Patch Now: Attackers Target OT Networks via Critical RCE Flaw
Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development.
Even after their zero-day vulnerability turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to patch Output Messenger.
A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads.
Creo Elements/Direct License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.
In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.
Monitoring platform is trusted by Cisco, Savannah River Nuclear Solutions, and others in CISA's critical infrastructure Sectors, say Synopsys researchers.
Users urged to apply updates to FortiOS SSL-VPN after attackers may have leveraged a recently discovered vulnerability in attacks against government, manufacturing, and critical infrastructure organizations.