Amazon EMR Secret Agent had a slight identity crisis, accidentally letting users peek at Kerberos credentials in the /tmp/ directory. But fear not! A fix is in, banishing those secrets to more secure pastures in Amazon EMR 7.5 and above. Time to upgrade before your secrets become small talk!

CISA’s new guidance on OT asset inventories and taxonomies is like organizing your sock drawer—only with more acronyms and fewer missing socks. By categorizing and maintaining their critical assets, organizations can improve cybersecurity and incident response, ensuring their systems run smoother than a well-oiled machine.

CVE-2017-11882, the Microsoft Office vulnerability that refuses to retire, is still causing headaches. Attackers are exploiting it to spread malware, like a VIPKeyLogger, through seemingly innocuous files. Despite Microsoft’s attempts to make life difficult for macro miscreants, this old vulnerability is the gift that keeps on giving—for cybercriminals.

Join the Internet Storm Center’s “Application Security: Securing Web Apps, APIs, and Microservices” class in Las Vegas from September 22-27, 2025. Learn how to protect your digital kingdom while enjoying the city’s neon lights. Sign up now, because what happens in Vegas… stays secured with you!

Muddled Libra is not your typical cybercrime group; it’s more like a chaotic potluck of cybercriminals with a fluid membership. Each strike team brings unique skills to the table, targeting everything from cryptocurrency to intellectual property. Their unpredictability can puzzle security pros, but understanding their tactics is key to staying one step ahead.

This month’s Microsoft patch update features 111 vulnerabilities, including 17 critical ones that could make your system as secure as a screen door on a submarine. Users are urged to patch immediately, especially for the Windows Graphics Component Remote Code Execution Vulnerability to avoid unauthorized code execution. Stay safe, or you might be the next…

CISA has added three new vulnerabilities to its KEV Catalog, a favorite target list for cyber villains. While the directive applies to FCEB agencies, CISA encourages everyone to treat KEV Catalog vulnerabilities as VIPs—Very Important Patches—to dodge digital disasters. Stay patched, stay safe!

Security researchers uncovered an AWS CodeBuild issue that allows code tampering if repository controls are weak. A threat actor could exploit a Pull Request to hijack access tokens and commit malicious code. AWS advises against automatic PR builds from untrusted contributors to avoid this CodeBuild conundrum.

If you’re running the Sante PACS Server, it’s time to update faster than a caffeinated coder. With vulnerabilities like path traversal and cross-site scripting, your data might be more exposed than a sunbather at a nudist beach. View CSAF to avoid being the punchline of a cybersecurity joke.

View CSAF: Beware of cyber scoundrels! AVEVA’s PI Integrator has vulnerabilities that could let a cheeky hacker execute files or snoop on sensitive info. To avoid digital mischief, upgrade to a secure version and review user permissions. Remember, prevention is better than an unwelcome cyber surprise!

In the latest episode of “Cybersecurity Gone Wild,” Schneider Electric’s EcoStruxure Power Monitoring Expert has been found with vulnerabilities like server-side request forgery, path traversal, and more. These flaws allow remote attackers to channel their inner James Bond, reading files and accessing internal services. Adjust your firewall settings; it’s going to be a bumpy ride!

View CSAF: Johnson Controls’ iSTAR door controllers are more vulnerable than a piñata at a kid’s party. With risks like OS Command Injection and default credentials, attackers might just waltz in. Updating to firmware 6.9.3 is like giving your security a cup of coffee—suddenly, it’s alert and ready!

Attention, Ashlar-Vellum users! Before your Cobalt, Xenon, Argon, Lithium, or Cobalt Share goes rogue, update your software to version 12.6.1204.204, or risk an out-of-bounds adventure. The vulnerabilities could allow attackers to execute arbitrary code. View CSAF for a thrilling look at how these bugs could turn your devices into uninvited performers.

CISA released seven ICS advisories on August 12, 2025, unveiling the latest security issues and vulnerabilities. Users and administrators are urged to review these advisories for essential technical details and mitigations. In other news, hackers are now offering a free side of fries with every system breach—how considerate!

Kigen’s eUICC cards face a new security hiccup, where “custom backdoor” sounds like an exclusive club for bugs! Whether it’s a sneaky firmware issue or a secret agent backdoor, Kigen’s response is still MIA. Security Explorations is on the case, urging customers to double-check those secret keys!

PlayReady Activation protocol is having an identity crisis! With weak authentication and fake client identities, it’s like a masquerade ball gone wrong. Microsoft, your PlayReady service might need a little identity counseling before it ends up in the security hall of shame.

Join Johannes Ullrich for a deep dive into securing web apps in Vegas, September 2025. It’s like a security buffet for hackers, but you’ll be the one holding the tongs. Don’t miss the chance to learn from the best at the Internet Storm Center!

JetBrains TeamCity pre-2023.11.4 has a critical authentication bypass vulnerability (CVE-2024-27198). This flaw could allow attackers to perform administrative actions, possibly leading to a “Oops, I did it again” moment for your server. So, update before someone else “administers” your TeamCity!

ServiceNow Platform contains an input validation vulnerability, CVE-2024-4879, affecting Vancouver, Washington DC, and Utah releases. This flaw allows unauthenticated remote code execution. The risk is as high as a programmer’s caffeine bill, with potential for complete system compromise, data exfiltration, and service disruption. Update now before it’s too late!

Ghost CMS < 5.59.1 has a vulnerability allowing authenticated users to upload symlink files for arbitrary file reads. This means Ghost CMS users can now explore files they shouldn't, like digital archaeologists, all thanks to this vulnerability. Who knew CMS could stand for "Content Mischief System"?