The National Institute of Standards and Technology (NIST) is adjusting how it manages the volume of Common Vulnerabilities and Exposures (CVE) by focusing on enriching entries that meet specific criteria. This means that not all CVEs will automatically receive additional information or context, particularly those that do not fulfill these new standards. The change aims to streamline the process and ensure that critical vulnerabilities, especially those included in the Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) list, are prioritized for updates. This is significant for organizations that rely on NVD resources to stay informed about potential security risks. By refining the enrichment process, NIST hopes to enhance the quality of information available to cybersecurity professionals and help them better protect their systems.
Articles tagged "Critical"
Found 548 articles
Cisco has released patches for critical vulnerabilities found in its Webex and Identity Services Engine (ISE) products. These flaws could allow attackers to exploit the systems remotely, potentially impersonating users or executing unauthorized commands on the operating system. This poses a significant risk to organizations using these platforms, as it could lead to unauthorized access and data breaches. Users of Webex and ISE should prioritize applying these updates to safeguard their systems and data against potential attacks. Keeping software up to date is crucial in maintaining cybersecurity hygiene.
CERT-UA has reported a significant cyber campaign by the threat actor known as UAC-0247, targeting Ukrainian clinics and government bodies. This operation, which took place between March and April 2026, involved the use of malware designed to steal sensitive data from Chromium browsers and WhatsApp. The affected entities include municipal healthcare facilities, such as emergency hospitals and clinics, which are critical for public health. This cyber attack not only threatens the privacy of individuals seeking medical care but also poses risks to the operational integrity of essential services in Ukraine. As the conflict in Ukraine continues, the expansion of such cyber operations raises alarms about the security of public institutions and personal data in the region.
Ukraine's Computer Emergencies Response Team (CERT-UA) has reported a new malware campaign targeting government and healthcare institutions, particularly clinics and emergency hospitals. This campaign, which took place between March and April, focuses on stealing sensitive data from users of Chromium-based web browsers and WhatsApp. The attackers are believed to be exploiting vulnerabilities to deliver this data-theft malware, raising concerns about the security of critical health information and government data. With healthcare systems already strained, this type of cyberattack poses significant risks not only to patient privacy but also to the overall functioning of essential services in Ukraine. The ongoing conflict and instability in the region make this situation particularly alarming, as attackers may aim to cause further disruption.
BleepingComputer
Researchers have discovered a new type of malware called 'AgingFly' that has been used in attacks targeting Ukrainian government agencies and hospitals. This malware is designed to steal authentication data from users of Chromium-based browsers and WhatsApp messenger, posing a significant risk to sensitive information. The attacks raise concerns about the security of critical infrastructure and public services, especially in a region already facing geopolitical tensions. As cybercriminals continue to evolve their tactics, it's crucial for organizations to enhance their defenses against such threats. Users are advised to be vigilant and consider updating their security practices to protect against potential data breaches.
A serious vulnerability has been discovered in nginx-ui, which could allow attackers to manipulate NGINX configuration files. This flaw has a near-maximum severity rating, meaning it poses a significant risk to users of the software. Attackers can exploit this weakness to restart, create, modify, or delete configuration files, potentially disrupting web services and compromising server security. This vulnerability affects anyone using nginx-ui, making it crucial for system administrators to take action. The situation is urgent as it could lead to unauthorized access and control over server configurations.
The National Institute of Standards and Technology (NIST) is narrowing its focus on analyzing Common Vulnerabilities and Exposures (CVE) due to the increasing number of vulnerabilities reported. Moving forward, NIST will concentrate its efforts on vulnerabilities found in critical software, systems utilized by the federal government, and those that are currently being exploited. This shift aims to streamline the analysis process and ensure that resources are allocated to the most pressing security issues. As the volume of vulnerabilities continues to rise, this change reflects a need for more targeted and efficient management of cybersecurity threats. It’s important for organizations and government entities to stay informed about these critical vulnerabilities to protect their systems effectively.
Security Affairs
CVE-2026-33032A severe vulnerability in nginx-ui, identified as CVE-2026-33032, is currently being exploited by attackers. This flaw allows unauthorized users to bypass authentication and gain complete control of Nginx servers, posing a significant risk to organizations using this web server technology. The vulnerability is linked to inadequate protection of the /mcp_message endpoint, which can be exploited without any prior authentication. With a CVSS score of 9.8, it is crucial for users to take immediate action to secure their systems. Organizations should prioritize patching their Nginx installations to mitigate this serious threat.
SCM feed for Latest
A recent global study by Economist Impact and Telstra International has revealed a significant gap in how organizations respond to major disruptions. The research found that only 25% of companies can effectively implement their plans during crises, indicating that the issues stem more from poor governance and lack of coordination rather than technology failures. This gap in execution could leave many enterprises vulnerable during critical events, highlighting the need for better strategies and collaboration among stakeholders. Addressing these governance issues is essential for improving overall digital resilience and ensuring that organizations can withstand future challenges effectively.
Sweden has publicly attributed a cyberattack on its energy infrastructure to a pro-Russian group, marking the first acknowledgment of this incident. The attack specifically targeted a heating plant located in western Sweden, raising concerns about the security of critical energy systems in the country. The disclosure comes amid heightened tensions in Europe, where cyber threats have been increasingly linked to geopolitical conflicts. This incident highlights the potential vulnerabilities of essential services and the need for robust cybersecurity measures to protect against state-sponsored attacks. The Swedish government is likely to increase its focus on defending against similar threats in the future.
Experts are warning that the arrival of quantum computers could pose significant risks to current cybersecurity systems. As quantum technology advances, it may undermine the cryptographic methods that protect sensitive data today. This transition to a quantum-safe environment is expected to be a lengthy process, potentially taking years and may never be fully achieved. Organizations are urged to start preparing now to mitigate these risks before quantum computers become mainstream. The implications are serious: if not addressed, quantum computing could expose critical information and infrastructure to new vulnerabilities.
Infosecurity Magazine
A serious security flaw has been identified in the nginx-ui MCP, specifically an authentication bypass vulnerability tracked as CVE-2026-33032. This vulnerability has a high severity score of 9.8 on the CVSS scale and is currently being exploited in the wild, making it a pressing concern for users and organizations running affected versions. Attackers could potentially gain unauthorized access to systems using this flaw, which poses significant risks to data integrity and confidentiality. It's crucial for system administrators to take immediate action to protect their environments from these attacks. Timely updates and security patches are essential to mitigate the risks associated with this vulnerability.
The Hacker News
CVE-2026-33032A serious vulnerability, identified as CVE-2026-33032, has been discovered in nginx-ui, a management tool for Nginx servers. This flaw allows attackers to bypass authentication, potentially giving them full control of the Nginx service. Dubbed MCPwn by Pluto Security, the vulnerability has a CVSS score of 9.8, indicating its critical nature. Users of nginx-ui are at risk, as the flaw is currently being actively exploited in the wild. It's crucial for affected organizations to take immediate action to secure their systems and prevent unauthorized access.
A report detailing the state of cybersecurity threats to industrial automation systems in Q4 2025 reveals concerning trends in malware and infection vectors. Researchers identified various types of malware that are increasingly targeting these systems, affecting industries across different regions. The report emphasizes that many organizations remain vulnerable due to outdated security measures and a lack of awareness about emerging threats. This situation puts critical infrastructure at risk, potentially leading to operational disruptions and safety hazards. Companies are urged to enhance their cybersecurity protocols and invest in better defenses to protect against these sophisticated attacks.
Fortinet has addressed serious vulnerabilities in its FortiSandbox product that could allow attackers to bypass authentication and execute arbitrary commands through HTTP requests. These flaws pose a significant risk, as they could lead to unauthorized access and control over affected systems. Users of FortiSandbox should prioritize applying the patches released by Fortinet to protect their environments. The vulnerabilities highlight the ongoing need for vigilance in cybersecurity practices, especially for companies using Fortinet's security solutions. Timely updates and patches are crucial in preventing potential exploitation of these weaknesses.