#web

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique used

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely

Privacy left the chat. A misconfigured Kafka broker effectively undid the anonymity many users rely on.

Former GOP operative Scott Leiendecker just bought Dominion Voting Systems, giving him ownership of voting systems used in 27 states. Election experts don't know what to think.

Strapi uses JSON Web Tokens (JWT) for authentication. After logout or account deactivation, the JWT is not invalidated, which allows an attacker who has stolen or intercepted the token to freely reuse it until its expiration date (which is set to 30 days by default, but can be changed). The existence of /admin/renew-token endpoint allows anyone to renew near-expiration tokens indefinitely, further increasing the impact of this attack. This issue has been fixed in version 5.24.1.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash the application or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens Solid Edge SE2024: All versions < V224.0 Update 14 Siemens Solid Edge SE2025: All versions < V225.0 Update 6 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 The affected applications contain an out of bounds write vulnerability while parsing specia...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ArmorStart AOP Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Rockwell Automation products are affected: ArmorStart AOP: Version V2.05.07 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 Uncaught Exception CWE-248 A security issue exists within the Studio 5000 Logix Designer add-on profile (AOP) for the ArmorStart Classic distributed motor controller, resulting in a denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model (COM) methods. CVE-2025-9437 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). A CVS...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC ET 200SP Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access the configuration data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0): vers:intdot/<2.4.24 Siemens SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0): vers:intdot/<2.4.24 Siemens SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0): vers:intdot/<2.4.24 Siemens SIPLUS ET 200SP...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerability: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated low privileged attacker to insert malicious data and achieve privilege escalation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SINEC NMS: Versions prior to V4.0 SP1 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89 Affected a...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SiPass integrated Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Cross-site Scripting, Authorization Bypass Through User-Controlled Key, Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to gain unauthorized access to user accounts, manipulate data, impersonate users, or execute arbitrary code on the SiPass integrated server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SiP...