Security Bulletin

By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage.

Kelly Benefits, a Maryland-based benefits administration and payroll solutions provider, has confirmed that almost 264,000 individuals served by its customers Amergis, CareFirst, Beam Benefits, Intercon Truck of Baltimore, Beltway Companies, The...

Danny Jenkins founded ThreatLocker to revolutionize endpoint security by implementing comprehensive zero-trust controls and blocking software by default, challenging the traditional cybersecurity approach.

Picking over code doesn’t guarantee problem-free software. Only automated scans that analyze first- and third-party code can provide the total visibility required to comply with the CRA and other new digital-security regulations.

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: iSTAR Configuration Utility (ICU) Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Planet Technology Equipment: Planet Technology Network Products Vulnerabilities: Improper Neutralization of Special Elements used in an OS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: ALBEDO Telecom Equipment: Net.Time - PTP/NTP clock Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Nice Equipment: Linear eMerge E3 Vulnerability: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum Vulnerabilities: Trust Boundary Violation...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vestel Equipment: AC Charger Vulnerability: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION...

CISA released seven Industrial Control Systems (ICS) advisories on April 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-114-01 Schneider Electric Modicon...