A significant vulnerability in Rockwell Automation software for programming logic controllers could enable cyberattackers to remotely introduce and run malicious code, potentially taking over entire production systems. The flaw could allow hackers to shut down operations, alter systems, or even cause physical damage. The US Cybersecurity and Infrastructure Security Agency recommended rapid patching of this vulnerability, recorded as CVE-2024-7847, that affects all versions of RSLogix 5, RSLogix 500, and related products.

Counterfeit Android phones are hiding pre-installed malware that can infect every system process
Kaspersky researchers have identified a new strain of the Triada Trojan, pre-installed on counterfeit Android devices. The malware, first identified in 2016, can steal personal