Manufacturing

CISA Advisories Vulnerability Disclosure Mar 19

Schneider Electric EcoStruxure Automation Expert

View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure™ Automation Expert product. The EcoStruxure™ Automation Expert product is...

CISA Advisories →

CISA Advisories Vulnerability Disclosure Mar 17

Schneider Electric SCADAPack and RemoteConnect

View CSAF Summary Schneider Electric is aware of a vulnerability in its SCADAPack™ x70 RTU products. The SCADAPack™ 47xi, SCADAPack™ 47x and SCADAPack™ 57x p...

T1498

CISA Advisories →

Zero Day Initiative CVE Mar 16

ZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required t...

T1190 1 IOC

Zero Day Initiative →

Rapid7 Blog General Rapid7 Mar 12

Introducing Hacktics and Telemetry, a Podcast from Rapid7 Labs

If you spend your days building, shipping, defending, or fixing systems, you already know how this goes. A new technique shows up in a research thread, someo...

Rapid7 Blog →

CISA Advisories CVE Apple Fortinet Mar 12

Siemens RUGGEDCOM APE1808 Devices

View CSAF Summary Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.

4 IOCs

CISA Advisories →

Infosecurity Magazine Data Breach Mar 10

Ericsson Breach Exposes Data of 15k Employees and Customers

Ericsson data breach affects 15k employees/customers after third-party service provider compromise

Infosecurity Magazine →

Zero Day Initiative CVE Mar 6

ZDI-26-159: (Pwn2Own) Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Mar 6

ZDI-26-151: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required ...

T1190 1 IOC

Zero Day Initiative →

Infosecurity Magazine Supply Chain Mar 3

Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks

Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches

T1195

Infosecurity Magazine →

Trail of Bits General Linux Feb 25

mquire: Linux memory forensics without external dependencies

If you’ve ever done Linux memory forensics, you know the frustration: without debug symbols that match the exact kernel version, you’re stuck. These symbols ...

T1598

Trail of Bits →

Infosecurity Magazine Malware Feb 23

Shai-Hulud-Like Worm Targets Developers via npm and AI Tools

Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers

Infosecurity Magazine →

Infosecurity Magazine Campaigns Feb 19

Industrial-Scale Fake Coretax Apps Drive $2m Fraud in Indonesia

Fraud campaign exploiting Indonesia’s Coretax resulted in $1.

Infosecurity Magazine →

Infosecurity Magazine Operational Technology Feb 19

Industrial Control System Vulnerabilities Hit Record Highs

Forescout paper reveals ICS advisories hit a record 508 in 2025

Infosecurity Magazine →

Infosecurity Magazine TTPs Feb 17

Low-Skilled Cybercriminals Use AI to Perform "Vibe Extortion" Attacks

Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics

Infosecurity Magazine →

Infosecurity Magazine Ransomware Feb 17

Significant Rise in Ransomware Attacks Targeting Industrial Operations

Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments

Infosecurity Magazine →

Palo Alto Networks Supply Chain Palo Alto Networks Feb 17

2026 Unit 42 Global Incident Response Report — Attacks Now 4x Faster

Attackers are leveraging identity, AI, and supply chain exposure. Unit 42's Global 2026 IR Report reveals faster, broader, harder-to-contain threats.

Palo Alto Networks →

Infosecurity Magazine General Feb 13

Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third

G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk

Infosecurity Magazine →

Kaspersky Securelist Phishing Feb 11

Spam and phishing in 2025

The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lu...

T1566

Kaspersky Securelist →

Infosecurity Magazine Supply Chain Amazon Feb 4

Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover at...

T1195

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Docker Feb 3

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

T1041

Infosecurity Magazine →