NCC Group and Bad Packets detected cyber attacks targeting F5 critical vulnerabilities after proof-of-concept code and patches were released. CISA advised users to prioritize the installation of updates.
Microsoft Discovers 25 Critical Vulnerabilities in IoT Security Affecting Google, Amazon, Samsung, and Other Devices, SDKs and Libraries
Microsoft says many IoT and operational technology devices suffer from 25 IoT security critical vulnerabilities originating from vulnerable SDKs, RTOS, and the C standard library.
Hard-coded Password in Popular Vehicle GPS Tracker Allows for User Impersonation, Remote Execution of Commands
MiCODUS MV720 vehicle GPS tracker has sold some 1.5 million units across 169 countries and used in military vehicles, government cars, etc. Of the six serious vulnerabilities, one is a hard-coded password that allows anyone to send commands to the GPS units.