OT Security Archives • Daily CyberSecurity

Critical-Severity XSS Flaws Uncovered in Siemens SIMATIC S7 Web Servers Siemens SIMATIC S7 Vulnerability Industrial PLC XSS CVE-2024-44102 - Siemens TeleControl Server Basic

Siemens SIMATIC S7 Vulnerability Industrial PLC XSS CVE-2024-44102 - Siemens TeleControl Server Basic

Critical-Severity XSS Flaws Uncovered in Siemens SIMATIC S7 Web Servers

Do Son May 13, 2026

Siemens ProductCERT issued an urgent security advisory regarding multiple Cross-Site Scripting (XSS) vulnerabilities found within the web...

The Global Surge in Modbus/TCP Probes Targeting Our Physical World Modbus Exploitation ICS Security

The Global Surge in Modbus/TCP Probes Targeting Our Physical World

Do Son April 24, 2026

Between September and November 2025, a massive wave of suspicious activity targeted industrial control systems worldwide, proving...

ZionSiphon: The “Defanged” Malware Aiming for the Water Supply Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

ZionSiphon: The “Defanged” Malware Aiming for the Water Supply

Do Son April 21, 2026

A new and highly specialized malware threat has emerged in the industrial cybersecurity landscape, signaling a targeted...

Critical Alert: Iranian-Affiliated Actors Target U.S. Infrastructure via Industrial Control Systems Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Critical Alert: Iranian-Affiliated Actors Target U.S. Infrastructure via Industrial Control Systems

Do Son April 8, 2026

In a major joint advisory released on April 7, 2026, a coalition of U.S. federal agencies—including the...

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks Helmholz myREX24V2 Industrial RCE

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks

Do Son March 24, 2026

Industrial connectivity specialist Helmholz GmbH & Co. KG has issued an urgent security advisory regarding multiple vulnerabilities...

The Undocumented Backdoor: Critical 10.0 CVSS Flaw Hits WAGO Managed Switches

Do Son March 23, 2026

A severe vulnerability has been uncovered in several models of WAGO Managed Switches, potentially leaving industrial networks...

Disconnect Immediately: Rockwell Automation Issues Urgent Warning for Industrial Controllers

Do Son March 22, 2026

In a proactive move aimed at securing critical infrastructure, Rockwell Automation has issued a high-priority “Important Notice”...

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking SICK Lector Vulnerability CVE-2026-2331 CVE-2022-0778 and CVE-2025-0867

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking

Do Son March 10, 2026

In a significant update for the industrial automation sector, SICK PSIRT has issued a high-priority security advisory...

Critical Infrastructure Alert: Unauthenticated Flaw in Labkotec Ice Detectors Could Freeze Operations Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Critical Infrastructure Alert: Unauthenticated Flaw in Labkotec Ice Detectors Could Freeze Operations

Do Son March 5, 2026

Cybersecurity authorities have issued a stark warning regarding a critical vulnerability in Labkotec’s LID-3300IP, a widely deployed...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Industrial Sabotage Risk: Critical Airleader Flaw (CVSS 9.8) Exposed

Do Son February 16, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding a critical security vulnerability...

Critical ZLAN5143D Flaws (CVSS 9.8) Allow Total Takeover, No Patch Available

Do Son February 16, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding high-severity vulnerabilities in industrial connectivity...

Factory Flaw: Critical WAGO Switch Vulnerabilities (CVSS 9.8) Allow Remote Takeover

Do Son February 11, 2026

A cluster of critical vulnerabilities has been discovered in WAGO’s 852 series Industrial Managed Switches, leaving operational...

CISA Warns of Unpatched Avation & RISS Critical Flaws

Do Son February 5, 2026

In a concerning update for the operational technology (OT) sector, the Cybersecurity and Infrastructure Security Agency (CISA)...

Industrial Alert: Critical Auth Bypass (CVSS 9.2) Hits Moxa Switches Moxa Linux kernel vulnerabilities Moxa Vulnerability CVE-2024-12297 Moxa OpenSSH Vulnerability CVE-2023-38408 CVE-2023-5961 - CVE-2024-9138 and CVE-2024-9140

Moxa Linux kernel vulnerabilities Moxa Vulnerability CVE-2024-12297 Moxa OpenSSH Vulnerability CVE-2023-38408 CVE-2023-5961 - CVE-2024-9138 and CVE-2024-9140

Industrial Alert: Critical Auth Bypass (CVSS 9.2) Hits Moxa Switches

Do Son February 5, 2026

Industrial networking giant Moxa has issued a high-severity security advisory urging customers to patch a wide range...

Unpatchable & Critical: CISA Issues CVSS 10.0 Alert for Synectix Adapters CVE-2022-35914 Synectix LAN 232 TRIO CVE-2026-1633

Unpatchable & Critical: CISA Issues CVSS 10.0 Alert for Synectix Adapters

Do Son February 4, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a maximum-severity alert for the Synectix LAN 232...

Grid Sabotage: “Static Tundra” Hits Poland’s Energy Sector with DynoWiper DynoWiper Malware Middle East Cyberwar, Cyber Operations

Grid Sabotage: “Static Tundra” Hits Poland’s Energy Sector with DynoWiper

Do Son February 3, 2026

The critical infrastructure of Poland’s energy sector has come under sustained fire from a sophisticated threat actor...

New Offensive OT Framework Targeting Energy Infrastructure Emerges on Dark Web ICS Offensive Framework APT IRAN

New Offensive OT Framework Targeting Energy Infrastructure Emerges on Dark Web

Do Son February 2, 2026

A new threat to industrial control systems (ICS) has surfaced on the dark web, signaling a potential...

NCSC Warns of Russian Hacktivists Targeting UK Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

NCSC Warns of Russian Hacktivists Targeting UK

Do Son January 20, 2026

The UK’s National Cyber Security Centre (NCSC) has issued a warning regarding the persistent threat posed by...

FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs Pro-Russia Hacktivist OT Attack, Unsecured VNC HMI

FBI/CISA Warn: Pro-Russia Hacktivists Target Critical Infrastructure Via Unsecured VNC HMIs

Do Son December 11, 2025

A coalition of international cybersecurity agencies, led by the FBI, CISA, and the NSA, has issued a...

High-Severity Rockwell Flaws Risk Industrial SQLi Data Tampering and Safety Device DoS Requiring Manual Fix

Do Son December 10, 2025

Rockwell Automation has released important security advisories addressing two significant vulnerabilities affecting its industrial cloud platform and...

Critical Alert 1 Active Exploit Detected Today