Latest News

A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. "Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia," Silent Push said in a report shared with The

Ramat Gan, Israel, 25th March 2025, CyberNewsWire

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inaba Denki Sangyo Co., Ltd. Equipment: CHOCO TEI WATCHER mini Vulnerabilities: Use of Client-Side Authentication, Storing Passwords in a Recoverable Format, Weak Password Requirements, Direct Request ('Forced Browsing') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain the product's login password, gain unauthorized access, tamper with product's data, and/or modify product settings. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of CHOCO TEI WATCHER are affected: CHOCO TEI WATCHER mini (IB-MCT001): All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF CLIENT-SIDE AUTHENTICATION CWE-603 The affected product is vulnerable to a use of client-side authentication vulnerability, which may allow an attacker to obtain the product's login password without authentication. CVE-2025-24517 has been assigned to this vulnerabil...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: RMC-100 Vulnerability: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the web UI, causing a temporary denial of service until the interface can be restarted. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following products are affected when the REST interface is enabled: RMC-100: Versions 2105457-036 to 2105457-044 RMC-100 LITE: Versions 2106229-010 to 2106229-016 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPERLY CONTROLLED MODIFICATION OF OBJECT PROTOTYPE ATTRIBUTES ('PROTOTYPE POLLUTION') CWE-1321 A vulnerability exists in the web UI (REST interface) included in the product versions listed above. An attacker could exploit the vulnerability by sending a specially crafted message to the w...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Verve Asset Manager Vulnerability: Improper Validation of Specified Type of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following versions of Verve Asset Manager are affected: Verve Asset Manager: Versions 1.39 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER VALIDATION OF SPECIFIED TYPE OF INPUT CWE-1287 A vulnerability exists in the affected product due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Active Directory Interface (ADI) capability (deprecated since the 1.36 release) allows users to change a variable with inadequate sanitizing. If exploited, it could allo...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: High attack complexity Vendor: Rockwell Automation Equipment: 440G TLS-Z Vulnerability: Improper Neutralization of Special Elements in Output Used by a Downstream Component 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take over the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following products are affected by a vulnerability because they use STMicroelectronics STM32L4 devices: 440G TLS-Z: Version v6.001 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIIZATION OF SPECIAL ELEMENTS IN OUTPUT USED BY A DOWNSTREAM COMPONENT CWE-74 A local code execution vulnerability exists in the STMicroelectronics STM32L4 devices due to having incorrect access controls. The affected product utilizes the STMicroelectronics STM32L4 device and because of the vulnerability, a threat actor could reverse protections that control access to the JTAG interface. If exploited, ...

Cybercriminals exploit AbyssWorker driver to disable EDR systems, deploying MEDUSA ransomware with revoked certificates for stealthy attacks.

A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia. The cybersecurity company is tracking the activity under the name Weaver Ant, describing the threat actor as stealthy and highly persistent. The name of the telecom provider was not

Organizations now use an average of 112 SaaS applications—a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that’s just one major SaaS provider.

Google has admitted it accidentally deleted some Maps Timeline user data after what it calls a "technical issue".