Latest Intelligence
Hitachi Energy Asset Suite
The article discusses multiple vulnerabilities in Hitachi Energy's Asset Suite, which could allow attackers to gain unauthorized access, execute remote code, or escalate privileges. Key vulnerabilities include incomplete input validation, plaintext password storage, and out-of-bounds writes affecting various components of the software. Read Original »
LITEON IC48A and IC80A EV Chargers
The LITEON IC48A and IC80A EV chargers have a vulnerability that allows plaintext storage of FTP server access credentials in system logs, potentially exposing sensitive information. Firmware updates are available to mitigate this issue. Read Original »
ABB RMC-100
The ABB RMC-100 has multiple vulnerabilities related to hard-coded cryptographic keys and stack-based buffer overflows, which can lead to unauthorized access to MQTT configuration data and denial-of-service conditions. These vulnerabilities are only present when the REST interface is enabled, which is disabled by default. Read Original »
CISA Releases Six Industrial Control Systems Advisories
CISA has released six advisories related to vulnerabilities in various Industrial Control Systems (ICS) as of July 15, 2025. These advisories aim to inform users and administrators about current security issues and provide guidance on mitigations. Read Original »
State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments
A new campaign targeting governmental organizations in Southeast Asia has emerged, utilizing a previously undocumented Windows backdoor named HazyBeacon to steal sensitive information. This activity is being monitored by Palo Alto Networks Unit 42, indicating a state-backed motivation behind the threat actors involved. Read Original »
Securing Agentic AI: How to Protect the Invisible Identity Access
AI agents are increasingly automating various tasks, but they require authentication through high-privilege credentials that are often not visible to defenders. This has led to a situation where non-human identities outnumber human accounts in cloud environments, raising significant security concerns. Read Original »
AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
The article discusses the rise of AsyncRAT, a remote access trojan that has become a significant threat since its release in 2019. It highlights how AsyncRAT has led to the development of various dangerous malware variants, marking its importance in the landscape of modern cybersecurity threats. Read Original »
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
North Korean hackers have been identified as publishing 67 malicious packages to the npm registry, part of a broader campaign to compromise the open-source ecosystem through software supply chain attacks. These packages have already garnered over 17,000 downloads, indicating a significant threat to users. Read Original »