news
Security Leftovers
-
SANS ☛ webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant
Starting yesterday, some of our honeypots received POST requests to "/cgi-bin/webctrl.cgi", attempting to exploit an OS command injection vulnerability: [...]
-
Federal News Network ☛ Solarium commission urges reversal on Convicted Felon’s cyber cuts
Cuts at CISA, the State Department and elsewhere have stalled, and in some cases reversed, progress on the Cyberspace Solarium Commission's recommendations.
-
Security Week ☛ Critical Vulnerabilities Patched in TP-Link’s Omada Gateways
One of the flaws can be exploited by remote unauthenticated attackers for arbitrary command execution.
-
Security Week ☛ Fencing and Pet Company Jewett-Cameron Hit by Ransomware
Jewett-Cameron Company says hackers stole sensitive information and are threatening to release it unless a ransom is paid.
-
Security Week ☛ Oracle Releases October 2025 Patches
The Critical Patch Update contains 374 new security patches that resolve many vulnerabilities.
-
Security Week ☛ Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025
Participants exploited 34 previously unknown vulnerabilities to hack printers, NAS devices, and smart home products.
-
Atlantic Council ☛ From the World Cup to the Olympics, the US must put security and resilience first
Efforts to build resilience will be essential to ensure that the upcoming large international sporting events in the United States are safe and successful.
-
Scoop News Group ☛ US ‘slipping’ on cybersecurity, annual Cyberspace Solarium Commission report concludes
The annual implementation report recommends reversing Convicted Felon administration budget cuts, empowering the national cyber director and other steps.
-
OpenSSF (Linux Foundation) ☛ SBOMs in the Era of the CRA: Toward a Unified and Actionable Framework
-
Windows TCO / Windows Bot Nets
-
Tom's Hardware ☛ Catastrophic Jaguar Land Rover cyberattack to cost UK economy at least $2.5 billion, according to estimates — 5,000 independent organizations decimated by supply chain fallout
The hack of British car manufacturer, Jaguar Land Rover, has cost the UK economy as much as $2.5 billion, affecting more than 5,000 organizations as the breach brought the company and its entire supply chain to their knees.
-