CISA has updated its Known Exploited Vulnerabilities Catalog with two new threats, the Wazuh Server Deserialization and WebDAV vulnerabilities. These vulnerabilities are like candy for cyber villains, posing serious risks to the federal enterprise. Federal agencies must patch these vulnerabilities pronto to keep the bad guys at bay!

In a plot twist worthy of a medical drama, DICOM Viewer is caught in the act of out-of-bounds writing! This vulnerability could let cyber villains execute arbitrary code. MicroDicom prescribes an upgrade to version 2025.3 or later—because nobody wants their software writing its own script!

View CSAF: Hitachi Energy’s Relion and SAM600-IO series have a vulnerability that could let attackers decrypt data in transit. It’s like letting hackers eavesdrop on your data’s juicy secrets! The company suggests updates and some solid cyber hygiene, like not letting your firewall take a vacation.

View CSAF: SinoTrack devices are having a GPS (Great Password Shortage). With a default password that everyone knows, your device is as secure as a screen door on a submarine! Attackers could track your car or cut the fuel pump. Time to change that password from “password123” to “notmypassword123”!

CISA dropped four new ICS advisories, revealing the latest security vulnerabilities and exploits. The agency urges techies to dive into these updates like they’re the latest episode of a binge-worthy series.

In a twist that’s more predictable than a soap opera plot, the demo version of INDAMED Medical Office software is vulnerable to local privilege escalation and default credentials. Who knew managing a medical practice could come with a side of cybersecurity drama?

The Full Disclosure mailing list reveals a zero-click iMessage exploit chain, CVE-2025-31200 and CVE-2025-31201, affecting iOS 18.2 to 18.4. It allowed Secure Enclave key theft, wormable RCE, and crypto theft. Despite Apple’s quiet patch, this disclosure aims for transparency, resisting suppression while ensuring user awareness.

Join the Internet Storm Center as we delve into the digital wilds! With threat levels at a soothing green, it’s the perfect time to brush up on Application Security: Securing Web Apps, APIs, and Microservices. Sign up for our Washington class from July 14th to 19th, 2025, and keep your code squeaky clean.

CISA’s Known Exploited Vulnerabilities Catalog just got two new members: an Erlang/OTP SSH server vulnerability and a RoundCube Webmail cross-site scripting flaw. These vulnerabilities are like the sneaky ninjas of the cyber world, poised to strike federal networks unless dealt with swiftly.

Join the TLDR InfoSec mailing list and dive into the world of OctoSQL! Discover how this speedy CLI tool turns nerdy data aggregation into a breeze, even if patience isn’t your virtue. From Qualcomm vulnerabilities to EPSS scores, it’s a data lover’s paradise with OctoSQL at the helm.

AWS Identity and Access Management (IAM) Roles Anywhere service lets non-human identities authenticate with digital certificates, ditching those pesky access keys. But beware! Default settings can be surprisingly permissive, leaving your cloud wide open for unwanted guests. So, before your data throws a house party, set up those access controls properly!

TightVNC 2.8.83 is under the spotlight for its Control Pipe Manipulation exploit. Disarmingly charming with its potential to wreak havoc, this exploit can play the role of a mischief-maker, letting you control commands and decrypt passwords. Remember, just because you can, doesn’t mean you should!

ProSSHD 1.2 20090726 may suffer from a Denial of Service (DoS) flaw, highlighted by its vulnerability to a payload of 500 “A” characters. Tested on Windows XP, it’s a hacker’s delight and an IT admin’s nightmare. Keep your ProSSHD patched, or you might be in for a world of digital hurt.

In a plot twist worthy of a spy thriller, the Windows 11 vulnerability CVE-2025-24076 allows low-privileged users to ascend to SYSTEM-level status. All it takes is a cleverly swapped DLL and a curious click on “Mobile devices” settings. Microsoft might be thinking, “Who needs hackers when you have user interaction?”

Laravel Pulse versions below 1.3.1 suffer from a hilarious vulnerability: they allow anyone with a knack for mischief to inject arbitrary code via the `remember()` method. This could lead to remote code execution or data exfiltration. So, patch up before your server ends up doing stand-up comedy routines without your permission!

Join Russ McRee, the handler on duty at the Internet Storm Center, as he keeps the threat level at a serene green. Get ready for his next class on Application Security in Washington this July, where you’ll learn to secure web apps, APIs, and microservices. Think of it as a summer camp, but for your…

Xavier’s diary entry on a sneaky PNG image got me thinking, so I gave my pngdump.py a makeover. Now it can unearth hidden treasures—or, in this case, a suspicious payload. This PNG file has 11 items, with one being a surprise guest: mysterious data appearing after the IEND chunk!

Blitz malware takes center stage in a digital drama, with its downloader and bot acting as the sneaky protagonists. This Windows-based malware, distributed through backdoored game cheats, even has a sidekick—a cryptocurrency miner. Hugging Face Spaces unwittingly plays host to Blitz’s antics, proving that even AI platforms aren’t safe from malware’s comedic villainy.

Join us at the Internet Storm Center for an insightful journey through cyberspace! With our upcoming class on securing web applications, APIs, and microservices, you’ll learn to outsmart hackers before they can say “SQL injection.” Sign up today and transform your cybersecurity skills from zero to hero with our expert guidance!

DShield honeypot changes are here, but don’t panic! Most users won’t need to lift a finger, except maybe to update a script or two. The new web honeypot now collects POST data, opening a treasure trove of data opportunities. Just remember, with great data comes great responsibility… to manage those log files!