VulnHub

ServiceNow has addressed a significant flaw in its AI platform that could allow attackers to impersonate users. The company claims there is no evidence that this vulnerability was exploited before the patch was released in October. However, security researchers warn that the configuration of AI agents could still lead to prompt-injection style abuses, which could potentially compromise user accounts. This situation raises concerns about the security of AI systems and the risks they pose if not properly configured. Organizations using ServiceNow's AI features should ensure they implement the latest updates to mitigate any potential risks.

A Dutch appeals court has sentenced a 44-year-old hacker to seven years in prison for his role in hacking port systems to facilitate the smuggling of cocaine through European logistics hubs. The hacker exploited vulnerabilities in port networks to help traffickers move drugs into the Netherlands, highlighting a significant intersection of cybersecurity and organized crime. This case underscores the potential dangers of cyber intrusions in critical infrastructure, as they can be manipulated for illegal activities. The ruling reflects growing legal actions against cybercriminals and aims to deter similar offenses in the future. The incident raises awareness about the importance of securing logistical and transportation networks against cyber threats, which can have far-reaching implications beyond just financial losses.

Experts are warning that power outages in IT and operational technology (OT) systems could lead to significant cybersecurity issues by 2026. These power gaps may turn minor outages into major crises, affecting the reliability and security of critical infrastructure. Companies that rely heavily on interconnected IT and OT systems should be particularly concerned, as the potential for cyberattacks increases during power failures. If attackers take advantage of these vulnerabilities, they could disrupt services, compromise data, or even cause physical damage. This situation highlights the need for organizations to bolster their cybersecurity measures and prepare for the challenges posed by electrical failures.

A 44-year-old man has been sentenced to prison for installing remote access malware on the systems of a logistics company in the Netherlands. He was able to carry out this cyberattack with assistance from some employees of the firm. The malware allowed him to gain unauthorized access to sensitive information, raising serious concerns about insider threats and the security of critical infrastructure. This incident serves as a reminder for companies to strengthen their cybersecurity measures and ensure that employees are aware of the risks associated with insider collaboration. The case highlights the increasing need for vigilance in protecting sensitive systems from both external and internal threats.

ServiceNow has reported a serious security vulnerability in its AI Platform that could allow an unauthenticated user to impersonate another user and take actions on their behalf. This flaw, identified as CVE-2025-12420, has a high severity rating of 9.3 out of 10, indicating a significant risk to users. The potential for impersonation means that attackers could exploit this weakness to gain unauthorized access to sensitive information or perform harmful actions. Organizations using ServiceNow's AI Platform should prioritize applying the patch to mitigate this risk and protect their users. The quick response from ServiceNow in addressing this vulnerability is crucial to maintaining trust in their services.

A 44-year-old Dutch man has been sentenced to seven years in prison for hacking into the ports of Rotterdam and Antwerp, two of Europe's busiest ports. The Amsterdam Court of Appeal found him guilty of multiple offenses, including computer hacking and attempted extortion. His actions raised significant concerns about the security of critical infrastructure, as port operations are vital for trade and logistics. The case serves as a stark reminder of the potential risks posed by cybercriminals to essential services and the economy. Authorities hope this sentence will deter similar attacks in the future.

In an interview, Hans Quivooij, the Chief Information Security Officer at Damen Shipyards Group, discusses the unique cybersecurity challenges faced by shipyards that operate on a project basis. He emphasizes that the combination of long-term industrial equipment with short-term projects and rotating contractors complicates access control and increases the threat surface. Quivooij points out that integrating IT and operational technology (OT) systems can introduce additional risks, especially in legacy environments that may lack adequate visibility. This situation is critical for shipyards as it affects their ability to secure sensitive operational data and maintain safety standards. As the shipbuilding industry evolves, understanding these complexities is essential for protecting against potential cyber threats.

The recent death of Aldrich Ames, a former CIA officer who turned spy for the Soviet Union, serves as a stark reminder of the dangers posed by insider threats in organizations. Ames’ actions, which led to the exposure and execution of several American agents, demonstrate how critical it is for organizations, especially in sensitive sectors like intelligence, to monitor employee behaviors and attitudes. By understanding the signs of stress and potential discontent among employees, companies can better anticipate and manage risks from insiders. This incident underscores the importance of fostering a workplace environment that addresses employee concerns before they escalate into serious security breaches. Recognizing and addressing potential insider threats can help protect sensitive information and maintain organizational integrity.

Coolify, a popular open-source self-hosting platform, has reported 11 serious security vulnerabilities that could be exploited by attackers. These flaws could allow unauthorized users to bypass authentication, execute remote code, and potentially take control of affected servers. This is a significant concern for anyone using Coolify for their hosting needs, as it puts sensitive data and server integrity at risk. The vulnerabilities highlight the importance of regular security assessments and timely updates in open-source software. Users are advised to monitor the situation closely and apply any available patches as soon as they are released.

Trend Micro has released patches for a significant code execution vulnerability in its Apex Central product. This flaw could allow attackers to execute arbitrary code, putting systems at risk. Tenable has since provided proof-of-concept code and technical details, which could assist malicious actors in exploiting the vulnerability if users do not update their systems promptly. Companies using Apex Central need to apply the patches to protect their networks from potential attacks. The urgency of this update is underscored by the fact that vulnerabilities of this nature can lead to serious breaches if left unaddressed.