News

ABB has identified a heap memory overflow vulnerability (CVE-2025-5517) affecting multiple versions of its Terra AC electric vehicle charging stations worldwide. Attackers could exploit unencrypted OCPP messages to compromise affected chargers, potentially gaining remote control and altering firmware behavior. Impacted models include UL40/80A, UL32A, MID/CE, and JP variants across various firmware versions. ABB recommends users immediately update to patched versions: 1.8.33 or 1.8.34 depending on model. The company also advises against using unencrypted HTTP connections between chargers and management systems, despite OCPP protocol allowing it, to prevent malicious interference.

ABB has identified a critical vulnerability (CVE-2025-9970) in its LVS MConfig software affecting versions 1.4.9.21 and earlier. The flaw allows local network attackers to extract memory dump files containing plaintext passwords stored in the application's memory. If these dumps are mishandled, attackers could obtain sensitive credentials. The vulnerability impacts critical infrastructure sectors including energy, manufacturing, and water systems worldwide. ABB rates the issue as HIGH severity (CVSS 7.4) and has released MConfig version 1.4.9.22 as a fix. Users are strongly advised to update immediately and implement the defensive measures outlined in product documentation. Source: CISA.

ABB has identified a critical vulnerability in its Ability Zenon Remote Transport software affecting versions 7.50 through 14. The flaw enables attackers to bypass authentication and trigger unauthorized system reboots without proper credentials. The vulnerability (CVE-2025-8754) stems from missing authentication controls in the default configuration. Exploitation requires prior network access to affected systems. The vulnerability impacts critical infrastructure sectors including energy, healthcare, water management, and communications worldwide. Currently, no active exploitation in the wild has been reported. ABB recommends restricting network access to systems running the affected software as a temporary measure. Source: ABB Security Advisory.

Eppendorf BioFlo 320 bioreactors, used in healthcare and research facilities worldwide, face a critical vulnerability through hard-coded VNC (Virtual Network Computing) credentials. Attackers with network access can exploit this flaw to gain complete control of the device's user interface and functionality. The vulnerability affects all BioFlo 320 models, with a CVSS severity score of 9.8. Eppendorf has released software updates removing VNC access permanently. Users are advised to verify VNC is disabled, restrict VNC settings to Admin and Supervisor roles, and install Version 5.0 software immediately. The company notes VNC shipped disabled by default but recommends security hardening measures. Source: Eppendorf Security Advisory.

A data breach at 7-Eleven has compromised personal information of approximately 185,000 individuals. The hacking group ShinyHunters claims responsibility for the incident and has leaked stolen data including email addresses, full names, residential addresses, and dates of birth. This type of breach exposes victims to identity theft and targeted fraud schemes. Customers affected should monitor their accounts for suspicious activity and consider placing fraud alerts with credit bureaus. Data breaches involving such personal information remain a significant cybersecurity concern for retail chains globally. Source: SecurityWeek.

Cybercriminals are increasingly leveraging artificial intelligence to conduct more sophisticated and damaging distributed denial-of-service (DDoS) attacks. Unlike traditional methods, AI-enhanced attacks are faster, more powerful, and difficult to counter. Hackers use these intelligent tools to identify system vulnerabilities automatically, making defenses less effective. Security experts warn that organizations must adopt advanced detection mechanisms and stronger safeguards to protect against these evolving threats. Understanding these new attack patterns is crucial for Indian businesses and website operators to implement adequate preventive measures and stay ahead of cybercriminals. Source: The Hacker News.

Microsoft has released security patches for CVE-2026-45659, a remote code execution flaw affecting SharePoint across multiple server versions. The vulnerability, rated 8.8 on the CVSS scale, stems from improper handling of untrusted data during deserialization processes. Attackers could exploit this weakness without meeting any special conditions, potentially gaining unauthorized code execution on affected systems. The patch has been classified as important and is now available across SharePoint versions. Organizations using SharePoint should prioritize applying these updates to protect their systems from potential exploitation. Source: Cybersecurity News.

Anthropic has expanded Claude, its AI assistant, with 28 new security integrations to strengthen enterprise governance and protection. The integrations include partnerships with leading cybersecurity firms like CrowdStrike, Palo Alto Networks, Microsoft, Okta, Zscaler, Netskope, Cloudflare, Fortinet, and Wiz. These integrations aim to enhance organizational security posture by enabling Claude to work seamlessly with existing enterprise security infrastructure and tools. This development allows businesses to leverage AI capabilities while maintaining robust security controls and governance frameworks across their operations. Source: SecurityWeek.

Security researchers have identified TrapDoor, a malicious package campaign spanning over 34 packages across npm, PyPI, and Crates.io repositories. The malware targets developer workstations to steal sensitive credentials including AWS keys, GitHub tokens, SSH keys, and cryptocurrency wallet data. The campaign exploits common development workflows like npm postinstall scripts and Rust build scripts, making detection difficult. Notably, TrapDoor also attempts to compromise AI coding assistants by modifying configuration files with hidden instructions to trick them into exposing secrets. The campaign highlights growing risks to developer environments, which contain access to source code, cloud infrastructure, and CI/CD pipelines. Compromising a single workstation could give attackers broader access to organizational systems. Source: The Register.

RemotePilot is a new desktop application designed to help job seekers find and manage remote work opportunities. The tool allows users to track companies offering remote positions, organize job applications, and customize resumes and cover letters for each opportunity. It also includes interview preparation features with personalized guides. Created by an indie developer, RemotePilot aims to simplify the remote job search process for professionals struggling to navigate the distributed workforce market. The application emphasizes personalization to help users tailor their job applications more effectively. Source: Hacker News.

A critical SQL injection vulnerability, tracked as CVE-2026-9082, has been identified in Drupal installations running PostgreSQL databases. This flaw allows attackers to execute arbitrary SQL commands, potentially compromising sensitive data stored in affected systems. Organizations using Drupal with PostgreSQL backends are urged to apply security patches immediately. The vulnerability poses significant risks to websites and applications relying on this content management system. Security experts recommend administrators prioritize updates and implement additional access controls to prevent exploitation. Source: Security Boulevard.

A $1.4 billion cryptocurrency theft from Bybit has exposed serious vulnerabilities in self-custody wallet solutions, emphasizing the importance of robust underlying software architecture. The incident is prompting a shift towards more secure wallet designs that prioritize offline-first functionality and key protection over user convenience. Industry experts now stress the need for architecturally isolated systems and post-quantum cryptography integration. This highlights that cryptocurrency wallets vary significantly in their security measures, and users must carefully evaluate their chosen platform's technical safeguards. Source: Original news report.