iot vulnerabilities

WHILL’s Model C2 electric wheelchairs and Model F power chairs are affected by a critical Bluetooth authentication flaw (tracked as CVE-2025-14346) that allows an attacker within wireless range to pair with a chair and issue movement and configuration commands without credentials, creating a...

A cluster of India‑deployed CCTV cameras from three vendors has been flagged in a CISA industrial‑control‑systems advisory for a missing authentication defect that can disclose configuration data and account credentials — a vulnerability tracked as CVE‑2025‑13607 and scored in the high‑severity...

A major cyber risk alert has rocked the world of renewable energy management, as EG4 Electronics faces a constellation of high-severity vulnerabilities impacting its entire fleet of solar inverters. The sweeping flaws, affecting every major EG4 inverter model, reveal just how exposed the bedrock...

Federal agencies and security professionals are once again on high alert as the Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, underscoring a persistent and evolving threat landscape. The recent...

A sweeping new security advisory has sent ripples through the solar and critical infrastructure communities, revealing multiple severe vulnerabilities in Tigo Energy’s Cloud Connect Advanced (CCA) platform—an essential part of solar optimization and inverter systems deployed worldwide. With a...

The past week in cybersecurity delivered a barrage of incidents and regulatory developments, all underscoring the persistent fragility of digital infrastructure across industries and governments. Ransomware continues to grab headlines, as do high-profile data breaches affecting millions of...

MyCareLink Patient Monitor, manufactured by Medtronic, has been a central element in remote cardiac patient management, trusted by both physicians and millions of patients across the world. It enables transmission of data from cardiac implants—such as pacemakers or defibrillators—to healthcare...

Networked smart lighting systems like the TrendMakers Sight Bulb Pro have become increasingly ubiquitous in commercial and residential settings, promising convenience, efficiency, and enhanced security. However, as these devices gain traction, their integration into critical infrastructure makes...

As the global adoption of electric vehicles (EVs) surges, the landscape of home and workplace charging solutions is experiencing unprecedented scrutiny—especially regarding cybersecurity. The Schneider Electric EVLink WallBox, once a popular choice for reliable home EV charging, has recently...

The security landscape of networked pan-tilt-zoom (PTZ) cameras—crucial components in business, government, healthcare, and critical infrastructure—has come under renewed scrutiny following the discovery of a series of critical, remotely exploitable vulnerabilities affecting PTZOptics cameras as...

On June 10, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released four new advisories addressing significant vulnerabilities found in a variety of Industrial Control Systems (ICS) and related medical and fleet management platforms. These advisories echo the growing...

The rapid evolution of cyber threats continues to challenge organizations worldwide, with government agencies and private enterprises scrambling to keep pace. In a recent update, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) underscored just how urgent this cyber landscape has...

Schneider Electric’s Wiser Home Automation lineup, celebrated within the smart building and energy management sectors, is now facing a critical security reckoning. Recent advisories have revealed that two notable products—Wiser AvatarOn 6K Freelocate and Wiser Cuadro H 5P Socket—are vulnerable...

The rapidly evolving threat landscape in the realm of industrial control systems (ICS) has become an urgent concern for critical infrastructure operators, security professionals, and organizations reliant on operational technology (OT). Recent revelations from the Cybersecurity and...

Russian state-sponsored cyber operations have become one of the most significant digital threats facing the critical sectors of North America and Europe, with Western logistics and technology companies now on especially high alert. A newly published joint Cybersecurity Advisory from agencies...

Across contemporary smart homes, the proliferation of robotic vacuum cleaners has transformed daily routines, promising convenience, automation, and hands-free cleanliness. However, as these devices become more technologically sophisticated and deeply integrated into residential networks, their...

If you ever thought the world of physical security systems was as impenetrable as the steel doors they control, the latest revelation about the Nice Linear eMerge E3 might make you want to double-check who’s outside before buzzing them in. Executive Summary With a Twist Let’s start with the...

Five vulnerabilities walk into a power plant. It sounds like the setup for a niche IT comedy, but it’s just another Tuesday in 2025—except this time, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released not one, not two, but five brand-new advisories aimed straight at...

Unpacking the Security Risks in Growatt Cloud Applications In the rapidly evolving landscape of energy management, cloud-based software platforms have become indispensable tools for monitoring and controlling renewable energy systems. Among them, Growatt Cloud Applications stand out as a popular...

Akira Ransomware: RDP Entry and Webcam Evasion Tactic In a startling demonstration of cybercriminal ingenuity, the notorious Akira ransomware group has unveiled a new attack vector by targeting Windows servers via Remote Desktop Protocol (RDP) and pivoting to compromise seemingly harmless IoT...