Security Explorations faced a Google Firebase hosting suspension, accused of “malware distribution.” The irony? It’s a decade-old code Google once approved. The solution? A simple project reinitiation—a handy bypass! It seems Google’s suspension tactics need a little debugging themselves. Meanwhile, the world missed out on crucial eSIM security insights.

In “The Golden Scale: Bling Libra and the Evolving Extortion Economy,” Scattered LAPSUS$ Hunters are on a roll—or, a scroll—of data theft extortion via Telegram. With a new extortion-as-a-service program, these cybercriminals are redefining “customer service” in the digital age. Time for companies to buckle up and brace for some unexpected “customer” feedback!

Step into the world of application security and learn to protect web apps, APIs, and microservices like a digital superhero. Join us in Dallas from December 1st to 6th, 2025, for a class that’s more exciting than a hacker’s worst nightmare. Secure your spot now—your future self will thank you!

CISA’s Known Exploited Vulnerabilities Catalog just got five new entries, like a bad sequel nobody asked for. These vulnerabilities are the cyber equivalent of leaving your front door wide open, inviting malicious actors in for coffee and data theft. Time to lock up before the hackers RSVP!

Many online services and websites are experiencing chaos due to an AWS outage. It’s like a digital “snow day” where everyone’s stuck without the internet, questioning their life choices. Meanwhile, Xavier Mertens, the handler on duty, reports a threat level of green.

This weekend’s malware discovery features a “simple” Python script dropper with a twist: direct use of syscall obfuscation technique! It’s like finding a magician who skips the wand and goes straight for the rabbit. This proof-of-concept targets Linux systems with a Base64 payload that encrypts files using a 1-byte XOR key.

Discover the hilariously named “Phoenix Contact QUINT4 UPS” vulnerabilities. Yes, even uninterruptible power supplies need a little humor in their security updates!

A CWE-601 Open Redirect vulnerability on apis.google.com has been exploited in phishing attacks since September 2025. Attackers are redirecting unsuspecting users to malicious sites using the “__lu” parameter. Google, consider this a gentle nudge—or a not-so-gentle shove—to fix your open redirects!

Mercku routers, specifically the M6a model, have critical vulnerabilities allowing remote code execution with minimal effort. From hidden Telnet backdoors to eternal sessions, these issues make routers as secure as a screen door on a submarine. Immediate action is needed to prevent home networks from becoming digital Swiss cheese.

TikTok videos promising free Photoshop are more viral than your cat’s last dance clip. But beware: these videos are actually promoting a social engineering attack. They lure victims to execute malicious PowerShell code, leading to malware downloads. Remember, if it sounds too good to be true, it’s probably malware. Stay safe!

F5 disclosed a long-term cyber compromise by a nation-state actor, targeting its BIG-IP suite. Attackers stole sensitive source code and vulnerability details, potentially paving the way for swift exploitation. With over 600,000 instances exposed online, it’s a cyber thriller where BIG-IP plays a starring role in a high-stakes digital heist.

View CSAF: Hitachi Energy’s MACH GWS is facing vulnerabilities of epic proportions, including incorrect default permissions and improper certificate validation. A cyber villain could remotely wreak havoc by tampering with system files or launching man-in-the-middle attacks. But fear not! Hitachi Energy suggests upgrading to Version 3.5 and practicing robust cybersecurity.

CISA will stop updating ICS security advisories for Siemens products beyond the initial advisory. For the latest on Siemens product vulnerabilities, consult Siemens’ ProductCERT Security Advisories. Remember, a secure network is like a good joke—if everyone gets it, it’s not secure. Stay updated and keep your devices safe!

As of January 10, 2023, CISA will stop updating ICS security advisories for Siemens product vulnerabilities. For the freshest scoop on vulnerabilities, head over to Siemens’ ProductCERT Security Advisories. Stay secure, stay updated, and don’t let your guard down—because nothing says “I love surprises” like a remote attacker!

CISA is done updating ICS security advisories for Siemens product vulnerabilities—think of it as an early retirement plan for advisories. For updates, check Siemens’ ProductCERT Security Advisories. Siemens’ SINEC NMS had a vulnerability that could allow for a low-privileged attacker to escalate privileges through SQL injection. Time to update to V4.0 SP1!

CISA will stop updating Siemens product vulnerabilities, leaving you to navigate the digital jungle alone. The Siemens ProductCERT Security Advisories are your new map. Keep your SIMATIC ET 200SP safe by updating it frequently, and remember, only trust IP addresses that don’t look suspiciously like your neighbor’s cat.

Siemens’ SiPass integrated system needs a security makeover. With vulnerabilities like improper memory buffer restrictions and cross-site scripting, an unauthorized attacker might feel like a kid in a candy store. Siemens advises updating to version 3.0 or later—because who wants to be stuck in a time loop of security risks?

Siemens Solid Edge vulnerabilities are giving hackers a chance to crash the party—and your application! These out-of-bounds write and read issues could let attackers crash your app or execute arbitrary code. Siemens advises updating your software and avoiding dodgy PRT files. Remember, when in doubt, throw it out!

View CSAF: Warning! Rockwell Automation’s ArmorStart AOP is vulnerable to an uncaught exception, potentially causing a denial-of-service. With a CVSS v4 score of 8.7, it’s like giving hackers a fast pass to mischief land. No fix yet, so channel your inner cybersecurity ninja and follow best practices to keep the gremlins at bay.

Behold the “FactoryTalk ViewPoint” vulnerability, where XML external entity injection could lead to a denial-of-service. Unauthenticated attackers are having a field day! Rockwell Automation suggests upgrading, while CISA recommends network security measures. Who knew XML could wreak such havoc? View CSAF for all the riveting details.