Toggle navigation
SCADA - ICS - IIoT Security Bootcamp
Cyber Range
Contact
Critical Infrastructure
SecList ICS
Threat landscape for industrial automation systems in Q1 2025
Threat landscape for industrial automation systems in Q4 2024
Security Magazine
The importance of security for power utility substations
Chinese threat actor resided in US electric grid for almost one year
US experiences 47% of global utilities cyberattacks
Internet-exposed HMIs are a risk to water facilities, CISA warns
Software and IT vendors linked to 67% of energy sector breaches
Iranian cyber actors are targeting critical infrastructure entities
Windsor port authority strengthens US-Canada border waterway
Protecting ships from cyber terrorism
Biden administration issues executive order to secure U.S. ports
Cadisha Miceli | Women in Security 2023
CISA MTS Guide may enhance critical infrastructure resilience
DNV appoints Anette Roll Richardsen as Director of Cybersecurity
How Intelligent Video Surveillance Boosts Fleet Operations with Immediate and Long-Term Benefits
Manufacturing Security: It’s All About the Details
Ensuring safety on the move: Strengthening security in public transportation
Nearly 1M records related to personal property were exposed
Security experts respond to the Amazon employee data breach
Supply chain cybersecurity and modern-day cargo theft
Case Studies
The 2 am call: Preparing for a government cyberattack
Häfele recovers from ransomware attack with new SASE platform
Ride-hailing company, inDrive, uses new platform to prevent fraud
The Old Spaghetti Factory restaurant chain ups network & physical security
K-8 students learn cybersecurity through gamification
Electric company uses SAP monitoring to bolster cybersecurity
Pennsylvania School District Adopts AI-Driven Gun Detection Technology
Protecting 14 Campuses, All With Different Needs
Campus collaboration: a security-focused work management platform
Windsor port authority strengthens US-Canada border waterway
From the stone age to cutting edge: A case study on key management
Challenges with mobile apps as a safety solution in K-12 schools
News
Exploits
[webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
[remote] WebDAV Windows 10 - Remote Code Execution (RCE)
[remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
[local] Microsoft Excel Use After Free - Local Code Execution
[webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
[remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
[local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
[webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
[webapps] Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
[remote] PCMan FTP Server 2.0.7 - Buffer Overflow
[remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
[webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)
[remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow
[local] TightVNC 2.8.83 - Control Pipe Manipulation
[remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
[local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
[webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
[remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
[remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
[local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
[remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
[webapps] CloudClassroom PHP Project 1.0 - SQL Injection
[remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
[webapps] Campcodes Online Hospital Management System 1.0 - SQL Injection
[remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
[remote] Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure
[remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
[remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
[webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
[local] ABB Cylon Aspect Studio 3.08.03 - Binary Planting
[remote] ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation
[webapps] Java-springboot-codebase 1.1 - Arbitrary File Read
[remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
[webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
[local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege
[remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
[remote] Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
[remote] CrushFTP 11.3.1 - Authentication Bypass
[remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
[local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
[local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
[webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
[webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
[local] RDPGuard 9.9.9 - Privilege Escalation
[remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
[local] VirtualBox 7.0.16 - Privilege Escalation
Last 20 Website Defacements - Zone-h
Advisories