News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
CubeSpace CW0057 Reaction Wheel
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious firmware to the device. Why it matters: This matters …Read brief - Brief
Gardyn IoT Hub
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control IoT Hub managed devices. Why it matters: This …Read brief - Brief
ST Engineering iDirect iQ-Series Terminals
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to device information or cause a denial-of-service …Read brief - Brief
CISA Adds One Known Exploited Vulnerability to Catalog
Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
CISA Announces New Advisory Council to Strengthen Partnerships and Secure Critical Infrastructure
Summary: CISA Announces New Advisory Council to Strengthen Partnerships and Secure Critical Infrastructure Why it matters: This matters if it changes how teams think about model …Read brief - Brief
EDPB and AMLA to develop Joint Guidelines on partnerships for information sharing
Summary: Brussels/Frankfurt, 1 July – The EDPB and the Anti-Money Laundering Authority (AMLA) are working together to bring greater clarity to a question of growing importance for …Read brief - Brief
Delta Electronics DVP12SE PLC
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to remotely issue commands, modify operational values, interfere with control …Read brief - Brief
Frangoteam FUXA SCADA/HMI
Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to enumerate all user accounts and role assignments on a …Read brief - Brief
Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow a local attacker to tamper with or destroy information in the affected product, cause a …Read brief - Brief
OFFIS DCMTK Toolkit
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to write files, access unauthorized information, exhaust memory, or crash …Read brief - Brief
Schneider Electric EcoStruxure IT Data Center Expert
Summary: View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure™ IT Data Center Expert. Why it matters: This matters if it changes how teams think …Read brief - Brief
StoneFly Storage Concentrator
Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to gain broad unauthorized access, execute arbitrary commands with root …Read brief - Brief
XZ Utils vulnerability impacting B&R Products
Summary: View CSAF Summary An update is available that resolves vulnerability in the product versions listed as affected in the advisory. Why it matters: This matters if it changes …Read brief - Brief
CISA Adds One Known Exploited Vulnerability to Catalog
Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Why it matters: This matters if it …Read brief - Brief
SEC, CFTC Seek Public Comment on the Harmonization of Portfolio Margining Frameworks
Summary: The Securities and Exchange Commission and the Commodity Futures Trading Commission today issued a joint request for public comment on potential approaches to further …Read brief