VulnHub

OpenSSL has patched 12 vulnerabilities, including a high-severity flaw that allows remote code execution. This vulnerability was identified by a cybersecurity firm and poses significant risks for users and organizations relying on OpenSSL for secure communications. Attackers could exploit this flaw to execute arbitrary code on affected systems, potentially compromising sensitive data and operations. Users and organizations should prioritize applying the latest updates to safeguard their systems against potential attacks. The patch addresses critical issues that could affect a wide range of applications and services leveraging OpenSSL, making timely remediation essential.

The CERT Coordination Center has launched the CERT UEFI Parser, an open-source tool designed to help cybersecurity researchers analyze Unified Extensible Firmware Interface (UEFI) software. This tool aims to simplify the examination of UEFI code, making it easier to identify various types of vulnerabilities that can be challenging to detect. By applying program analysis techniques, the parser extracts architectural details that can reveal security weaknesses within UEFI firmware. This initiative is particularly important as UEFI is critical in the boot process of modern devices, and vulnerabilities in this area can lead to serious security risks. The tool is available through the Software Engineering Institute at Carnegie Mellon University, marking a significant step forward in UEFI security research.

A newly discovered flaw in telnet servers exposes vulnerabilities in many legacy systems and Internet of Things (IoT) devices still using this outdated protocol for remote access. Despite telnet being largely replaced by more secure options, it remains in use across hundreds of thousands of devices, making them susceptible to potential attacks. Researchers have pointed out that this forgotten attack surface could allow unauthorized access to sensitive systems, putting data and operations at risk. Organizations relying on these systems need to assess their use of telnet and consider transitioning to more secure protocols to mitigate these risks. This situation underscores the importance of keeping security practices updated, even for older technologies that may still be in operation.

Researchers have discovered a critical vulnerability in the vm2 library, a popular Node.js sandbox used to execute untrusted code. This security flaw, identified as CVE-2026-22709, enables attackers to escape the sandbox environment and execute arbitrary code on the host system. This poses a significant risk to applications that rely on this library for secure code execution. Developers using vm2 should take immediate action to protect their systems, as the implications could lead to unauthorized access and control over sensitive data. It's crucial for users to stay informed about this vulnerability and implement necessary safeguards to prevent exploitation.

Poland successfully thwarted a cyberattack involving Russian wiper malware aimed at its power and heating plants. This incident, which could have led to significant outages during the winter months, was detected and blocked by Polish officials before any damage occurred. The government has responded by tightening cybersecurity regulations to bolster defenses against potential future attacks. This incident underscores the ongoing tensions between Poland and Russia, particularly regarding cybersecurity threats to critical infrastructure. The prevention of this attack is crucial for maintaining energy stability during colder months, which could have severe implications for public safety and the economy.

Researchers from SEC Consult have identified over 20 vulnerabilities in Dormakaba's physical access control systems, specifically those using the exos 9300 platform. These flaws could allow attackers to remotely unlock doors at major organizations, posing a significant security risk. The vulnerabilities are serious enough that they could be exploited to gain unauthorized access to sensitive areas within facilities. Organizations using Dormakaba systems should prioritize applying any patches or updates provided by the vendor to mitigate these risks. This discovery raises concerns about the security of physical access controls, which are essential for protecting sensitive locations.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a guide aimed at helping federal agencies transition to post-quantum encryption. The guide serves as a 'shopping list' for tech buyers looking to upgrade their systems to protect against potential threats posed by quantum computing. However, many security professionals are skeptical, noting that most existing products and internet protocols are still not ready for this transition. This raises concerns about the overall preparedness of agencies to defend against future quantum attacks. As quantum technology advances, the need for updated encryption methods becomes increasingly urgent, making this guide a critical resource for agencies planning their cybersecurity strategies.

Researchers have linked a failed cyberattack on Poland's power grid to the Russian hacking group Sandworm, known for its disruptive wiper attacks on critical infrastructure. This incident marks a significant concern for national security, as it highlights the ongoing threat posed by state-sponsored actors targeting essential services. While the attack did not succeed, it raises alarms about the resilience of power systems and the potential for future incidents that could disrupt energy supplies. As countries like Poland continue to face increasing cyber threats, the need for robust cybersecurity measures becomes even more pressing to protect vital infrastructure from malicious actors.

Poland recently thwarted a cyberattack aimed at its energy infrastructure, attributed to suspected Russian hackers. The attack occurred on December 29 and 30, 2025, targeting two combined heat and power plants and a system that manages electricity from renewable sources like wind and solar. Fortunately, the malware designed to wipe data failed to execute its intended damage. This incident emphasizes the ongoing risks that critical infrastructure faces from cyber threats, particularly from state-sponsored actors, and highlights the importance of robust cybersecurity measures in the energy sector to protect against such attacks in the future.