#ios

Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances. The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it "after local Administrator credentials were

# Command Injection in adb-mcp MCP Server The MCP Server at https://github.com/srmorete/adb-mcp is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server is also published publicly to npm at www.npmjs.com/package/adb-mcp and allows users to install it. ## Vulnerable tool The MCP Server defines the function `executeAdbCommand()` which executes commands via string as a parameter and wraps the promise-based `exec` function. The MCP Server then exposes the tool `inspect_ui` which relies on Node.js child process API `exec` (through the function wrapper) to execute the Android debugging command (`adb`). Relying on `exec` is an unsafe and vulnerable API if concatenated with untrusted user input. Data flows from the tool definition [here](https://github.com/srmorete/adb-mcp/blob/master/src/index.ts#L334-L343) which takes in `args.device` and calls `execPromise()` in [this definiti...

## Overview Omni and each Talos machine establish a peer-to-peer (P2P) SideroLink connection using WireGuard to mutually authenticate and authorize access. In this setup, Omni assigns a random IPv6 address to each Talos machine from a `/64` network block. Omni itself uses the fixed `::1` address within that same block. From Omni's perspective, this is a WireGuard interface with multiple peers, where each peer corresponds to a Talos machine. The WireGuard interface on Omni is configured to ensure that the **source IP address** of an incoming packet matches the IPv6 address assigned to the Talos peer. However, it **performs no validation on the packet's destination address**. The Talos end of the SideroLink connection cannot be considered a trusted environment. Workloads running on Kubernetes, especially those configured with host networking, could gain direct access to this link. Therefore, a malicious workload could theoretically send arbitrary packets over the SideroLink interface...

What happens when you bring in a team of cybersecurity responders? How do we turn chaos into control, and what is the long-term value that Talos IR provides to the organizations we work with?

Malwarebytes for Teams now includes personal VPN to encrypt your traffic and broaden your access across the web.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: SESU Vulnerability: Improper Link Resolution Before File Access ('Link Following') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to write arbitrary data to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system information or persistent denial of service when a low-privileged attacker tampers with the installation folder. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: Schneider Electric SESU: <3.0.12 Schneider Electric SESU installed on Schneider Electric BESS ANSI: SESU versions prior to 3.0.12 Schneider Electric SESU installed on Schneider Electric Easergy MiCOM P30: SESU versions prior to 3.0.12 Schneider Electric SESU installed on Schneider Electric Easergy MiCOM P40: SESU ve...

Travel Mode not only hides your most sensitive data—it acts as if that data never existed in the first place.

Big companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over five years, Bank of America has shed 88,000 employees since 2010, and Verizon's CEO recently boasted that headcount is "going down all the time." What was once a sign of corporate distress has become a badge of honor, with executives celebrating lean operations and AI-driven

Been invited to report a scam to the FBI? Beware of fake versions of the IC3 website—they lead straight back to the scammers.

## Summary Users can use special syntax to inject javascript code in their profile biography field. Although there was sanitization in place, it did not cover all possible scenarios ## Description When embedding information in the `Biography` field, even if that field is not rich-text, users could inject javascript code that would run in the context of the website and to any other user that can view the profile including administrators and/or superusers.