VulnHub

A serious vulnerability has been discovered in HPE OneView, a management tool used for IT infrastructure. This flaw allows attackers to execute code remotely without needing any authentication, which poses a significant risk to organizations using this software. As the vulnerability is actively being exploited, affected companies must act quickly to protect their systems. This incident highlights the need for organizations to regularly update their software and apply security patches to defend against such attacks. Users of HPE OneView should prioritize checking for updates and implementing any recommended security measures to mitigate the risk of exploitation.

Taiwan's National Security Bureau (NSB) has reported a significant increase in cyberattacks attributed to China, particularly targeting the island's energy sector. In 2025, these attacks surged tenfold, affecting critical infrastructure across nine different sectors. Overall, there was a 6% increase in cyber incidents compared to the previous year. This spike in activity indicates a growing threat to Taiwan's essential services and raises concerns about the security of its infrastructure. As tensions between Taiwan and China continue, the escalation of cyber warfare poses serious implications for national security and public safety.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a serious vulnerability in HPE OneView that is currently being exploited in the wild. This flaw could allow attackers to gain unauthorized access to sensitive systems and data, posing significant risks to organizations using HPE's management software. Users of HPE OneView should be particularly vigilant, as this vulnerability could lead to severe disruptions or data breaches. Companies utilizing affected systems are advised to take immediate action to secure their environments. The situation underscores the critical need for timely updates and patch management to protect against active threats.

Hackers are taking advantage of a serious zero-day vulnerability in D-Link DSL routers that are no longer supported. This flaw allows attackers to execute arbitrary commands on the devices, posing significant risks to users still relying on these outdated models. As these routers are not receiving security updates, individuals and businesses using them are particularly vulnerable to unauthorized access and potential data breaches. Users are urged to consider replacing their D-Link routers with more secure, supported options to mitigate these risks. The exploitation of such vulnerabilities underscores the importance of using updated technology in a cybersecurity landscape that is constantly evolving.

Taiwan's National Security Bureau has reported a significant increase in daily cyber intrusion attempts, attributing the surge to what they describe as a Chinese 'cyber army.' The number of attacks rose by 6% in 2025, with the energy and healthcare sectors experiencing the most substantial impacts. This uptick raises concerns about the security of critical infrastructure and sensitive data in Taiwan, especially as these sectors are vital for public welfare and national stability. The situation underscores the ongoing cyber tensions between Taiwan and China, highlighting the need for enhanced cybersecurity measures in the face of persistent threats. Taiwanese authorities are likely to heighten their defenses to safeguard against these intrusions.

In 2025, Taiwan reported an alarming increase in cyber intrusion attempts on its critical infrastructure, averaging 2.63 million per day, primarily attributed to Chinese attackers. This surge has raised significant concerns about the security of Taiwan's energy sector and other vital systems, as such attacks could lead to disruptions in services and pose risks to national security. The frequency and intensity of these cyber intrusions suggest a coordinated effort to undermine Taiwan's infrastructure, which could have serious implications for the region's stability. As the situation evolves, it is crucial for Taiwanese authorities and organizations to bolster their defenses against these persistent cyber threats to protect their critical assets.

A newly discovered vulnerability in discontinued D-Link devices poses a serious risk, allowing attackers to execute arbitrary shell commands without authentication. This critical-severity flaw affects users of these outdated devices, which may still be in use despite not being supported or receiving updates from the manufacturer. The fact that the vulnerability is being actively exploited means that users should take immediate action to safeguard their networks. If left unaddressed, this could allow attackers to gain control over affected devices, potentially leading to larger network breaches. Users of D-Link products are advised to assess their device usage and consider replacing unsupported hardware to mitigate these risks.

Hackers are exploiting a serious vulnerability in older D-Link DSL routers, identified as CVE-2026-0625. This flaw allows attackers to execute commands remotely, potentially compromising users' devices and networks. The vulnerability has a high severity score of 9.3, which indicates that it poses a significant risk. Users of legacy D-Link DSL routers need to be aware of this issue as it could lead to unauthorized access and control over their internet-connected devices. As attackers actively exploit this flaw, it is crucial for affected users to take immediate action to protect their systems.