Biztonsági szemle

Updates have been issued by CoreDNS to fix a high-severity flaw in its DNS-over-QUIC implementation, tracked as CVE-2025-47950, which could be exploited to disrupt DNS servers via stream amplification intrusions, GBHackers News reports.

Fortinet has moved to address 14 security vulnerabilities across several products as part of this month's Patch Tuesday, according to SecurityWeek.

Hackread reports that users of SinoTrack GPS trackers have been warned by the Cybersecurity and Infrastructure Security Agency regarding a pair of high-severity vulnerabilities within the SinoTrack IoT PC Platform, which could be exploited to...

Major European food delivery platform GonnaOrder had real-time order information from thousands of its customers inadvertently exposed by a Kafka Broker instance that has been unsecured since August 2022, reports Cybernews.

BleepingComputer reports that Pennsylvania-based property and casualty insurer Erie Insurance and its management firm Erie Indemnity Company have confirmed that outages impacting its customer portal and business operations stemmed from a...

Mount Rogers Community Services, a mental health, developmental disability, and substance use service provider in Virginia, was claimed to have its systems compromised by the INC Ransom ransomware-as-a-service operation, Cybernews reports.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.5 ATTENTION: Exploitable remotely Vendor: AVEVA Equipment: PI Web API Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disable...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

CISA released ten Industrial Control Systems (ICS) advisories on June 12, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-162-01 Siemens Tecnomatix Plant...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: PI Data Archive Vulnerabilities: Uncaught Exception, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of...