UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor based on...
6-day and IP Address Certificates are Generally Available
Short-lived and IP address certificates are now generally available from Let’s Encrypt. These certificates are valid for 160 hours, just over six days. In...
Stealthy CastleLoader Malware Attacking US Government Agencies and Critical Infrastructure
A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure organizations. First identified in...
This WhatsApp Link Can Hand Over Your Account in Seconds
A sophisticated phishing campaign impersonating WhatsApp Web uses fake meeting links and QR codes to hijack accounts and enable real-time surveillance.
The post This WhatsApp...
Output from vibe coding tools prone to critical security flaws, study finds
Popular vibe coding platforms consistently generate insecure code in response to common programming prompts, including creating vulnerabilities rated as ‘critical,’...
Criminal Subscription Service Behind AI-Powered Cyber-Attacks Taken Out By Microsoft
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions - Read more
Texas judge throws out second lawsuit over CrowdStrike outage
A US judge has dismissed a lawsuit filed by CrowdStrike shareholders over the July 2024 outage that caused widespread disruption around the world. ...
Sicarii Ransomware: Truth vs Myth
Key findings
Sicarii is a newly observed RaaS operation that surfaced in late 2025 and has only published 1 claimed victim. The group explicitly brands itself...
Reducing Cloud Chaos: Rapid7 Partners with ARMO to Deliver Cloud Runtime Security
Rapid7 has partnered with ARMO, a leader in cloud infrastructure and application security based on runtime data, to offer Cloud Runtime Security. The new...
Siemens TeleControl Server Basic
View CSAF
Summary
TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges....
Latest article
AWS completes the second GDV community audit with participant insurers in Germany
We’re excited to announce that Amazon Web Services (AWS) has completed its second GDV (German Insurance Association) community audit with 36 members...
Iranian Cyber Ops Maintain US Network Footholds, Target Cameras for Regional Surveillance
Iran’s cyber operations took a sharp turn in early 2026, with state-linked threat actors quietly embedding themselves inside US and Canadian networks while also...
Digital IDs edge closer to practical reality for UK businesses
Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of...
Siemens SICAM SIAPP SDK
View CSAF
Summary
The SICAM SIAPP SDK contains multiple vulnerabilities that could allow an attacker to disrupt the customer-developed SIAPP or its simulation environment. Potential impacts...
