Critical vulnerabilities that have recently been identified in the WPA2 protocol enable threat actors to carry out Man-in-the-Middle (MitM) attacks and force devices connected to the network to...

Modern industrial control systems (ICS) are cyber-physical systems that include IT infrastructure and operational technologies or OT infrastructure. Attacks on OT pose the greatest danger and are...

In the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in...

Vulnerability in kernel drivers of Beckhoff TwinCAT 2 and 3.1 PLC software solutions for PLCs could allow local attackers to escalate privileges on target systems

A vulnerability in Cisco Smart Install Client was exploited in an attack on Cisco IOS switches to modify configuration files on the devices and cause a denial-of-service condition

Schneider Electric has closed multiple vulnerabilities in U.motion Builder – a total of 16 vulnerabilities with different severity levels (CVSS v.3 base score of 4.3 to 10)

Critical vulnerabilities have been identified in SCADA/HMI solutions InduSoft Web Studio and InTouch Machine Edition, and in the Triconex Tricon model 3008 Safety Instrumented System

Kaspersky Lab ICS CERT and Fraunhofer IOSB are working together to address industrial cybersecurity and awareness challenges.

This report by Kaspersky Lab ICS CERT presents information on identified servers that have been infected and used by the group. The report also includes the findings of an analysis of several...

Dangerous vulnerabilities have been identified in Advantech WebAccess HMI Designer. Their exploitation could lead to remote code execution

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that...

Multiple serious vulnerabilities have been closed in Advantech’s WebAccess SCADA/HMI solution. Their exploitation could lead to sensitive information disclosure, arbitrary code execution and file deletion.

Vulnerabilities in Martem TELEM-GW6/GWM data concentrators could enable remote attackers to gain control of the industrial process, cause denial of service and execute arbitrary code

Android security advisory – March 2026 monthly rollup (AV26-187)

Cisco Talos researchers have detected new malware, which has been dubbed VPNFilter. To date, the malware has infected at least 500,000 routers and network-attached storage (NAS) devices in 54...

Dangerous vulnerabilities have been identified in the Schneider Electric Floating License Manager platform.

A serious vulnerability has been identified in Rockwell Automation solutions for industrial networks RSLinx Classic and FactoryTalk Linx Gateway

Multiple remote code execution vulnerabilities have been corrected in Schneider Electric’s U.motion Builder. Fixes for the vulnerabilities have been included in version 1.3.4 of the solution

Siemens has closed serious vulnerabilities in its solutions. Affected devices include SCALANCE M875 industrial routers and SCALANCE X switches

In a cyberattack on organizations in the US and Southeast Asia, hackers have used legitimate tools to infect systems that monitor and control communications satellites

Remote attackers could cause a denial-of-service condition in Allen-Bradley CompactLogix and Compact GuardLogix controllers by exploiting a vulnerability in these devices

A buffer overflow vulnerability in Delta Industrial Automation COMMGR software could lead to remote code execution, cause the application to crash, or cause a denial-of-service condition in the...

Kaspersky Lab has published the results of The State of Industrial Cybersecurity study carried out in collaboration with PAC, a CXP Group Company, and based on a survey of 320 professionals...

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) reported on phishing attacks that were primarily targeting industrial companies...

Allen-Bradley Stratix 5950 network security appliances are affected by multiple vulnerabilities. The flaws, which are due to security issues in the Cisco ASA operating system used in the devices,...

DoS vulnerabilities have been identified in Siemens SIPROTEC 5 relays and the EN100 communication module. These vulnerabilities can be exploited by a remote attacker without requiring any...

WAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMA devices. Exploitation of these vulnerabilities could enable attackers to execute arbitrary code or overwrite critical files

Dragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group...

Weak hashing algorithm allows attacker get passwords in clear text.

Several companies, including Cisco, Rockwell Automation, Sierra Wireless, ABB and Siemens, have reported vulnerabilities in their industrial devices. The vendors are preparing updates to close...