Hacktivists Hijinks: OpenPLC ScadaBR Vulnerability Sparks Cyber Chaos!

CISA has added a new flaw impacting OpenPLC ScadaBR to its Known Exploited Vulnerabilities catalog. The CVE-2021-26829 vulnerability allows hackers, like the pro-Russian group TwoNet, to exploit cross-site scripting flaws. It’s high time to patch up, folks, before your systems become more popular than a free lunch!

3P
Published: November 30, 2025 9:42 amAdded: November 30, 2025 at 2:11 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like TwoNet hackers are at it again, confusing honeypots for real targets and leaving behind more digital breadcrumbs than a messy eater with a loaf of bread. When will they learn that stealing from decoy water treatment facilities is like winning a fake lottery? No real prize but plenty of embarrassing headlines!

Key Points:

  • The CISA has updated its KEV catalog to include a flaw in OpenPLC ScadaBR, actively exploited by the pro-Russian group TwoNet.
  • TwoNet’s tactics include defacing systems and disabling logs, despite their focus on web applications instead of privilege escalation.
  • Federal agencies have a deadline of December 19, 2025, to patch up their defenses.
  • An OAST service has been linked to a long-running exploit operation targeting Brazil, leveraging Google Cloud infrastructure.
  • The attackers are using off-the-shelf tools like Nuclei for widespread internet exploitation.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?