Latest Intelligence
Countries Begin NATO's Locked Shields Cyber Defense Exercise
The NATO-run Locked Shields cyber defense exercise enables countries to test and enhance their defenses against evolving cyber threats, including disinformation, quantum computing, and artificial intelligence. This initiative is significant as it fosters international cooperation and preparedness in the face of increasingly sophisticated cyber challenges.
Possible Zero-Day Patched in SonicWall SMA Appliances
SonicWall has released patches for three vulnerabilities in its SMA 100 appliances, including a potential zero-day that could allow attackers to execute arbitrary code remotely. This issue highlights significant security risks for users of these appliances and the importance of timely updates.
Mitsubishi Electric CC-Link IE TSN
AI summary not available. Read original article »
Horner Automation Cscape
Horner Automation's Cscape version 10.0 (10.0.415.2) SP1 contains a significant out-of-bounds read vulnerability (CVE-2025-4098) that could allow attackers to disclose sensitive information and execute arbitrary code. The vulnerability has a CVSS v4 score of 8.4, highlighting its critical nature and the importance of applying mitigations to protect control system environments.
Hitachi Energy RTU500 Series
The Hitachi Energy RTU500 series has multiple vulnerabilities, including cross-site scripting and improper input validation, which could allow attackers to exploit the devices remotely. These vulnerabilities pose significant risks, including denial-of-service conditions and unauthorized execution of scripts, affecting critical manufacturing infrastructures worldwide.
CISA Releases Five Industrial Control Systems Advisories
CISA has released five advisories addressing security vulnerabilities in various Industrial Control Systems (ICS), highlighting the importance of staying informed about potential exploits. These advisories are critical for users and administrators to implement necessary mitigations to protect their systems.
Pixmeo OsiriX MD
The Pixmeo OsiriX MD software has multiple vulnerabilities, including a use-after-free issue and cleartext transmission of sensitive information, which could allow attackers to exploit memory corruption and steal credentials. These vulnerabilities pose significant risks to healthcare and public health sectors, necessitating immediate attention and remediation.
Google Finds Data Theft Malware Used by Russian APT in Select Cases
Google has identified that the Russia-linked APT group Star Blizzard is utilizing a technique known as ClickFix to distribute the LostKeys malware in targeted attacks. This finding underscores the ongoing threat posed by state-sponsored cyber actors and the need for vigilance against such sophisticated malware.
Security Tools Alone Don't Protect You — Control Effectiveness Does
The article highlights that 61% of security leaders experienced breaches due to misconfigured controls, despite having an average of 43 cybersecurity tools. This indicates that the issue lies not in the quantity of security investments, but rather in their effective configuration and management.
Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet
A vulnerability in Samsung MagicINFO has been improperly patched, rendering the fixes ineffective. As a result, a Mirai botnet has begun exploiting this vulnerability, posing significant security risks to affected systems.
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware
MirrorFace, a nation-state threat actor, has been targeting government agencies and public institutions in Japan and Taiwan with a cyber espionage campaign involving the ROAMINGMOUSE malware and an updated backdoor called ANEL. This activity, detected by Trend Micro in March 2025, highlights the ongoing threat of sophisticated cyber attacks on critical infrastructure in these regions.
Cisco Patches 35 Vulnerabilities Across Several Products
Cisco has released patches addressing 35 vulnerabilities across multiple products, including 26 in IOS and IOS XE software, with 17 of these classified as critical or high severity. This highlights the ongoing need for organizations to maintain updated security measures to protect against potential exploits.
Dozens of SysAid Instances Vulnerable to Remote Hacking
Dozens of SysAid instances have been found vulnerable to remote hacking due to IT service management software vulnerabilities that allow unauthenticated remote command execution. This issue poses significant security risks for organizations using the affected software.
Masimo Manufacturing Facilities Hit by Cyberattack
Masimo, a health technology and consumer electronics firm, detected unauthorized activity on its network in late April, indicating a cyberattack on its manufacturing facilities. This incident highlights the growing cybersecurity threats faced by healthcare technology companies.
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
Russian hackers linked to the COLDRIVER group are deploying a new malware named LOSTKEYS through social engineering tactics that mimic ClickFix CAPTCHAs. This malware poses a significant threat as it is designed to steal sensitive files and system information from targeted victims.