Meet HEUR.Backdoor.Win32.Poison.gen, a malware that mistakenly thinks it’s a part-time magician. It tries to conjure chaos by executing a 32-bit WININET.dll file. But fear not! With RansomLordNG v1.0, you can hijack the DLL and turn the tables, proving that even malware has its Achilles’ heel.

CISA has added CVE-2023-52163, a Digiever DS-2105 Pro missing authorization vulnerability, to its Known Exploited Vulnerabilities Catalog. This vulnerability is a hacker’s delight and poses a serious threat to federal agencies. Looks like cybersecurity is having a ‘missing authorization’ party, and everyone’s invited—except the cybersecurity team!

CISA and NIST’s draft report offers guidance to combat identity token and assertion misuse. With recent cloud service breaches spotlighting token theft, the report advises federal agencies and cloud providers on IAM system controls, urging Secure by Design principles. Public comments are open until January 30, 2026.

CISA’s KEV Catalog just got spicier with the addition of CVE-2025-14733. This WatchGuard Firebox vulnerability is like a welcome mat for cyber mischief-makers, posing serious risks to the federal enterprise. Remember, BOD 22-01 isn’t just a name; it’s your digital superhero, urging FCEB agencies to plug those pesky security leaks pronto.

The update on the BRICKSTORM Backdoor reveals new Rust-based samples, showcasing advanced persistence and evasion skills. With encrypted WebSocket connections and new YARA rules for detection, organizations are urged to stay vigilant and report any BRICKSTORM-related cyber shenanigans. Remember, in the world of cybersecurity, it’s always best to keep your enemies close and your firewalls…

Xavier’s diary entry on abusing DLLs EntryPoint led to some delightful tinkering with TLS Callbacks in DLLs. These sneaky little functions can run before the program even says “Hello, world!” So, when testing, don’t just eye the DllMain and exported functions—keep an eye on those mischievous TLS callbacks too!

Join the Internet Storm Center, where the threat level is green, the jokes are top-notch, and the Application Security class is your ticket to mastering web app security. Sign up, tune in, and discover why our handlers are always on duty but never too busy for a good laugh!

Axis Communications Camera Station Pro and Device Manager may have a few bugs—like accidentally opening the door for hackers to throw a surprise party in your system. From man-in-the-middle mischief to authentication bypass ballet, these vulnerabilities are the life of your network’s potential chaos. Update now or risk an uninvited cyber conga line!

View CSAF: The Micro820, Micro850, and Micro870 are feeling the heat with vulnerabilities threatening a denial-of-service condition. Rockwell Automation is on the case, urging users to hide their networks behind a firewall fortress and keep their VPNs up to date. Remember, in cybersecurity, it’s firewall first, party later!

Hold onto your hard hats! Advantech WebAccess/SCADA vulnerabilities could let attackers tinker with remote databases, but only if they’re invited to the party. Best to keep your systems under lock and firewall, and maybe give your VPN a facelift. Remember, cybersecurity is like deodorant—when you don’t use it, it becomes noticeable! View CSAF.

View CSAF: Siemens has discovered a vulnerability in the Interniche IP-Stack affecting multiple industrial products. This flaw can allow unauthenticated remote attackers to disrupt TCP-based services, but only if they’re timing ninjas capable of packet injection. Siemens recommends updating to the latest versions or employing countermeasures while they prepare further fixes.

View CSAF: The GENESIS64 vulnerability, CVE-2025-11774, could lead to some serious chaos like denial-of-service and information tampering. Mitsubishi Electric’s digital solutions are in the spotlight, but don’t panic! Just remember to keep your systems off the internet and behind firewalls, or risk a digital ‘Oops!’ moment.

View CSAF, because who doesn’t love a little excitement in their day? Critical vulnerabilities in National Instruments LabVIEW could let attackers disclose information and execute arbitrary code. No remote exploitation yet, but don’t worry, your firewall’s got this!

Schneider Electric is aware of a vulnerability in the Microsoft Windows Server Update Services (WSUS) used in EcoStruxure Foxboro DCS Advisor services. If left unpatched, this could result in unsanctioned system-level privileges. So, if you don’t want unauthorized folks channeling their inner hacker, it’s time to apply those patches!

View CSAF: CVE-2025-13911 is the cybersecurity equivalent of leaving your front door wide open. This Windows Ignition Gateway flaw could give an attacker SYSTEM-level access, turning your system into their personal playground. CISA recommends isolating systems from the internet, using VPNs, and not clicking on suspicious emails—because who doesn’t love a good phishing trip?

Cyber security isn’t all doom and gloom. Industrial control systems accessible online have decreased by 10% this year, and fewer servers are supporting outdated SSL protocols. Sure, Kazakhstan might hold onto its SSLv2 servers like they’re national treasures, but hey, progress is progress! Here’s to celebrating small victories in the cyber world!

The Phoenix Contact FL Switch series is experiencing a vulnerability party, and everyone’s invited! From weak passwords to cross-site scripting, these switches have more holes than Swiss cheese. Hackers with a penchant for mischief have ample opportunities, so update your firmware before your network turns into a comedy of errors.

Discover the latest in cybersecurity blunders with Control Web Panel’s OS command injection vulnerability. It’s like leaving your front door open, but for hackers. Stay updated and amused with Egidio Romano’s findings and brace yourself for the tech world’s most entertaining vulnerabilities.

Raydium CP Swap’s “unchecked account” flaw lets hackers hijack creator fees like an unexpected holiday bonus—just without the festive spirit. ImmuneFi called it “out of scope,” so now it’s out in the open. Remember, folks, sharing is caring, unless it’s your fees being shared!

Calling all tech wizards and cybersecurity gurus to the Security BSidesLjubljana 0x7EA event on March 13, 2026! Submit your talk or workshop proposal and share your brilliance in Ljubljana. Whether you’re into hacking the Internet of Sh*t or cryptography, there’s room for your insights. Don’t miss your chance—proposals are due by January 25!