Impact: ["OsiriX MD", "Pixmeo"]

In the Wild: No

Age: Recently disclosed

Remediation: Download the latest version of OsiriX MD; implement defensive measures to minimize risks.

Phishing CVE Vulnerability Update

Published:

SecurityWeek
Google Finds Data Theft Malware Used by Russian APT in Select Cases

Google has identified that the Russia-linked APT group Star Blizzard is utilizing a technique known as ClickFix to distribute the LostKeys malware in targeted attacks. This finding underscores the ongoing threat posed by state-sponsored cyber actors and the need for vigilance against such sophisticated malware.


Impact: Not specified

In the Wild: Yes

Age: Recently disclosed

Remediation: None available

Google Malware

Published:

The Hacker News
Security Tools Alone Don't Protect You — Control Effectiveness Does

The article highlights that 61% of security leaders experienced breaches due to misconfigured controls, despite having an average of 43 cybersecurity tools. This indicates that the issue lies not in the quantity of security investments, but rather in their effective configuration and management.


Impact: Not specified

In the Wild: No

Age: Unknown

Remediation: Improve configuration management and control effectiveness.

Published:

SecurityWeek
Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet

A vulnerability in Samsung MagicINFO has been improperly patched, rendering the fixes ineffective. As a result, a Mirai botnet has begun exploiting this vulnerability, posing significant security risks to affected systems.


Impact: ["Samsung MagicINFO"]

In the Wild: Yes

Age: Recently disclosed

Remediation: Apply patches

Vulnerability

Published:

The Hacker News
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware

MirrorFace, a nation-state threat actor, has been targeting government agencies and public institutions in Japan and Taiwan with a cyber espionage campaign involving the ROAMINGMOUSE malware and an updated backdoor called ANEL. This activity, detected by Trend Micro in March 2025, highlights the ongoing threat of sophisticated cyber attacks on critical infrastructure in these regions.


Impact: ["ROAMINGMOUSE", "ANEL"]

In the Wild: Yes

Age: Discovered in March 2025

Remediation: Implement security measures against spear-phishing and monitor for malicious activity.

Phishing Malware Threat Actor

Published:

SecurityWeek
Cisco Patches 35 Vulnerabilities Across Several Products

Cisco has released patches addressing 35 vulnerabilities across multiple products, including 26 in IOS and IOS XE software, with 17 of these classified as critical or high severity. This highlights the ongoing need for organizations to maintain updated security measures to protect against potential exploits.


Impact: ["IOS", "IOS XE"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Apply patches

iOS Cisco

Published:

SecurityWeek
Dozens of SysAid Instances Vulnerable to Remote Hacking

Dozens of SysAid instances have been found vulnerable to remote hacking due to IT service management software vulnerabilities that allow unauthenticated remote command execution. This issue poses significant security risks for organizations using the affected software.


Impact: ["SysAid IT service management software"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Apply patches

Published:

SecurityWeek
Masimo Manufacturing Facilities Hit by Cyberattack

Masimo, a health technology and consumer electronics firm, detected unauthorized activity on its network in late April, indicating a cyberattack on its manufacturing facilities. This incident highlights the growing cybersecurity threats faced by healthcare technology companies.


Impact: Not specified

In the Wild: Unknown

Age: Discovered last month

Remediation: Vendor advisory pending

Published:

The Hacker News
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware

Russian hackers linked to the COLDRIVER group are deploying a new malware named LOSTKEYS through social engineering tactics that mimic ClickFix CAPTCHAs. This malware poses a significant threat as it is designed to steal sensitive files and system information from targeted victims.


Impact: ["Not specified"]

In the Wild: Yes

Age: Recently disclosed

Remediation: None available

Google Malware Threat Actor

Published: