Flux RSS

View CSAF Summary Schneider Electric is aware of a hard-coded credentials vulnerability in its EcoStruxure IT Data Center Expert (DCE) product that requires administrator credentials and enabling a feature (SOCKS Proxy) that is off by default. The EcoStruxure IT Data Center Expert product is a scalable monitoring software that collects, organizes, and distributes critical device information providing a comprehensive view of equipment. Failure to apply the remediation provided below may risk information disclosure, and remote compromise of the offer which could result in disruption of operations and access to system data. The following versions of Schneider Electric EcoStruxure Data Center Expert are affected: EcoStruxure IT Data Center Expert vers:intdot/<=9.0 EcoStruxure IT Data Center Expert 9.1 CVSS Vendor Equipment Vulnerabilities v3 7.2 Schneider Electric Schneider Electric EcoStruxure Data Center Expert Use of Hard-coded Credentials Background Critical Infrastructure Sectors: Commercial Facilities, Energy, Food and Agriculture, Government Services and Facilities, Transportation Systems Countries/Areas Deployed: Worldwide Company Headquarters Location: France Vulnerabilities Expand All + CVE-2025-13957 A hard-coded credentials vulnerability exists that could lead to information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default. View CVE Details Affected Products Schneider Electric EcoStruxure Data Center Expert Vendor: Schneider Electric Product Version: EcoStruxure IT Data Center Expert (Formerly known as StruxureWare Data Center Expert) v9.0 and prior Product Status: fixed, known_affected Remediations Vendor fix v9.1 of EcoStruxure IT Data Center Expert includes a fix for this vulnerability and is available for download here: https://www.se.com/en/product-range/61851-ecostruxure-it-data-center-expert/#software-and-firmware Mitigation If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: • Harden the DCE instance according to the cybersecurity best practices documented in the EcoStruxure IT Data Center Expert Security Handbook • Ensure the SOCKS Proxy is disabled as in the default configuration. Mitigation For more information see the associated Schneider Electric CPCERT security advisory SEVD-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure IT Data Center Expert PDF Version https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-069-05.pdf Mitigation For more information see the associated Schneider Electric CPCERT security advisory SEVD-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure IT Data Center Expert CSAF Version https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2026-069-05.json Relevant CWE: CWE-798 Use of Hard-coded Credentials Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Acknowledgments hassan ali of TrendAI Zero Day Initiative reported this vulnerability to Schneider Electric General Security Recommendations Schneider Electric strongly recommends the following industry cybersecurity best practices: * Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. * Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks. * Place all controllers in locked cabinets and never leave them in the “Program” mode. * Never connect programming software to any network other than the network intended for that device. * Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks. * Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation. * Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet. * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices. For more information refer to the Schneider Electric [Recommended Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) document. For More Information This document provides an overview of the identified vulnerability or vulnerabilities and actions required to mitigate. For more details and assistance on how to protect your installation, contact your local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services: https://www.se.com/ww/en/work/solutions/cybersecurity/. These organizations will be fully aware of this situation and can support you through the process. For further information related to cybersecurity in Schneider Electric’s products, visit the company’s cybersecurity support portal page: https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp LEGAL DISCLAIMER THIS NOTIFICATION DOCUMENT, THE INFORMATION CONTAINED HEREIN, AND ANY MATERIALS LINKED FROM IT (COLLECTIVELY, THIS “NOTIFICATION”) ARE INTENDED TO HELP PROVIDE AN OVERVIEW OF THE IDENTIFIED SITUATION AND SUGGESTED MITIGATION ACTIONS, REMEDIATION, FIX, AND/OR GENERAL SECURITY RECOMMENDATIONS AND IS PROVIDED ON AN “AS-IS” BASIS WITHOUT WARRANTY OR GUARANTEE OF ANY KIND. SCHNEIDER ELECTRIC DISCLAIMS ALL WARRANTIES RELATING TO THIS NOTIFICATION, EITHER EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SCHNEIDER ELECTRIC MAKES NO WARRANTY THAT THE NOTIFICATION WILL RESOLVE THE IDENTIFIED SITUATION. IN NO EVENT SHALL SCHNEIDER ELECTRIC BE LIABLE FOR ANY DAMAGES OR LOSSES WHATSOEVER IN CONNECTION WITH THIS NOTIFICATION, INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF SCHNEIDER ELECTRIC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOUR USE OF THIS NOTIFICATION IS AT YOUR OWN RISK, AND YOU ARE SOLELY LIABLE FOR ANY DAMAGES TO YOUR SYSTEMS OR ASSETS OR OTHER LOSSES THAT MAY RESULT FROM YOUR USE OF THIS NOTIFICATION. SCHNEIDER ELECTRIC RESERVES THE RIGHT TO UPDATE OR CHANGE THIS NOTIFICATION AT ANY TIME AND IN ITS SOLE DISCRETION About Schneider Electric Schneider's purpose is to create Impact by empowering all to make the most of our energy and resources, bridging progress and sustainability for all. We call this Life Is On. Our mission is to be the trusted partner in Sustainability and Efficiency. We are a global industrial technology leader bringing world-leading expertise in electrification, automation and digitization to smart industries, resilient infrastructure, future-proof data centers, intelligent buildings, and intuitive homes. Anchored by our deep domain expertise, we provide integrated end-to-end lifecycle AI enabled Industrial IoT solutions with connected products, automation, software and services, delivering digital twins to enable profitable growth for our customers. We are a people company with an ecosystem of 150,000 colleagues and more than a million partners operating in over 100 countries to ensure proximity to our customers and stakeholders. We embrace diversity and inclusion in everything we do, guided by our meaningful purpose of a sustainable future for all. www.se.com Legal Notice and Terms of Use This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy). Recommended Practices CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities. Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents. Advisory Conversion Disclaimer This ICSA is a verbatim republication of Schneider Electric CPCERT SEVD-2026-069-05 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Schneider Electric CPCERT directly for any questions regarding this advisory. Revision History Initial Release Date: 2026-03-10 Date Revision Summary 2026-03-10 1 Original Release 2026-03-17 2 Initial CISA Republication of Schneider Electric SEVD-2026-069-05 advisory Legal Notice and Terms of Use

Equipment for smart European cable systems - Works Anonymous (not verified) Tue, 03/17/2026 - 08:45 Opening: 17 March 2026 Closing: 30 June 2026 This call supports the upgrade of existing submarine telecommunications/digital infrastructures to “smart capabilities” enabling applications that monitor them as well as other surrounding critical infrastructures (e.g. power cables, pipelines, etc.) and/or their vicinity. Main link https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/opportuni… Related topics Digital connectivity Connecting Europe Facility Funding for Digital {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Backbone connectivity for Digital Global Gateways - Studies Anonymous (not verified) Tue, 03/17/2026 - 08:19 Opening: 17 March 2026 Closing: 30 June 2026 This call for proposals will fund studies related to the deployment/significant upgrade of backbone networks that address risks, vulnerabilities and dependencies in the EU backbone infrastructure. GettyImages © Dragon Claws Main link https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/opportuni… Related topics Digital connectivity Connecting Europe Facility Funding for Digital {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Drivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking. Not because the city council suddenly decided to embrace generosity - but rather because hackers succeeded in knocking the city's payment system offline. Read more in my article on the Hot for Security blog.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-47813 Wing FTP Server Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Open EU Foundry status granted to innovative chiplet facility Anonymous (not verified) Mon, 03/16/2026 - 10:40 The Commission has granted the Open EU Foundry (OEF) status to Silicon Box in Novara, Italy. GettyImages © Nikola Ilic - E+ Under the European Chips Act, the OEF status is granted to new or upgraded innovative semiconductor manufacturing facilities. The status provides benefits to semiconductor facilities including administrative support, faster construction approvals and priority access to pilot lines under the Chips for Europe Initiative. This helps deepen European semiconductor supply chain resilience and boost innovation. Silicon Box’s project is a significant milestone in strengthening Europe’s semiconductor industry through its new advanced semiconductor packaging and testing facility. The facility will integrate multiple dies or chiplets - small, modular semiconductor blocks that perform specific functions - into a single package, effectively creating a multi-chip module that behaves like a single chip, using panel level packaging. Panel level packaging uses a more efficient large-panel approach to packaging, enabling higher output and lower cost compared to traditional methods in the final stage of the chip making process. The facility will also test chips at panel-level, grouping multiple chiplets into a single panel, enabling more comprehensive quality verification before final assembly. The project will provide an important base in Europe for developing innovative technologies, products and system solutions for the semiconductors key to powering AI, electric and autonomous vehicles, data centres, as well as supercomputing applications. The plant is expected to reach full capacity in 2033. This OEF status recognition follows four semiconductor projects across the EU which have previously been awarded OEF or IPF (integrated production facility) status in October 2025: ESMC in Germany (OEF) Ams-OSRAM in Austria (IPF) Infineon Technologies Dresden in Germany (IPF) STMicroelectronics in Italy The decision to grant OEF follows the Commission state aid decision concerning Silicon Box. Related topics Advanced Digital Technologies Electronics Chips Act Semiconductors {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3909 Google Skia Out-of-Bounds Write Vulnerability CVE-2026-3910 Google Chromium V8 Unspecified Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

If you're in the middle of applying for a planning or zoning permit, there is some unwelcome news: cyber-criminals have found a way to exploit the bureaucratic tedium of the process against you. Read more in my article on the Fortra blog.

Signal, the encrypted messaging app trusted by security-savvy users around the world, has confirmed that hackers have managed to takeover accounts - with government officials and journalists among those being targeted. Read more in my article on the Hot for Security blog.

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, execute arbitrary commands, or perform a denial-of-service on the product. The following versions of Trane Tracer SC, Tracer SC+, and Tracer Concierge are affected: Tracer SC Tracer SC+ Tracer Concierge CVSS Vendor Equipment Vulnerabilities v3 8.1 Trane Trane Tracer SC, Tracer SC+, and Tracer Concierge Use of a Broken or Risky Cryptographic Algorithm, Memory Allocation with Excessive Size Value, Missing Authorization, Use of Hard-coded Credentials, Use of Hard-coded, Security-relevant Constants Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Ireland Vulnerabilities Expand All + CVE-2026-28252 A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device. View CVE Details Affected Products Trane Tracer SC, Tracer SC+, and Tracer Concierge Vendor: Trane Product Version: Trane Tracer SC:

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite encyclopaedia. Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a recorded Telegram call. Plus: Graham champions Asterix, Trisha discovers the fantasy novels of Robin Hobb, and someone called "Lick" ends up in the nick. All this, and much more, in episode 458 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.

Elon Musk's social media site says it suspended 800 million accounts in a year for spam and manipulation - but with state-backed campaigns still flooding the platform, the real question is how many fake accounts remain. Read more in my article on the Hot for Security blog.

In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA - one of the world's most prolific phishing-as-a-service platforms - has been dismantled. Read more in my article on the Hot for Security blog.

Apply AI webinars sectoral deep dive - Agrifood, climate & environment Anonymous (not verified) Thu, 03/05/2026 - 14:30 19 March 2026 This session focuses on how the Commission, together with the private sector, aims to accelerate AI adoption across the agrifood sector, as well as the intersection between AI, climate and environment. This is part of a series of Apply AI thematic webinars. Join the live stream on our YouTube channel to find out how farmers, industry, researchers and other stakeholders can contribute to shaping priorities for Europe’s agrifood, climate and environment ecosystems. Engage in the conversation by submitting questions in advance or during the session via Slido. Agenda 14:00 - 14:45 (CET) Apply AI Agrifood 14:45 - 15:00 (CET) Short break 15:00 - 15:45 (CET) Apply AI Climate & Environment Download the slides for both sessions below. Moderator Andrea Hak, Stakeholder Communication Expert at the AI Office, DG CONNECT Speakers - Agrifood Pierluigi Londero, Head of Unit Data Governance, DG AGRI Doris Marquardt, Programme Officer EU Policies, Contact person for Agriculture in the DG, DG CONNECT Speakers - Climate & Environment Tsitlakidis Charalampos, Head of Sector, Destination Earth, DG CONNECT Irina Sandu, Director of Destination Earth (DestinE), European Centre for Medium-Range Weather Forecasts (ECMWF) Agrifood The webinar will discuss how the Commission aims to accelerate AI adoption across the agrifood sector and translate innovation into impact on the ground, enhancing sectorial competitiveness and public goods. Among others, a marketplace for AI-based solutions for the agri-food sector will be introduced and funding will be devoted to capacity building in the development of agriculture specific foundation models (e.g., LLMs). AI is already reshaping agricultural production and can transform the way food is produced, benefiting the environment, climate and people. AI supports farmers, for instance through AI-driven advisory tools and handy applications that turn data into tailored recommendations. These help producers to make better and faster decisions accounting for local conditions, and increasing resource efficiency, e.g. saving water, and effectiveness. A new wave of opportunities is emerging, boosting precision farming, powering robots, and smartening machinery for field work. AI can also contribute to reducing reporting obligations and other administrative burdens. Climate & Environment AI has a long track record in environmental monitoring, forecasting, and Earth observation. It can enhance early-warning systems and aid disaster response as well as decision-making for resilience and climate preparedness. Ground-breaking initiatives such as Destination Earth provide high-resolution and interactive simulations with unprecedented predictive power through AI-driven applications. Downloads Apply AI Climate & Environment (PDF) Download Related topics Creating a digital society Environment Smart and Sustainable Communities Artificial intelligence {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Commission holds first meeting of Special Panel on child safety online Anonymous (not verified) Thu, 03/05/2026 - 08:08 European Commission President Ursula von der Leyen hosted the first meeting of the Special Panel on child safety online. AdobeStock ©myboys The panel, announced in the 2025 State of the Union address, will provide expert recommendations to better protect and empower children online and will explore the need for potential harmonised age restrictions to access social media. President Ursula von der Leyen said: For decades, we have made the real world safer for children and we must do the same in the digital world. The positive opportunities that technology offers cannot come at the cost of their safety, health or happiness. In Europe, tech platforms already have a responsibility to ensure the safety of users and we will continue to ensure they do so. But we must also do more to protect and empower our young people online. That is why I have convened this panel: to forge a strong, realistic, European approach to keep our children safe in the digital age. Read the full press release and find further information about the special panel on child safety online. Related to child safety online, you can also read more about: the Digital Services Act (DSA) and its Guidelines on the protection of minors the Safer Internet Centres under the Better Internet for Kids Strategy (BIK+) the Cyberbullying Action Plan the EU Age Verification solution the Communication on a comprehensive approach to mental health the EU rules to combat child sexual abuse online Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the actual leaker... who promptly sent an innocent colleague into a career-ending ambush. In this episode, we unravel the jaw-dropping tale of a defence contractor caught selling zero-day exploits to a Russia-linked broker. Plus: are nation states quietly poisoning AI models to bend reality itself? We explore how “foreign information manipulation interference” could target not just social media users, but the large language models we increasingly trust for answers — and what that might mean for truth, trust, and the future of online influence. All this, and much more, in episode 457 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Carl Miller.

Commission seeks feedback for draft guidance to assist companies in applying the Cyber Resilience Act Anonymous (not verified) Wed, 03/04/2026 - 09:10 Opening: 03 March 2026 Closing: 31 March 2026 The draft guidance clarifies the obligations and the scope of the rules with a particular focus on facilitating compliance by microenterprises and small and medium-sized enterprises. AdobeStock © ipopba Main link https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/16959… Related topics Cybersecurity {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

South Korea's National Tax Service (NTS) has found itself in the middle of a deeply embarrassing - and costly - blunder after accidentally handing thieves the master key to a seized cryptocurrency wallet. Read more in my article on the Hot for Security blog.

A new report claims that the cost of insider security incidents has surged 20% in two years, reaching an average of US $19.5 million per organization annually, with no sign that the alarming figure is flattening. Read more in my article on the Fortra blog.

There is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has been accused of trying to extort money... from a notorious Russian ransomware gang. Read more in my article on the Hot for Security blog.