ICS Advisory: Hitachi Energy PCM600 Vulnerability Enables Path Traversal Risk Across Energy Sector Infrastructure Blogging
CISA KEV Update β Active Exploitation Confirmed in Linux Kernel Vulnerability (CVE-2026-31431) Blogging
CISA KEV UPDATE: ACTIVE EXPLOITATION CONFIRMED FOR CONNECTWISE SCREENCONNECT PATH TRAVERSAL AND MICROSOFT WINDOWS PROTECTION FAILURE Blogging
NSA GRASSMARLIN ICS ADVISORY: CVE-2026-6807 XML EXTERNAL ENTITY (XXE) EXPOSURE RISKS SENSITIVE DATA DISCLOSURE ACROSS CONTROL ENVIRONMENTS Blogging
ICS ALERT: Cybersecurity and Infrastructure Security Agency EXPANDS KNOWN EXPLOITED VULNERABILITIES CATALOG WITH FOUR ACTIVELY TARGETED FLAWS ACROSS ENTERPRISE AND NETWORK DEVICES Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency FLAGS AUTHENTICATION BYPASS IN SIEMENS SINEC NMS ENABLING UNAUTHORIZED NETWORK CONTROL ACCESS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES CERTIFICATE VALIDATION FAILURE IN SIEMENS ANALYTICS TOOLKIT ENABLING MAN-IN-THE-MIDDLE INTERCEPTION ACROSS INDUSTRIAL SYSTEMS Blogging
SIEMENS SICAM 8 EXPOSURE β MULTIPLE ICS VULNERABILITIES ENABLE DENIAL-OF-SERVICE CONDITIONS ACROSS POWER SYSTEM INFRASTRUCTURE Blogging
HITACHI ENERGY ELLIPSE RCE EXPOSURE β CRITICAL ICS VULNERABILITY ENABLES REMOTE EXECUTION VIA DESERIALIZATION FLAW Blogging
ACTIVE EXPLOITATION ALERT: GOOGLE DAWN USE-AFTER-FREE VULNERABILITY ENTERS FEDERAL PRIORITY INDEX Blogging
ICS MEDICAL THREAT ADVISORY: GRASSROOTS DICOM (GDCM) MEMORY HANDLING FLAW ENABLES DENIAL-OF-SERVICE VIA MALFORMED FILE PARSING Blogging
ACTIVE EXPLOITATION CONFIRMED β CISA ADDS LANGFLOW CODE INJECTION FLAW TO KEV CATALOG, SIGNALING IMMEDIATE RISK TO FEDERAL AND PRIVATE SYSTEMS Blogging
Active Exploitation Confirmed: Wing FTP Server Information Disclosure Vulnerability Added to KEV Catalog Active Exploitation
Active Exploitation Confirmed: Google Skia and Chromium V8 Vulnerabilities Added to Federal KEV Catalog Active Exploitation
