RCE via ND6 Router Advertisements in FreeBSD
https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc
#HackerNews #RCE #ND6 #Router #FreeBSD #Security #Advisory #Cybersecurity
Michał "rysiek" Woźniak · 🇺🇦
boosted
Siemens reports critical flaw in IAM Client on multiple industrial products
Siemens is reporting a critical vulnerability (CVE-2025-40800) in its IAM client component affecting multiple industrial software products, which allows unauthenticated attackers to conduct man-in-the-middle attacks due to improper certificate validation. Patches are available for most affected products.
**Make sure all your industrial systems are isolated from the internet and accessible from trusted networks only. If you are using COMOS, NX, Simcenter 3D, Simcenter Femap, Solid Edge plan a quick update for them. Not an urgent thing, but don't ignore this one. Someone will find a way to hack them.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/siemens-reports-critical-flaw-in-iam-client-on-multiple-industrial-products-1-d-o-3-h/gD2P6Ple2L
Siemens reports critical flaw in IAM Client on multiple industrial products
Siemens is reporting a critical vulnerability (CVE-2025-40800) in its IAM client component affecting multiple industrial software products, which allows unauthenticated attackers to conduct man-in-the-middle attacks due to improper certificate validation. Patches are available for most affected products.
**Make sure all your industrial systems are isolated from the internet and accessible from trusted networks only. If you are using COMOS, NX, Simcenter 3D, Simcenter Femap, Solid Edge plan a quick update for them. Not an urgent thing, but don't ignore this one. Someone will find a way to hack them.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/siemens-reports-critical-flaw-in-iam-client-on-multiple-industrial-products-1-d-o-3-h/gD2P6Ple2L
X.org Security Advisory: multiple security issues X.Org X server and Xwayland
https://lists.x.org/archives/xorg-announce/2025-October/003635.html
#HackerNews #XorgSecurity #Advisory #SecurityIssues #XServer #Xwayland #Cybersecurity
Stefano Marinelli
boosted
Will be working on a new build of BastilleBSD .iso images to include the latest advisory fixes and base updates.
In the meantime, here's your reminder to `pkg upgrade` / `freebsd-update fetch install` on your FreeBSD systems.
Will be working on a new build of BastilleBSD .iso images to include the latest advisory fixes and base updates.
In the meantime, here's your reminder to `pkg upgrade` / `freebsd-update fetch install` on your FreeBSD systems.
Mozilla Firefox patches critical security vulnerabilities with exploit PoC
Mozilla has released critical security updates for Firefox to patch two actively exploited vulnerabilities (CVE-2025-4920 and CVE-2025-4921). Following successful exploitation demonstrations at Pwn2Own Berlin 2025, Mozilla strongly urges all users to immediately update to the latest browser versions across all supported branches.
**This one is important, and fairly urgent. The exploit PoC is public, so it's just a matter of time before hackers build an exploit. So don't wait. Patch all your Firefox and Firefox based browsers (Waterfox, Tor) NOW. Updating a browser is easy, all your tabs reopen after the patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/mozilla-firefox-patches-critical-security-vulnerabilities-with-exploit-poc-t-j-m-t-b/gD2P6Ple2L