Articles tagged "Critical"

Found 911 articles

Researchers from Eclypsium have identified vulnerabilities in four different IP KVM devices: GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. These security flaws allow unauthorized users to gain root access or run malicious code without authentication. This situation poses a serious risk to networks utilizing these devices, as attackers could potentially manipulate connected systems. It’s crucial for users of these products to be aware of these vulnerabilities and take necessary precautions to secure their networks. The discovery emphasizes the need for regular security assessments and updates for devices that manage critical network functions.

Read Original

ConnectWise has issued a warning about a serious vulnerability in its ScreenConnect software. This flaw allows attackers to extract ASP.NET machine keys, which could lead to unauthorized access to user sessions. Organizations using ScreenConnect could be at risk, as this vulnerability enables attackers to bypass authentication controls. Users should be aware of the potential for misuse of their systems and take immediate action to protect their data. It is crucial for affected parties to stay updated on this issue and implement necessary safeguards to prevent exploitation.

Read Original

Ubiquiti has addressed two vulnerabilities in its UniFi Network app, one of which is particularly serious and could allow attackers to take control of user accounts. This software is commonly used to manage various networking devices such as access points, switches, and gateways. The critical flaw poses a significant risk as it could lead to unauthorized access to sensitive user information and network settings. Users of UniFi products are urged to apply the latest patches to protect their systems. This incident serves as a reminder of the importance of keeping software up-to-date to mitigate potential security risks.

Read Original

U.S. officials are on alert for potential cyberattacks from Iran, particularly following recent geopolitical tensions. Although there hasn't been a noticeable increase in attacks so far, experts from the Department of Defense and CISA are closely monitoring the situation. In a related incident, the federal government has responded to a breach involving Stryker, a medical technology company. While specific details about the Stryker breach are limited, it emphasizes the ongoing risks that critical infrastructure and healthcare sectors face from cyber threats. The situation serves as a reminder for organizations to bolster their cybersecurity measures and remain vigilant against potential attacks.

Read Original
Actively Exploited

The FBI has taken control of two websites associated with the Handala hacktivist group following a severe cyberattack on Stryker, a major medical technology company. This attack resulted in the destruction of around 80,000 medical devices, raising significant concerns about patient safety and the reliability of healthcare technology. The Handala group claimed responsibility for the attack, which underscores the ongoing risks that organizations in the healthcare sector face from cyber threats. The seizure of these websites aims to disrupt Handala's operations and prevent further attacks. This incident highlights the critical need for enhanced cybersecurity measures in the medical technology industry to protect sensitive devices and patient data.

Read Original
Actively Exploited

Hackers associated with APT28, a group believed to be linked to the Russian military intelligence, are exploiting a vulnerability in the Zimbra Collaboration Suite (ZCS) to target Ukrainian government entities. This attack is part of ongoing cyber operations against Ukraine amid the broader conflict with Russia. The specific flaw being exploited allows attackers to gain unauthorized access, which could lead to significant data breaches or disruptions in government operations. The situation is critical, as it not only affects the security of Ukrainian governmental systems but also reflects the increasing use of cyber tactics in geopolitical conflicts. Ukrainian officials and cybersecurity experts are urging immediate action to patch the vulnerabilities and safeguard sensitive information.

Read Original

A Russian advanced persistent threat (APT) group has been exploiting a critical cross-site scripting (XSS) vulnerability in Zimbra, identified as CVE-2025-66376, with a severity score of 7.2. The attackers are sending HTML emails that contain insufficiently sanitized scripts, which execute when opened by users. This campaign specifically targets individuals in Ukraine, highlighting the ongoing cyber conflict in the region. The exploitation of this vulnerability could allow attackers to compromise user accounts and access sensitive information. Organizations using Zimbra should be particularly vigilant and take immediate action to secure their systems.

Read Original

The U.S. Department of Energy is preparing to release its first cybersecurity strategic plan aimed at strengthening the security of the nation's power grid. This move comes in response to a rise in cyber threats targeting critical infrastructure, highlighting the need for a more coordinated defense approach. The plan is expected to outline strategies for improving resilience against potential cyberattacks, which could disrupt energy supply and impact millions of Americans. By focusing on enhancing security measures, the Department of Energy aims to protect not just the grid itself, but also the broader economy and public safety. This initiative reflects growing concerns among government officials about the vulnerabilities in the energy sector and the increasing sophistication of cyber adversaries.

Read Original

A significant vulnerability in Cisco's Catalyst SD-WAN, identified as CVE-2026-20133, poses a serious risk that some organizations may be overlooking. Cybersecurity experts have expressed concern that security teams are focusing their attention on another vulnerability, CVE-2026-20127, which is a zero-day exploit. This could lead to a dangerous situation where the high-severity flaw is not addressed, leaving systems vulnerable to potential attacks. Organizations using Cisco SD-WAN products should be aware of this oversight, as failing to remediate the CVE-2026-20133 vulnerability could expose critical data and systems to exploitation. The urgency of addressing this issue cannot be overstated, especially as cyber threats continue to evolve rapidly.

Read Original

The University of Mississippi Medical Center and Passaic County in New Jersey have recently fallen victim to attacks from a ransomware group known as Medusa, which is believed to operate from Russia. This ransomware-as-a-service operation has claimed responsibility for the incidents, raising concerns about the security of healthcare and local government systems. The attacks can disrupt critical services and compromise sensitive data, which is particularly alarming in the healthcare sector where patient information is at stake. As ransomware attacks become increasingly common, organizations must prioritize their cybersecurity measures to protect against such threats and ensure they can continue to serve their communities effectively.

Read Original

U.S. robotics companies are urging Congress for assistance in preventing Chinese-made robots from infiltrating American networks. Executives express concern that as the robotics market grows, so does the potential for cyberattacks targeting these systems. They are advocating for a clear federal strategy to address these risks and protect national security. The call for action highlights the ongoing tensions between the U.S. and China regarding technology and cybersecurity, emphasizing the need for proactive measures to safeguard critical infrastructure. This situation raises important questions about the security of emerging technologies and the role of government in regulating foreign influence in the tech sector.

Read Original
Actively Exploited

Amazon Threat Intelligence has issued a warning regarding an active ransomware campaign known as Interlock, which is exploiting a significant vulnerability in Cisco's Secure Firewall Management Center (FMC) Software. This vulnerability, identified as CVE-2026-20131, has a maximum severity score of 10.0 and stems from an insecure deserialization of user-supplied Java byte streams. This flaw could allow attackers to gain root access without authentication, posing a serious risk to organizations using affected Cisco products. The exploitation of this vulnerability is concerning as it enables unauthorized access, potentially leading to data breaches and system compromises. Companies using Cisco FMC Software must take immediate action to protect their systems from this ongoing threat.

Read Original

Cybersecurity researchers have identified nine significant vulnerabilities in low-cost IP KVM devices from four vendors: GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. These flaws can allow unauthorized users to gain root access, giving them extensive control over affected systems. The most critical vulnerabilities could enable attackers to execute commands and manipulate the devices without authentication. This poses a serious risk, especially for organizations relying on these devices for remote management of their IT infrastructure. Users of these products are urged to take immediate action to secure their systems and monitor for any suspicious activity.

Read Original

The ongoing conflict in Iran is expected to extend, leading to an increase in cyber threats and potential disruptions in energy supply across the region. Companies operating in the Middle East may face heightened risks as tensions escalate. Cybersecurity experts are warning that this situation could result in more frequent and severe cyberattacks aimed at critical infrastructure and private enterprises. The implications of such attacks could be wide-ranging, impacting not just local businesses but also global markets and energy prices. Stakeholders in the region are advised to bolster their cybersecurity measures to mitigate potential risks.

Read Original
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

The Hacker News

Researchers have identified a severe vulnerability in the GNU InetUtils telnet daemon, known by its CVE identifier CVE-2026-32746. This flaw allows unauthenticated attackers to execute arbitrary code with root privileges through Telnet connections on port 23. With a CVSS score of 9.8, this vulnerability poses a significant risk to systems using the affected telnetd. The issue arises from an out-of-bounds write in the LINEMODE Set, which could be exploited easily by attackers. Organizations using this software need to take immediate action to secure their systems, as the implications of this flaw could lead to unauthorized access and control over critical infrastructure.

Read Original
PreviousPage 34 of 61Next