In response to increasing cybersecurity threats targeting operational technology (OT) networks, the Cybersecurity and Infrastructure Security Agency (CISA) and other federal agencies have released new guidelines recommending a zero trust approach for these systems. As industrial systems become more interconnected, the risks of cyberattacks grow, prompting the need for stronger security measures. The guidance aims to help organizations better protect their OT environments by adopting zero trust principles, which focus on verifying all users and devices before granting access to sensitive systems. This is particularly important as the reliance on digital technologies in industrial sectors continues to expand. Implementing these practices is crucial for safeguarding critical infrastructure against evolving cyber threats.
Articles tagged "Critical"
Found 905 articles
Recent reports have identified vulnerabilities in the EnOcean SmartServer IoT platform that could allow attackers to remotely compromise smart buildings, data centers, and factories. The issues are tied to a security bypass flaw (CVE-2026-22885) and a remote code execution vulnerability (CVE-2026-20761). These vulnerabilities affect instances of the EnOcean SmartServer that are exposed to the internet, making them susceptible to remote exploitation. This situation raises significant concerns for organizations relying on this technology, as it could lead to unauthorized access and control over critical infrastructure. Companies using EnOcean SmartServer should take immediate action to secure their systems against potential attacks.
According to Infosecurity Magazine, nearly a quarter of healthcare organizations in the U.S., UK, and Germany have experienced cyberattacks targeting medical devices in the past year. These attacks can disrupt critical healthcare services, putting patient safety at risk. The rise in incidents highlights vulnerabilities in medical devices that may not be adequately secured against cyber threats. As healthcare increasingly relies on connected technologies, the need for robust security measures becomes more pressing. Organizations must prioritize protecting their medical devices to ensure the safety and integrity of patient care.
Hackread – Cybersecurity News, Data Breaches, AI and More
A serious vulnerability has been discovered in cPanel, a popular web hosting control panel, allowing attackers to bypass login credentials and gain root access to servers. This flaw has been actively exploited before any patches were released, putting many web hosting providers and their clients at risk. The vulnerability affects users of cPanel, particularly those running outdated versions of the software. With root access, attackers could manipulate server settings, steal sensitive data, or take the server offline, which could lead to significant operational and financial consequences for affected companies. It is crucial for users to update their systems as soon as patches become available to mitigate these risks.
SCM feed for Latest
Chinese state-backed hackers have been targeting journalists and activists in Taiwan, Hong Kong, Tibet, and the Uyghur region through phishing campaigns over the past nine months. These campaigns are believed to be orchestrated by freelance hackers affiliated with the Chinese government, aiming to extract sensitive information from individuals who are often critical of the Chinese regime. The report from Recorded Future details the tactics used in these attacks, which are particularly concerning given the ongoing suppression of dissent in these regions. The implications are serious, as these efforts not only threaten the safety of the targeted individuals but also aim to silence voices of opposition and undermine press freedom. This situation highlights the ongoing cybersecurity risks faced by those advocating for human rights in China and surrounding areas.
The Cybersecurity and Infrastructure Security Agency (CISA) has released a new guide focused on applying zero-trust security principles to operational technology (OT) environments. This initiative aims to improve cybersecurity while ensuring the safety and availability of critical systems. The guide is intended for organizations that manage OT systems, emphasizing the importance of integrating cybersecurity measures into their operational processes. By adopting a zero-trust approach, organizations can better defend against potential cyber threats while maintaining operational continuity. This guidance is particularly relevant as industries increasingly face cyber risks that can impact both security and functionality.
Help Net Security
A serious vulnerability (CVE-2026-41940) affecting cPanel, a widely used web hosting control panel, has been exploited by attackers for several months before a patch was released. This authentication bypass flaw has been in active use since at least February 23, 2026, with indications that it may have been abused even earlier. The vulnerability primarily impacts users of cPanel, which is often provided by shared hosting services. The delay in addressing this issue raises concerns about the security of web hosting environments and the potential for unauthorized access to sensitive data. Companies using cPanel are urged to apply the latest security updates as soon as possible to mitigate risks associated with this exploit.
A recently discovered flaw in the Gemini command-line interface (CLI) has raised significant security concerns. This vulnerability allows attackers to create malicious configurations that could execute commands outside of the intended sandbox environment. This means that attackers could potentially gain control of host systems, leading to serious risks such as supply chain attacks. Companies using Gemini CLI should be particularly vigilant, as this flaw could affect various applications and services relying on this tool. The implications are severe, as unauthorized command execution could compromise sensitive data and system integrity.
Researchers at Claroty have identified two serious vulnerabilities in the EnOcean SmartServer, a device commonly used in building automation systems. These flaws allow attackers to bypass security measures and execute code remotely, potentially giving them control over various building functions. This is particularly concerning as such systems manage critical infrastructure like lighting, heating, and security. The vulnerabilities could affect a wide range of buildings that rely on SmartServer technology, making it imperative for affected organizations to take immediate action. Without proper remediation, these weaknesses could lead to unauthorized access and significant operational disruptions.
A serious authentication bypass vulnerability identified as CVE-2026-41940 has been discovered in cPanel, WHM, and WP Squared. This flaw has been actively exploited by attackers since late February, allowing unauthorized access to systems using these platforms. cPanel and WHM are widely used web hosting control panels, making this issue particularly concerning for hosting providers and website owners. Users of affected systems should take immediate action to secure their environments, as the vulnerability poses a significant risk to sensitive data and system integrity. As proof-of-concept (PoC) code is now available, the potential for widespread exploitation increases, underscoring the urgency for users to address this vulnerability promptly.
Ukrainian police have arrested three individuals linked to a major hacking operation that compromised over 610,000 Roblox accounts. The hackers reportedly sold these stolen accounts for around $225,000. Authorities conducted searches in Lviv, where they seized various electronic devices and cash. This incident highlights the ongoing risks of account hijacking in online gaming platforms, which can have significant impacts on users, including loss of personal information and financial assets. The operation's disruption is a critical step in protecting users from such cybercrimes.
Automated red teaming for large language models (LLMs) is evolving, with researchers refining the methods used to test these AI systems for vulnerabilities. Typically, one model generates potential attack strategies, while another evaluates their effectiveness. The current approaches include a trial-and-error method that yields limited success and a more comprehensive strategy like WildTeaming, which utilizes a broad range of harmful inputs sourced from open databases. This progression is critical as it enhances the ability to identify weaknesses in LLMs, potentially preventing misuse in real-world applications. Understanding these automated testing methods is essential for developers and organizations using LLM technology to ensure they can mitigate risks effectively.
Security Affairs
A newly discovered vulnerability in the LiteLLM Python package, identified as CVE-2026-42208, has been exploited by attackers just 36 hours after its disclosure. This flaw allows for SQL injection through the proxy API key verification process, enabling unauthorized access and modification of sensitive database information. The rapid exploitation of this vulnerability raises concerns for developers and organizations using LiteLLM, as it could lead to significant data breaches and compromise of user data. Users and organizations need to take immediate action to secure their systems against this threat, as the vulnerability is already being actively targeted in the wild.
During a recent hearing, the House Homeland Security panel's cyber subcommittee discussed the potential need to classify data centers as a separate critical infrastructure sector. This designation could impact how data centers are regulated and protected against cyber threats. Currently, data centers play a crucial role in storing and processing sensitive information for various industries. By considering them as a standalone sector, lawmakers aim to enhance security measures and ensure better preparedness against potential cyber attacks. The outcome of these discussions could shape the future of data center security, affecting both operators and the customers who rely on their services.
A serious vulnerability has been discovered in cPanel and WebHost Manager (WHM) that allows unauthorized users to access the control panel without proper authentication. This flaw affects all versions except the most recent ones, putting many web hosting services at risk. Attackers could exploit this weakness to gain control over web hosting environments, which could lead to data breaches or service disruptions. Users of cPanel and WHM are strongly advised to update their systems immediately to the latest versions to mitigate this risk. The urgency of this situation highlights the importance of keeping software up to date to protect against potential exploits.