Security Bulletin

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: DataMosaix Private Cloud Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Dependency...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Improper Control of Generation of Code ('Code...

CISA released seven Industrial Control Systems (ICS) advisories on January 28, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-028-01 B&R Automation Runtime ICSA...

The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet.

Exodus is a well-known crypto wallet software[ 1] and, when you are popular, there are chances that attackers will target you! I already wrote a diary related to this application[ 2]. Yesterday, I found a new one that behaves differently. My previous...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The obfuscation method evades detection by several mobile security solutions.

New AI model seen as a competitor to OpenAI in the market for open-source machine learning models.

Malware writing is only one of several malicious activities for which the new, uncensored generative AI chatbot can be used.

The Apple iOS 18.3 update fixes 28 other vulnerabilities identified by the tech company, though there is little information on them.