CTEK Chargeportal
View CSAF Summary Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable chargin...
Transportation
20 articles
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, accord...
2025 Year in Review: Malicious, Infrastructure
Explore Insikt Group’s 2025 Malicious Infrastructure Report. Gain insights into Cobalt Strike, Vidar infostealers, and AI-driven threats to secure your 2026 ...
The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report
The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk.
CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root
The Qualys Threat Research Unit has identified a Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24....
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environment...
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversar...
Help on the line: How a Microsoft Teams support call led to compromise
A DART investigation into a Microsoft Teams voice phishing attack shows how deception and trusted tools can enable identity-led intrusions and how to stop th...
Rapid7 Guidance on Observed Microsoft Teams Phishing Campaigns
The Rapid7 MDR team is currently monitoring an increase in phishing campaigns where threat actors (TAs) impersonate internal IT departments via Microsoft Tea...
The AI Doomsday Clock: When AI Becomes a Business Dependency, Not a Tool
Most conversations about AI in business start with the wrong question of “Can AI do the job?” It is entirely the wrong place to start.
ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...
2025 Identity Threat Landscape Report: Inside the Infostealer Economy: Credential Threats in 2025
Recorded Future's 2025 Identity Threat Landscape Report analyzes hundreds of millions of compromised credentials to reveal how infostealer malware is evolvin...
Deploy AWS applications and access AWS accounts across multiple Regions with IAM Identity Center
If your organization relies on AWS IAM Identity Center for workforce access, you can now extend that access across multiple AWS Regions with multi-Region rep...
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 2, 2026 to March 8, 2026)
Last week, there were 201 vulnerabilities disclosed in 84 WordPress Plugins and 107 WordPress Themes that have been added to the Wordfence Intelligence Vulne...
Siemens SIMATIC
View CSAF Summary SIMATIC S7-1500 devices contain a vulnerability that could allow an attacker to inject code by tricking a legitimate user into importing a ...
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis.
Iran’s Cyber Playbook in the Escalating Regional Conflict
Following our recent published advisories, this publication is intended to outline a summary of the cyber activities associated with the tension. Based on th...
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025
AWS European Sovereign Cloud achieves first compliance milestone: SOC 2 and C5 reports plus seven ISO certifications
In January 2026, we announced the general availability of the AWS European Sovereign Cloud, a new, independent cloud for Europe entirely located within the E...
Security is a team sport: AWS at RSAC 2026 Conference
The RSAC 2026 Conference brings together thousands of professionals, practitioners, vendors, and associations to discuss issues covering the entire spectrum ...