Cisco Talos’ Vulnerability Discovery & Research team has disclosed a total of twelve security vulnerabilities affecting three distinct software products.
Seven vulnerabilities impact WWBN AVideo, four reside within the MedDream PACS Premium system, and one exists in the Eclipse ThreadX FileX module.
All issues...
A new technique that allows attackers to bypass Windows User Account Control (UAC) protections using the system's built-in Private Character Editor, demonstrating how legitimate system utilities can be exploited to gain elevated privileges without user consent.
The attack leverages eudcedit.exe, Windows' Private Character Editor located...
The Cybersecurity and Infrastructure Security Agency (CISA) on August 7, 2025, published ten new Industrial Control Systems (ICS) advisories to alert organizations to critical vulnerabilities and potential exploits affecting control-system components.
These advisories address a broad spectrum of products—from programmable logic controllers to remote...
The U.S. Homeland Security Investigations (HSI),coordination with international law enforcement agencies, has successfully dismantled the critical infrastructure of BlackSuit ransomware, marking a significant victory against one of the world's most dangerous cybercriminal operations.
The coordinated takedown, dubbed Operation Checkmate, has seized servers, domains, and...
A technique dubbed "ECScape" that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other tasks sharing the same EC2 instance.
The attack exploits an undocumented internal protocol between the ECS agent and AWS control plane, enabling privilege...
A revolutionary exploit discovered through custom firmware for the Flipper Zero device has exposed a critical vulnerability in the rolling code security systems protecting millions of modern vehicles worldwide.
This breakthrough attack method fundamentally undermines the cryptographic protections that automotive manufacturers have relied upon...