An unpatched Shelly Pro 4PM could have you seeing red with a denial-of-service condition! Due to unchecked input bounds, your smart switch might just outsmart itself by rebooting. While Shelly’s ghosting CISA, users should update past version 1.6 to avoid the technical equivalent of a toddler’s tantrum. View CSAF for more details.

View CSAF: Schneider Electric’s EcoStruxure Machine SCADA Expert and Pro-face BLUE Open Studio are caught in a tango with a broken cryptographic algorithm. With a CVSS v4 score of 8.3, this vulnerability could turn confidentiality into an open secret. Patch up with 2023.1 Patch 1 or risk a cybersecurity punchline you won’t find funny!

KongTuke, also known as LandUpdate808, uses fake CAPTCHA pages to trick users with a ClickFix-style lure. This crafty tactic hijacks the clipboard, leading victims into running a malicious PowerShell script. Remember, folks, not all CAPTCHAs are created equal—some just want you to solve the riddle of infection!

The Time to Ransomware (TTR) for this intrusion was about 178 hours, spanning nine days. That’s faster than most people finish reading a novel! It all started with an RDP login using compromised credentials, leading to a whirlwind of lateral movement, credential juggling, and a ransomware finale.

When Xavier tried decoding a string using numbers-to-hex.py, he ended up with a smiley face instead of POWERSHELL. Classic! Turns out, binary numeric expressions like 79+1 threw a wrench in the works. After a quick update, Didier Stevens’ tool can now handle these pesky expressions, saving smiles for emojis.

In the world of cyber antics, finger.exe is the retired athlete making a comeback in ClickFix attacks. This vintage UNIX command, now a Windows classic, fetches malicious scripts like a dog retrieves a frisbee. Remember, if your corporate network is a fortress of proxies, finger.exe will have a tough time getting through.

Get ready for a sleigh ride through cyberland! The SANS Holiday Hack Challenge 2025 is here, promising festive fun and brain-boggling puzzles. It’s like eggnog for your neurons, minus the calories. Dive in and unwrap the challenges before Santa does!

Our honeypots are buzzing with exploit attempts for CVE-2025-64446, creating new admin users faster than you can say “cybersecurity breach.” It’s like hackers are hosting their own admin party, and everyone’s invited—except you!

The rise of impersonation at scale is a persistent threat to Chinese-speaking users. Hackers, capitalizing on popular software, have taken brand impersonation to an art form with campaigns that evolved from simple droppers to complex multi-stage infection chains. So, if your “Youdao” download suddenly speaks Parseltongue, you might want to double-check its origins.

CISA has raised the alarm on the CVE-2025-64446 vulnerability in Fortinet FortiWeb, a relative path traversal bug. This digital gremlin could let uninvited guests run administrative commands. Fortinet suggests upgrading faster than your morning coffee brews. Remember, folks, prevention is the best firewall against chaos!

CISA has added CVE-2025-64446 to its Known Exploited Vulnerabilities Catalog. This Fortinet FortiWeb Path Traversal Vulnerability is a cybercriminal’s dream come true, posing a significant risk to federal enterprises. Remember, in cybersecurity, ignoring alerts is like leaving your front door open while shouting, “Free cookies inside!”

The Mozilla Foundation has squashed some pesky bugs in Thunderbird 145. While email scripting is safely out of bounds, these vulnerabilities might have been a browser’s worst nightmare. Rest easy, though, because Thunderbird’s got your back.

Ever seen a Microsoft Office document that acts like Russian dolls? Thanks to crafty hackers, malicious RTF files are now hiding inside OOXML documents. It’s like malware inception, but with more coding and fewer dreamscapes. The Equation Editor exploit is alive and kicking, proving that some exploits just refuse to retire gracefully.

Full Disclosure mailing list gets a dose of drama as users debate the authenticity of the “Glass Cage” zero-click iMessage exploit. While some claim it’s AI-generated fluff, others are left scratching their heads. Is it a true tech threat or just another case of cyber smoke and mirrors? Stay tuned!

Apple’s Compressor 4.11.1 update is here to save the day like a digital superhero, addressing a security flaw that could let unauthorized users run wild with arbitrary code. Remember, even your software needs a little TLC now and then! Get the update on the App Store and keep your network safe and sound.

PrinterLogic’s vulnerabilities are multiplying faster than rabbits! With 83 issues, it’s almost like their printers have decided to redefine “print overload.” Dive into the chaos as Pierre Kim uncovers the latest CVEs, proving that sometimes the scariest jams aren’t paper-related.

When the Internet Storm Center says the threat level is green, it’s basically telling you to keep calm and carry on scrolling. But don’t get too comfy—Xavier Mertens is on duty, ensuring your next online adventure isn’t a stormy mess.

CISA has announced it will stop updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most current information, users should consult Siemens’ ProductCERT Security Advisories. Keep an eye out for those sneaky DLL hijackers trying to crash the Siemens party!

CISA has stopped updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the latest scoop on these digital hiccups, your best bet is Siemens’ ProductCERT Security Advisories. Because hey, who doesn’t love a little scavenger hunt for cybersecurity updates?

CISA has decided to retire from updating Siemens product vulnerabilities, passing the torch to Siemens’ ProductCERT Security Advisories. For now, Siemens COMOS users should brace themselves—vulnerabilities could allow attackers to execute arbitrary code or perform data infiltration. Remember, when in doubt, update to version 10.4.5.