The National Security Agency (NSA) has released new guidelines aimed at helping organizations implement Zero Trust security models effectively. This approach focuses on minimizing trust assumptions within networks, requiring strict verification for every user and device attempting to access resources. The guidelines are designed for organizations looking to reach a target-level maturity in their Zero Trust practices, which is increasingly important as cyber threats evolve. By adopting these recommendations, companies can better protect their sensitive data and systems from unauthorized access. This is particularly relevant for sectors handling critical infrastructure or sensitive information.
Articles tagged "Critical"
Found 914 articles
Hackread – Cybersecurity News, Data Breaches, AI, and More
Ivanti has reported two serious vulnerabilities in its Endpoint Manager Mobile (EPMM) software, identified as CVE-2026-1281 and CVE-2026-1340. These flaws allow remote code execution, meaning attackers could potentially take control of affected systems without needing physical access. The company warns that these vulnerabilities are currently being actively exploited, putting users at risk. Organizations using EPMM should prioritize applying the necessary security updates to safeguard their systems. Failure to address these vulnerabilities could lead to significant security breaches, affecting both the integrity of user data and the overall security posture of the organization.
SecurityWeek
Poland's Computer Emergency Response Team (CERT) has reported a serious cyberattack on the country's energy facilities. The attack involved the exploitation of default credentials in industrial control systems (ICS), which allowed attackers to gain unauthorized access and cause significant disruptions. This incident raises concerns about the security of critical infrastructure, particularly as it highlights the risks associated with using default login information. The targeted energy facilities are crucial for Poland's power supply, and any breach in their security can have widespread implications for both the economy and public safety. The report also suggests that this attack may be part of a broader trend of cyber threats aimed at critical infrastructure worldwide.
Japan and Britain are stepping up their collaboration on cybersecurity and the supply of critical minerals in response to growing concerns over China's influence in the region. This partnership aims to enhance both countries' resilience against potential cyber threats and secure essential resources that are vital for technology and defense sectors. The agreement comes amid increasing geopolitical tensions and highlights the need for nations to work together to protect their infrastructure and supply chains. By sharing expertise and resources, Japan and Britain aim to bolster their defenses and ensure a stable supply of critical minerals, which are crucial for various industries, including electronics and renewable energy.
Security Affairs
The latest edition of the Security Affairs newsletter covers several significant cybersecurity developments. Notably, the Department of Justice has released information about a skilled hacker allegedly working for Jeffrey Epstein, raising concerns about the implications of such associations for cybersecurity. Additionally, cyberattacks have disrupted communication systems at Wind and Solar companies, highlighting vulnerabilities in critical infrastructure. These incidents underscore the ongoing risks that hackers pose to both individuals and organizations, particularly in sectors that are essential for energy generation and distribution. As these stories unfold, they serve as a reminder for companies to enhance their security measures and for users to remain vigilant against potential threats.
Security Affairs
On December 29, 2025, Poland experienced a wave of cyberattacks that targeted more than 30 wind and solar farms, a manufacturing facility, and a significant combined heat and power (CHP) plant. This CHP plant is crucial as it supplies heat to nearly 500,000 residents. CERT Polska reported that these coordinated attacks disrupted operations, raising concerns about the security of renewable energy sources and critical infrastructure. The impact of these attacks could have far-reaching consequences, not only affecting energy supply but also potentially leading to economic losses and undermining public trust in energy providers. As the world moves towards greener energy solutions, safeguarding these facilities from cyber threats is increasingly important.
According to Government Technology, the number of recorded data breaches soared to 3,322 last year, marking the highest level ever documented. Alarmingly, about 70% of the breach notices lacked essential details about the incidents, leaving users and stakeholders in the dark about the nature of the breaches and the extent of the data compromised. This lack of transparency is concerning, as it prevents affected individuals from understanding their risks and taking necessary precautions. The surge in breaches indicates a growing vulnerability landscape, which raises questions about the effectiveness of current security measures across various sectors. As organizations continue to face increasing cyber threats, the need for clearer communication and accountability in breach disclosures becomes ever more critical.
OpenSSL has patched 12 vulnerabilities, including a critical remote code execution (RCE) flaw that poses a significant risk to users. These vulnerabilities mainly arise from issues related to memory safety, parsing robustness, and resource handling. Affected products include various versions of OpenSSL, which is widely used across different platforms and applications. This is particularly concerning for organizations that rely on OpenSSL for secure communications, as attackers could exploit these flaws to gain unauthorized access or control over systems. Users and administrators are urged to apply the latest patches to mitigate these risks and protect their systems from potential exploitation.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidance focusing on insider threats, which pose a serious risk to organizations, particularly within critical infrastructure sectors. CISA emphasizes the need for organizations to form multi-disciplinary teams to effectively manage these threats. This guidance comes amid growing concerns about the potential misuse of artificial intelligence by insiders. By providing an infographic, CISA aims to help organizations understand how to better identify and mitigate these risks, ensuring a more secure operational environment. This is crucial as insider threats can lead to significant data breaches and operational disruption, affecting not only the organizations themselves but also the broader public they serve.
The Biden administration has decided to repeal two memorandums that set software security requirements for federal agencies. This move has been described as a way to reduce what the White House calls 'burdensome' regulations. While the memorandums are no longer in effect, some of the resources they provided can still be accessed by government organizations. The decision raises concerns about the overall security of software used by federal agencies, as these rules were designed to enhance security practices in software development and procurement. The implications of this change could affect how government entities approach software security moving forward, potentially leading to vulnerabilities in critical systems.
SmarterTools has released patches for two vulnerabilities in its SmarterMail email software, one of which is classified as critical. This flaw, identified as CVE-2026-24423, has a CVSS score of 9.3 and could allow attackers to execute arbitrary code on systems running affected versions of SmarterMail. Users of SmarterMail versions prior to build 9511 are particularly at risk. It's crucial for organizations using this software to update immediately to protect against potential exploitation. The existence of such a high-severity vulnerability underscores the importance of regular software updates and vigilance in cybersecurity practices.
A recent cyberattack linked to Russian hackers, specifically the Sandworm/Electrum group, has targeted the Polish power grid, affecting communication and control systems at 30 different sites. As a result of this intrusion, several Industrial Control Systems (ICS) devices have been rendered inoperable, or 'bricked.' This incident raises concerns not only about the immediate impact on Poland's energy infrastructure but also about the broader implications for critical infrastructure security across Europe. The attack reflects ongoing tensions in the region and highlights vulnerabilities in essential services that could have far-reaching consequences if exploited further.
Ivanti has released patches for two critical vulnerabilities in its EPMM (Enterprise Mobile Management) software that could let attackers execute arbitrary code remotely without authentication. These vulnerabilities are serious because they can be exploited by anyone with internet access to take control of affected systems. Organizations using the EPMM platform should prioritize applying these updates to prevent potential breaches. The vulnerabilities were discovered to be actively exploited in the wild, which means companies are at risk if they do not take immediate action. This incident underscores the need for regular software updates and vigilance in cybersecurity practices.
Ivanti has revealed two serious vulnerabilities in its Endpoint Manager Mobile (EPMM) software, identified as CVE-2026-1281 and CVE-2026-1340. These vulnerabilities are currently being exploited in zero-day attacks, meaning attackers have already taken advantage of them before any fix was made available. Organizations using EPMM are at risk, as these flaws could allow unauthorized access to sensitive mobile device management functions. The situation is urgent, as the vulnerabilities are actively being exploited in the wild, which could lead to data breaches or unauthorized control over managed devices. Users and companies are advised to monitor for updates and take immediate action to secure their systems.
Recent vulnerabilities have been discovered in n8n, a widely used AI automation platform. These flaws could allow attackers to take control of servers and steal sensitive user credentials. This poses a significant risk to businesses that rely on n8n for automating workflows and managing data. If exploited, these vulnerabilities could lead to unauthorized access and data breaches, potentially impacting customer trust and company reputation. Users of n8n should take immediate action to secure their systems and monitor for any suspicious activity.