Category: Uncategorized

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control Summary Claroty Team 82 disclosed two critical vulnerabilities in Red Lion Sixnet RTUs — CVE-2023-42770 (authentication…

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access Summary Cybersecurity researchers have confirmed active exploitation of a critical command injection bug in ICTBroadcast (CVE-2025-2611, CVSS 9.3).…

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login Summary SAP has issued fixes for 13 security issues in its October 2025 patch cycle, including a maximum-severity insecure…

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year Summary ReliaQuest attributes a long-running compromise of a public-facing ArcGIS server to the China-linked activity group Flax Typhoon (aka…

RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing Summary Researchers at ETH Zürich disclosed a flaw called RMPocalypse that allows a single 8-byte write to the Reverse Map Paging…

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions Summary Researchers from Berkeley, Washington, UC San Diego and Carnegie Mellon have discovered “Pixnapping” — a pixel‑stealing side‑channel…

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in ‘Zero Disco’ Attacks Summary Researchers from Trend Micro have detailed “Operation Zero Disco”, a campaign that exploited CVE-2025-20352 (CVSS 7.7) —…

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack Summary The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-54253 — a maximum-severity (CVSS…

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion Summary F5 disclosed that an unidentified, “highly sophisticated nation-state” threat actor breached its systems and exfiltrated files containing…