Offensive Sequence

🔒 CVE-2025-8231: D-Link DIR-890L (≤111b04) hit by HIGH severity vuln—hard-coded creds in UART port. Exploitable with physical access; legacy devices, no patch. Replace & secure hardware! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #DLink #IoTSecurity

BeyondMachines :verified:

Indian Organ Retrieval Banking Organisation exposes organ donor information

The Organ Retrieval Banking Organisation (ORBO) website, managed by AIIMS New Delhi, exposed sensitive information of nationwide organ donors through a website vulnerability discovered in mid-May 2025, allowing unauthorized access to comprehensive personal data including medical profiles, identity documents, and contact details.

****
#cybersecurity #infosec #incident #vulnerability
beyondmachines.net/event_detai

Indian Organ Retrieval Banking Organisation exposes organ donor information

The Organ Retrieval Banking Organisation (ORBO) website,…

BeyondMachines
BeyondMachines :verified:

Multiple vulnerabilities reported in Tridium Niagara Framework

Researchers discovered 10 critical vulnerabilities (CVE-2025-3936 through CVE-2025-3945) in Tridium's widely-deployed Niagara Framework, an IoT middleware platform connecting HVAC, lighting, and security systems. The vulnerabilities can be chained together to enable complete system compromise, allowing adjacent attackers to intercept tokens, hijack administrator sessions, and execute arbitrary code with root privileges.

**If you use Tridium Niagara Framework systems (common in HVAC, lighting, and building automation), check to confirm that the system is isolated from the internet and accessible only from trusted networks. Then plan an update to the latest patched versions. Also check for proper encrypted communication between Tridium Niagara and all other components to prevent interception of sensitive data.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Multiple vulnerabilities reported in Tridium Niagara Framework

Researchers discovered 10 critical vulnerabilities…

BeyondMachines
PrivacyDigest

Do not DL the app, use the #website

Beyond the Hype: The Real Reasons Companies Want You on Their App

The answer, in short, is data. A lot of it. And access. A whole lot more of that too

What can a website on your #browser really get from you? Unless you manually upload your contact info, or there's a serious #security #vulnerability , a website's access to your phone's deeper functions is quite limited

Apps, on the other hand, are a different beast entirely
#privacy

idiallo.com/blog/dont-download

Do not download the app, use the website

The 2010s was the Wild West of the mobile world. "Mobile-first"…

Ibrahim Diallo Blog
BeyondMachines :verified:

Multiple flaws reported in Honeywell Experion PKS, at least one critical

Honeywell disclosed multiple vulnerabilities in its Experion Process Knowledge System (PKS) distributed control system, including a critical integer underflow flaw (CVE-2025-2523) that enables remote code execution, affecting industrial process management systems running releases prior to R520.2 TCU9 Hot Fix 1 or R530 TCU3 Hot Fix 1.

**If you have Honeywell Experion PKS industrial control systems, first make sure they are isolated from the internet and accessible from trusted networks. Then plan an update to R520.2 TCU9 Hot Fix 1 or R530 TCU3 Hot Fix 1 (depending on your version).**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Multiple flaws reported in Honeywell Experion PKS, at least one critical

Honeywell disclosed multiple vulnerabilities in its…

BeyondMachines
BeyondMachines :verified:

Authentication bypass vulnerability reported in Network Thermostat Smart Building Systems

Network Thermostat disclosed a critical vulnerability (CVE-2025-6260) in its X-Series WiFi thermostats that allows unauthenticated attackers to gain complete administrative access to building climate control systems through missing authentication in the embedded web server.

**If you have Network Thermostat X-Series WiFi devices, make sure it's isolated from the internet. Then check if the device has already auto-updated to the latest versions (v4.6+, v9.46+, v10.29+, or v11.5+ depending on your current version). If they are not updated, contact support@networkthermostat.com for manual update instructions.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Authentication bypass vulnerability reported in Network Thermostat Smart Building Systems

Network Thermostat disclosed a critical vulnerability…

BeyondMachines
BeyondMachines :verified:

Multiple vulnerabilities reported in Weidmueller Industrial Routers

Weidmueller reports multiple vulnerabilities in its IE-SR-2TX series industrial security routers, including two critical-severity flaws (CVE-2025-41663 and CVE-2025-41687) that enable unauthenticated remote attackers to execute arbitrary commands with root privileges through OS command injection and buffer overflow attacks.

**If you have Weidmueller IE-SR-2TX industrial routers, make sure they are isolated from the internet and accesible from trusted networks only. Then plan an update to the latest firmware versions (V1.49 or V1.62 depending on your model).**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Multiple vulnerabilities reported in Weidmueller Industrial Routers

Weidmueller reports multiple vulnerabilities in its…

BeyondMachines
BeyondMachines :verified:

Mitel networks reports critical authentication bypass flaw in MiVoice MX-ONE

Mitel Networks disclosed a critical authentication bypass vulnerability (MISA-2025-0009) in its MiVoice MX-ONE enterprise communications platform and a SQL injection flaw in MiCollab versions 9.8-10.0. Organizations should apply available patches and isolate affected systems from public internet access.

**If you have Mitel MiVoice MX-ONE or MiCollab systems, make sure they are isolated from the internet since attackers can bypass authentication and gain admin access without any credentials. Apply the available patches away - for MX-ONE versions 7.8/7.8 SP1 use patches MXO-15711_78SP0/MXO-15711_78SP1, and upgrade MiCollab to version 10.1 or 9.8 SP3 FP1 or later.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Mitel networks reports critical authentication bypass flaw in MiVoice MX-ONE

Mitel Networks disclosed a critical authentication…

BeyondMachines
Alexandre Dulaunoy

I love the @github Security Advisory Database because they actually preserve the data from rejected advisories including the original information and the reason for rejection.

It’s clearly much more insightful than just having a bare ID marked as "rejected."

You can easily spot this in vulnerability-lookup: vulnerability.circl.lu/vuln/cv

Yet another great example of why having diverse sources for vulnerability data matters.

#cve #vulnerability #vulnerabilitymanagement #cybersecurity

BeyondMachines :verified:

SonicWall SMA100 vulnerability enables remote code execution

SonicWall reports a post-authentication arbitrary file upload vulnerability (CVE-2025-40599) affecting SMA100 series Secure Mobile Access appliances that enables remote code execution. SonicWall urges quick firmware upgrades due to ongoing attack campaigns targeting SMA devices.

**For any network and secrity device - as a first step (and always) disable remote management access from the internet. If you have SonicWall SMA100 series devices (SMA 210, 410, or 500v), plan a quick upgrade to firmware version 10.2.2.1-90sv or higher. Attackers are actively targeting these devices. As an additional precaution, reset all administrator passwords.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

SonicWall SMA100 vulnerability enables remote code execution

SonicWall reports a post-authentication arbitrary file…

BeyondMachines
Benjamin Carr, Ph.D. 👨🏻‍💻🧬

#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
techcrunch.com/2025/07/24/ai-s

AI slop and fake reports are exhausting some security bug bounties | TechCrunch

"We're getting a lot of stuff that looks like gold,…

TechCrunch
BeyondMachines :verified:

Critical Math.random() flaw in form-data JavaScript library enables request injection attacks

A critical vulnerability (CVE-2025-7783) in the widely-used form-data JavaScript library could enable remote code execution and data exfiltration by exploiting predictable boundary values generated using the insecure Math.random() function, affecting modern microservices with distributed tracing or webhook processing.

**If you're using the form-data JavaScript library in your applications, plan an update to the latest patched versions (2.5.4, 3.0.4, or 4.0.4). There's an exploitable scenario in file upload mechanisms.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Critical Math.random() flaw in form-data JavaScript library enables request injection attacks

A critical vulnerability (CVE-2025-7783) in the widely-used…

BeyondMachines
SECUSO Research

The paper “Do (Not) Tell Me About My Insecurities: Assessing the Status Quo of Coordinated #Vulnerability Disclosure in Germany Amid New EU #Cybersecurity Regulations” by Sebastian Neef, Cenk Schlunke, and Anne Hennig has been accepted for publication at the 2025 European Symposium on Usable #Security (#EuroUSEC2025). Within a longitudinal study, the #paper analyzed the adoption, challenges, and experiences of the 40 companies listed on Germany’s #DAX (the country’s primary stock market index) with CVD programs. The adoption rates show a significant increase from 50% (2023) to over 90% (2025), with ten new CVD programs and 25 new security.txt files now available. Answers in the survey that accompanied the study, reveal that, for example, legal obligations (e.g., NIS2 and CRA) drive the adoption of CVD practices, but a lack of (human) resources and varying report quality are considered drawbacks. EuroUSEC 2025 will take place September 11 and 12, 2025 in Manchester, UK.
More about EuroUSEC: eurousec2025.cis.strath.ac.uk/

@gehaxelt

EuroUSEC 2025

EuroUSEC website

eurousec2025.cis.strath.ac.uk
BeyondMachines :verified:

Sophos fixes Firewall vulnerabilities that enable unauthenticated remote code execution

Sophos patched multipl vulnerabilities in Sophos Firewall, including two critical severity flaws CVE-2025-6704 and CVE-2025-7624 that enable pre-authentication remote code execution. Specific configurations are required for the flaws to be exploited. Sophos estimates the configurations and flaws affect less than 5% of the install base.

**If you are using Sophos Firewall, check the advisory in detail for the specific configurations that are vulnerable. If you have such a config, patch ASAP. Otherwise, plan a regular patch cycle.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Sophos fixes Firewall vulnerabilities that enable unauthenticated remote code execution

Sophos patched multipl vulnerabilities in Sophos Firewall,…

BeyondMachines
BeyondMachines :verified:

Mozilla releases updates for Firefox, 18 vulnerabilities patched, multiple critical

Mozilla released Firefox and Thunderbird security updates addressing multiple high-severity vulnerabilities with CVSS scores up to 9.8, including several memory safety bugs and JavaScript engine flaws that could enable arbitrary code execution and system compromise. The patches affect Firefox 141, multiple Firefox ESR versions (115.26, 128.13, 140.1), and corresponding Thunderbird releases.

**Time to update your Mozilla Firefox, Thunderbird and the Firefox based browsers (Waterfox, LibreWolf, Zen...). Yes, there is a difference between the CVSS score severity and Mozilla severity. But realistically, it's much faster to just update the browser than burn time on debating the severity and then finding out that hackers did find a way to exploit it - after they hacked you. So update the browsers, all tabs reopen automatically.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Mozilla releases updates for Firefox, 18 vulnerabilities patched, multiple critical

Mozilla released Firefox and Thunderbird security updates…

BeyondMachines
BeyondMachines :verified:

Google releases Chrome security update patching high-severity JavaScript engine flaws

Google released a Chrome security update patching multiple high-severity vulnerabilities, including two type confusion flaws in the V8 JavaScript engine (CVE-2025-8010 and CVE-2025-8011, both CVSS 8.8) that could allow remote attackers to execute arbitrary code through crafted HTML pages.

**This one is not urgent, but it's the smart thing to do. Update your Chrome and Chromium based browsers (Opera, Brave, Vivaldi, Edge...). These vulnerabilities will eventually be exploited so don't ignore patching. And it's super easy, all your tabs reopen.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Rafagas Links

Interactive climate vulnerability map of Catalonia with 21 risks (forest fires, loss of comfort, water shortages, coastal erosion, etc.) classified as low, medium or high risk #vulnerability

diba.maps.arcgis.com/apps/dash

ArcGIS Dashboards

ArcGIS Dashboards

diba.maps.arcgis.com
CVE Program

The Rust Project is now a CVE Numbering Authority (CNA) assigning CVE IDs for repositories, packages, & websites maintained by the Rust Project
cve.org/Media/News/item/news/2

#cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity #opensource