Cybersecurity

Multiples vulnérabilités dans OpenSSL - Avis CERT-FR 2026-AVI-0403

CERT-FR issued an advisory alerting organizations to multiple critical vulnerabilities in OpenSSL affecting versions 1.0.2 through 3.6.x. Seven CVEs were identified including CVE-2026-28386 through CVE-2026-28390 and CVE-2026-31789-CVE-2026-31790. The vulnerabilities enable remote code execution, denial of service, and data confidentiality breaches. Organizations running affected OpenSSL versions must apply vendor patches immediately.

Multiples vulnérabilités dans les produits Mozilla

CERT-FR published security advisory CERTFR-2026-AVI-0404 alerting to multiple remote code execution vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird. Firefox ESR versions before 115.34.1 and 140.9.1, Firefox before 149.0.2, and Thunderbird versions before 140.9.1 and 149.0.2 are affected. Five CVEs are referenced including CVE-2026-5731 through CVE-2026-5735.

Vulnerability in Moxa Products - Privilege Escalation and Remote DoS

CERT-FR issued a security advisory (CERTFR-2026-AVI-0405) alerting organizations to multiple vulnerabilities affecting 15 series of Moxa industrial computing and networking devices running Windows 7, 10, or 11. The vulnerabilities allow privilege escalation, remote denial of service, data integrity compromise, confidentiality breaches, and security policy bypass. Affected products include BXP-A100, BXP-A101, BXP-C100, DA-680, DA-681C, DA-682C, DA-720, DA-820C, DA-820E, DRP-A100, DRP-C100, EXPC-F2120W, EXPC-F2150W, MC-1100, and MC-1200 series.

Multiple Vulnerabilities in Microsoft Products

CERT-FR issued an advisory warning of 14 unpatched vulnerabilities across Microsoft products, spanning CVEs from CVE-2026-33936 through CVE-2026-35177, disclosed between March 29 and April 8, 2026. The vulnerabilities affect multiple Microsoft products and could allow remote code execution, privilege escalation, or information disclosure. Affected organizations are advised to consult Microsoft Security Response Center bulletins and apply available patches immediately.

SingCERT Security Bulletin: Critical Vulnerabilities Week of 8 April 2026

The Cyber Security Agency of Singapore (CSA) through SingCERT issued its weekly Security Bulletin for 8 April 2026, summarizing critical and high-severity vulnerabilities from NIST's National Vulnerability Database (NVD). The bulletin catalogs multiple CVEs with CVSS scores of 10.0, affecting Microsoft Azure services, ChurchCRM, Dgraph, SandboxJS, Juju, and Samsung Exynos processors. Organizations are advised to review affected products and apply available patches.

STIX XML Indicators of Compromise for Threat Intelligence

CISA ICS-CERT published STIX XML indicators of compromise (IOCs) for threat intelligence purposes. The advisory includes structured XML data containing malicious indicators that organizations can use to detect and identify potential cyber threats targeting industrial control systems and critical infrastructure. These IOCs are designed for integration with security monitoring tools, SIEM systems, and threat intelligence platforms.

CISA ICS-CERT STIX Threat Data - ICS and Enterprise Attack Patterns

CISA published a STIX bundle (AA26-097A) containing structured threat intelligence data with attack patterns for Industrial Control Systems (ICS) and enterprise environments. The bundle includes MITRE ATT&CK mapped techniques covering initial access, command and control, data manipulation, and impact vectors relevant to both ICS and enterprise networks.

Iranian APT Actors Exploit Rockwell PLCs Across US Critical Infrastructure

CISA, FBI, NSA, EPA, DOE, and US Cyber Command issued a joint advisory warning that Iran-affiliated APT actors are conducting active exploitation of internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers across U.S. critical infrastructure. The advisory documents malicious interactions with PLC project files and manipulation of HMI and SCADA displays causing operational disruptions and financial losses in Water, Energy, and Government Services sectors. Agencies recommend immediate review of provided IOCs and implementation of specific mitigations including network isolation of OT devices.

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

CISA, FBI, NSA, EPA, DOE, and US Cyber Command issued a joint cybersecurity advisory on April 7, 2026 warning that Iranian-affiliated APT actors are conducting active exploitation targeting internet-facing OT devices including Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs) across U.S. critical infrastructure. The advisory covers Water and Wastewater Systems and Energy sectors, providing TTPs, IOCs, and specific mitigations including removing PLCs from direct internet exposure and monitoring OT-specific ports.

Critical CVSS 8.8 Vulnerabilities Expose SQL Credentials in Mitsubishi Electric GENESIS64 and ICONICS Suite

CISA ICS-CERT issued advisory ICSA-26-097-01 disclosing two critical vulnerabilities (CVE-2025-14815, CVE-2025-14816) with CVSS 8.8 score in Mitsubishi Electric GENESIS64 and ICONICS Suite products affecting versions 10.97.3 and below. The vulnerabilities stem from cleartext storage of SQL Server credentials in local SQLite cache files, potentially allowing local attackers to obtain plaintext credentials and access, tamper with, or destroy data.