View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: PI Integrator Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Insertion of Sensitive Information into Sent Data 2. RISK EVALUATION Successful exploitation of these…
Category: EN
Santesoft Sante PACS Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Santesoft Equipment: Sante PACS Server Vulnerabilities: Path Traversal, Double Free, Cleartext Transmission of Sensitive Information, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could…
Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR, ULTRA G2 SE, iSTAR Edge G2 Vulnerabilities: OS Command Injection, Insufficient Verification of Data…
CISA Releases Seven Industrial Control Systems Advisories
CISA released seven Industrial Control Systems (ICS) advisories on August 12, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-224-01 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share ICSA-25-224-02 Johnson Controls iSTAR Ultra, iSTAR…
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show. “This latest wave of ShinyHunters-attributed…
Hacker Alleges Russian Government Role in Kaseya Cyber-Attack
In a new investigation launched at DEFCON 33, Analyst1’s Jon DiMaggio revealed probable Russian government involvement in the Kaseya attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacker Alleges Russian Government Role in Kaseya Cyber-Attack
ShinyHunters Claims BreachForums Seized by Law Enforcement, Now a Honeypot
The threat actor known as ShinyHunters has publicly disclosed what they claim is a covert seizure of BreachForums, a notorious online platform used for trading stolen data and discussing illicit hacking activities. According to ShinyHunters’ announcement, the forum’s core infrastructure,…
Claude can now process entire software projects in single request, Anthropic says
Anthropic’s Claude Sonnet 4 now supports a 1 million token context window, enabling AI to process entire codebases and complex documents in a single request—redefining software development and enterprise AI workflows. This article has been indexed from Security News |…
This new Arch Linux tool takes the hassle out of keeping packages up to date – here’s how
Meet Bumpbuddy, the Arch Linux app that tracks software releases from official repositories so you don’t have to – and it all happens automatically. This article has been indexed from Latest news Read the original article: This new Arch Linux…
SonicWall VPN Cyberattack Linked to Known Access Control Vulnerability
SonicWall identified under 40 security incidents and determined the access control problem was related to a vulnerability published last year. This article has been indexed from Security | TechRepublic Read the original article: SonicWall VPN Cyberattack Linked to Known Access…