Aggregator

Вчера они безжалостно топили друг друга ради контрактов, сегодня вместе готовится защищать справедливость.

Alleged Sale of 150,000 Patient Records From US Clinic Including SSNs, Diagnoses, and Medications

Rudd, who was confirmed 71-29 to serve as the “dual-hat” leader of the organizations, takes the reins as the U.S. faces mounting aggression in cyberspace from foreign adversaries at the same time the Trump administration has sought to shrink the size of the federal government.

A vulnerability has been found in gtsteffaniak filebrowser up to 1.2.1-stable/1.3.0-beta and classified as problematic. Affected is an unknown function of the file /public/share/. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2026-30934. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in nicolargo glances up to 4.5.0. This impacts the function normalize of the component TimescaleDB Export Module. The manipulation results in sql injection. This vulnerability is cataloged as CVE-2026-30930. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in nicolargo glances up to 4.5.0. This affects the function self.config.as_dict of the file /api/4/config of the component REST API Endpoint. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2026-30928. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Siemens SINEC Security Monitor up to 4.8.x. The impacted element is an unknown function. Executing a manipulation can lead to exposure of sensitive information through metadata. This vulnerability is tracked as CVE-2026-27661. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Siemens SICAM SIAPP SDK up to 2.1.6. The affected element is an unknown function. Performing a manipulation results in file inclusion. This vulnerability is identified as CVE-2026-25605. The attack is only possible with local access. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Siemens SICAM SIAPP SDK up to 2.1.6. Impacted is an unknown function. Such manipulation leads to file inclusion. This vulnerability is referenced as CVE-2026-25573. The attack can only be performed from a local environment. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in Siemens SIMATIC Drive Controller CPU 1504D TF, SIMATIC Drive Controller CPU 1507D TF, SIMATIC ET 200SP CPU 1510SP F-1 PN, SIMATIC ET 200SP CPU 1510SP-1 PN, SIMATIC ET 200SP CPU 1512SP F-1 PN, SIMATIC ET 200SP CPU 1512SP-1 PN, SIMATIC ET 200SP CPU 1514SP F-2 PN, SIMATIC ET 200SP CPU 1514SP-2 PN, SIMATIC ET 200SP CPU 1514SPT F-2 PN, SIMATIC ET 200SP CPU 1514SPT-2 PN, SIMATIC ET 200SP Open Controller CPU 1515SP PC, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 V2 CPUs, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 V3 CPUs, SIMATIC ET 200SP Open Controller CPU 1515SP PC3 V2 CPUs, SIMATIC ET 200SP Open Controller CPU 1515SP PC3 V3 CPUs, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513pro F-2 PN, SIMATIC S7-1500 CPU 1513pro-2 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN, DP, SIMATIC S7-1500 CPU 1516F-3 PN, SIMATIC S7-1500 CPU 1516pro F-2 PN, SIMATIC S7-1500 CPU 1516pro-2 PN, SIMATIC S7-1500 CPU 1516T-3 PN, SIMATIC S7-1500 CPU 1516TF-3 PN, SIMATIC S7-1500 CPU 1517-3 PN, SIMATIC S7-1500 CPU 1517F-3 PN, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517H-4 PN, SIMATIC S7-1500 CPU 1517T-3 PN, SIMATIC S7-1500 CPU 1517TF-3 PN, SIMATIC S7-1500 CPU 1518-3 PN, SIMATIC S7-1500 CPU 1518-4 PN, DP MFP, SIMATIC S7-1500 CPU 1518F-3 PN, SIMATIC S7-1500 CPU 1518F-4 PN, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-3 PN, SIMATIC S7-1500 CPU 1518T-4 PN, SIMATIC S7-1500 CPU 1518TF-3 PN, SIMATIC S7-1500 CPU 1518TF-4 PN, SIMATIC S7-1500 CPU S7-1518-4 PN, DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller CPU 1507S F V2, SIMATIC S7-1500 Software Controller CPU 1507S F V3, SIMATIC S7-1500 Software Controller CPU 1507S F V4, SIMATIC S7-1500 Software Controller CPU 1507S V2, SIMATIC S7-1500 Software Controller CPU 1507S V3, SIMATIC S7-1500 Software Controller CPU 1507S V4, SIMATIC S7-1500 Software Controller CPU 1508S F V2, SIMATIC S7-1500 Software Controller CPU 1508S F V3, SIMATIC S7-1500 Software Controller CPU 1508S F V4 and SIM. This issue affects some unknown processing of the component Trace File Handler. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2025-40943. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as problematic has been found in Siemens Heliox Flex 180 kW EV Charging Station and Heliox Mobile DC 40 kW EV Charging Station. This vulnerability affects unknown code. The manipulation results in improper restriction of communication channel to intended endpoints. This vulnerability was named CVE-2025-27769. An attack on the physical device is feasible. There is no available exploit. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Siemens SICAM SIAPP SDK up to 2.1.6. This affects an unknown part. The manipulation leads to improper handling of length parameter inconsistency. This vulnerability is uniquely identified as CVE-2026-25572. Local access is required to approach this attack. No exploit exists. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Siemens SICAM SIAPP SDK up to 2.1.6. Affected by this issue is some unknown functionality. Executing a manipulation can lead to improper handling of length parameter inconsistency. This vulnerability is handled as CVE-2026-25571. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Siemens SICAM SIAPP SDK up to 2.1.6. It has been rated as critical. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2026-25570. Attacking locally is a requirement. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Siemens SICAM SIAPP SDK up to 2.1.6. It has been declared as critical. Affected is an unknown function. Such manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2026-25569. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks.  The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology

Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" for hackers. The Problem: "The Invisible Employee" Think of an AI Agent like a new employee who has

A vulnerability was found in Uderzo SpaceSniffer 2.0.5.18. It has been classified as critical. This impacts an unknown function. This manipulation causes buffer overflow. This vulnerability appears as CVE-2026-26738. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in benkeen generatedata 4.0.14 and classified as problematic. This affects an unknown function. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-70025. The attack can be launched remotely. No exploit exists.

Закон об отключении интернета по требованию ФСБ заработал?