Articles tagged "Critical"

Found 887 articles

Critical
OpenPLC v3

All CISA Advisories

A serious vulnerability has been found in OpenPLC v3, which could allow authenticated attackers to write arbitrary files to the filesystem and execute malicious code. This flaw, identified as CVE-2026-14480, stems from how the legacy web user interface handles file uploads, enabling attackers to specify file names without proper validation. If exploited, it could lead to code execution under the OpenPLC runtime user, posing significant risks to critical infrastructure sectors such as manufacturing, energy, and transportation. OpenPLC v3 is now end-of-life and no longer receives security updates, making it essential for users to upgrade to OpenPLC v4 to mitigate this risk.

Read Original

Schneider Electric's PowerChute Serial Shutdown software has several vulnerabilities that could allow attackers to manipulate system files, inject malicious data, or gain unauthorized access to accounts. Versions 1.4 and earlier are affected by these security flaws, which include issues like improper path restrictions and output handling. If exploited, these vulnerabilities could disrupt services or expose sensitive information across critical sectors such as energy, healthcare, and transportation. Users of affected versions are urged to upgrade to version 1.5, which includes fixes for these issues. The vulnerabilities were disclosed recently, and it is crucial for organizations to address them promptly to mitigate potential risks.

Read Original

Schneider Electric has reported a vulnerability affecting its Easergy MiCOM Px40 Series protection relays, which are used in medium to extra high voltage applications. The vulnerability allows unauthorized exposure of device identification through the SNMP protocol, impacting various models including the Easergy MiCOM P14x, P24x, P341, and several others, all prior to specific firmware versions. This issue raises concerns for critical infrastructure sectors such as energy and manufacturing, as it could lead to unauthorized access to sensitive device information. Users are advised to implement immediate mitigations or upgrade to firmware versions that eliminate SNMP functionality to protect their systems. This situation is particularly pressing for organizations relying on these devices for operational safety and security.

Read Original

AssuranceAmerica, an American insurance company, recently reported a significant data breach affecting approximately 6.9 million drivers. Attackers gained unauthorized access to the company's systems earlier this year, compromising sensitive personal information. This breach raises concerns for those affected, as their driver records may include critical details such as names, addresses, and potentially more sensitive data. The incident emphasizes the ongoing risks that companies face regarding data security and the importance of robust protective measures. Affected individuals are advised to monitor their accounts for unusual activity and consider taking steps to protect their personal information.

Read Original

Google has released an update for Chrome, version 150, which addresses 27 vulnerabilities, including 13 use-after-free bugs. Among these, two have been classified as critical-severity flaws, which could potentially allow attackers to execute arbitrary code. This update is crucial for users of the Chrome browser, as it helps protect against these serious security risks. Users are encouraged to install the update promptly to ensure their systems remain secure. Regular updates are essential, as they often close vulnerabilities that could be exploited by cybercriminals.

Read Original

Mexico's cybersecurity plan is facing a significant challenge as it enters a critical phase during the FIFA World Cup. The country is still in the process of expanding its cybersecurity infrastructure and must now demonstrate its effectiveness in protecting against potential cyber threats during this high-profile international event. With increased online activity and heightened attention from cybercriminals, the stakes are high for both national security and the integrity of the tournament. The outcome of this test could influence future investments in Mexico's cybersecurity capabilities and set a precedent for how the nation handles digital threats in major events. As the World Cup approaches, officials are under pressure to ensure that systems remain secure and resilient against attacks.

Read Original

Ubiquiti has addressed seven vulnerabilities in its UniFi OS, among which is a critical flaw designated as CVE-2026-50746. This particular vulnerability, with a maximum severity score of 10.0, allows for command injection attacks within the UniFi Connect Application, affecting versions 3.4.16 and earlier. This means that attackers could potentially execute arbitrary commands on the affected systems, leading to possible unauthorized access or control. Users of the UniFi Connect Application are urged to update their software to safeguard against these vulnerabilities. The implications of these flaws are significant, as they could expose sensitive data and disrupt services for organizations relying on Ubiquiti's solutions.

Read Original

The article discusses the growing need for runtime security in High-Performance Computing (HPC) environments that are increasingly used for artificial intelligence (AI) workloads. As these infrastructures face potential threats during runtime and supply chain processes, the article emphasizes the importance of continuous behavioral monitoring to identify and mitigate risks. It suggests that existing architectural solutions can be adapted to enhance security measures. This is crucial as vulnerabilities in HPC systems could lead to significant data breaches or disruptions, affecting organizations that rely on AI for critical operations. Ensuring that these systems are secure is essential for maintaining trust and functionality in various sectors, including research, finance, and healthcare.

Read Original

Ubiquiti has released critical updates to address serious security vulnerabilities affecting several of its products, including UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS. One of the vulnerabilities, identified as CVE-2026-50746, has a CVSS score of 10.0, indicating its severity. These flaws could allow attackers to gain unauthorized privileges and execute arbitrary commands, posing significant risks to users. The affected systems are widely used in network management and security, making the urgency of these patches clear. Users are strongly advised to apply the updates to protect their systems from potential exploitation.

Read Original
Actively Exploited

Cisco Talos has reported that a Chinese cyber espionage group, identified as APT UAT-7810, is expanding its proxy relay network by deploying new malware. This development raises concerns about the group's capabilities to conduct more extensive surveillance and data exfiltration activities. The increased use of proxies can help attackers mask their origin while facilitating access to targeted networks. Organizations should be vigilant, as this activity suggests that the group is actively seeking new methods to bypass security measures. The implications of this malware expansion could impact various sectors, especially those involving sensitive information or critical infrastructure.

Read Original
Critical
Armored Likho Hits Government, Energy Sectors With BusySnake Stealer

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Kaspersky has reported that the Armored Likho group, a previously identified advanced persistent threat (APT), is actively targeting government and energy sectors using a combination of techniques. They employ BusySnake Stealer, a type of malware designed to extract sensitive information, alongside AI-generated loaders and phishing methods to infiltrate systems. This campaign poses significant risks to organizations in these critical sectors, as the stolen data could lead to further exploitation or security breaches. The use of sophisticated tools and tactics highlights the evolving nature of cyber threats and the need for enhanced security measures within these industries. Organizations should remain vigilant and strengthen their defenses against such targeted attacks.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies prioritize patching a vulnerability in Langflow, a visual framework used for building AI agents. This flaw allows unauthorized access, making it easier for attackers to exploit systems that use Langflow. Agencies have until Friday to address this issue, as it is currently being actively exploited. The urgency of this directive emphasizes the critical nature of maintaining secure software environments, especially in federal operations where sensitive data may be at risk. By patching this vulnerability, agencies can protect themselves from potential breaches and unauthorized access to their systems.

Read Original

Ubiquiti has issued urgent security updates to address seven vulnerabilities in its UniFi OS, including a particularly severe flaw that could allow attackers to execute command injection attacks. This vulnerability is critical because it gives unauthorized users a way to run malicious commands on affected systems. The issue affects various Ubiquiti products that utilize UniFi OS, which is widely used in network management. Users and organizations that rely on these devices should prioritize applying the latest patches to protect their networks. Failure to update could leave systems exposed to potential attacks, putting sensitive data at risk.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. One of the most critical is CVE-2026-48282, a path traversal vulnerability in Adobe ColdFusion that could allow attackers to execute arbitrary code. This flaw has a maximum CVSS score of 10.0, indicating its severity. Additionally, vulnerabilities in Joomla and Langflow have also been flagged, though specific details about those flaws were not provided in the article. Organizations using affected products should prioritize applying patches and updates to mitigate these risks, as exploitation in the wild can lead to significant data breaches or system compromises.

Read Original

Spanish authorities have arrested a man believed to be involved with two pro-Russian hacktivist groups, CyberArmy of Russia Reborn (CARR) and Z-Pentest. The arrest is part of a broader effort to crack down on cyber activities linked to the ongoing geopolitical tensions involving Russia. These groups are known for their cyber operations that support Russian interests, which raises concerns about potential cyberattacks aimed at various targets. This incident highlights the increasing intersection of cybercrime and geopolitical conflicts, emphasizing the need for vigilance among individuals and organizations regarding their cybersecurity practices. As such groups continue to operate, their activities could pose risks to critical infrastructure and sensitive data across Europe and beyond.

Read Original
PreviousPage 4 of 60Next