Security Bulletin

Cork Protocol, a decentralized finance platform, was estimated to have lost almost $12.1 million worth of Ethereum following an attack on Wednesday, according to The Record, a news site by cybersecurity firm Recorded Future.

Cybernews reports that international Protestant Christian church and charitable organization Salvation Army was claimed to have been compromised by the Chaos ransomware gang.

Information from 38,000 University of Chicago Medicine Medical Group patients has been pilfered following a breach of third-party debt collection agency Nationwide Recovery Services last July, reports CBS News Chicago.

Major data brokerage firm LexisNexis Risk Solutions had information from over 364,000 individuals stolen following a Christmas cyberattack against GitHub, which the company uses for software development, according to TechCrunch.

Cisco Secure Access - DNS Defense is a seamless pathway to our Universal ZTNA solution. Learn how it works in the blog.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Consilium Safety Equipment: CS5000 Fire Panel Vulnerabilities: Initialization of a Resource with an Insecure Default, Use of Hard-coded...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Instantel Equipment: Micromate Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this...

CISA released five Industrial Control Systems (ICS) advisories on May 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-148-01 Siemens SiPass ICSA-25-148-02...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.