Adobe releases emergency updates for Adobe Experience Manager Forms flaes after public PoC
Adobe patched three critical vulnerabilities in Experience Manager Forms on JEE (CVSS scores up to 10.0) that allow unauthenticated remote code execution and authentication bypass, after security researchers published proof-of-concept exploits following Adobe's delayed response to responsible disclosure.
If you're running Adobe Experience Manager (AEM) Forms on JEE (versions 6.5.0 to 6.5.23.0), be aware that the products are critically vulnerable and that there's a public PoC. Immediately apply the available patches, because these forms are exposed to the internet and will be attacked very soon. Alternatively, restrict network access to AEM Forms from external networks until you can patch. But even isolating is a temporary fix - someone will attack them if left unpatched.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/adobe-releases-emergency-updates-for-adobe-experience-manager-forms-flaes-after-public-poc-w-g-u-2-v/gD2P6Ple2L
ControlVault Vulnerabilities dubbed ReVault expose Dell business laptops to firmware-level attacks
Cisco Talos discovered five vulnerabilities collectively called "ReVault" in Dell's ControlVault3 firmware affecting over 100 business laptop models, allowing attackers to establish persistent firmware-level access that survives complete operating system reinstallation and can bypass Windows login protections.
It's very weird when the vulnerability affects the advanced security systems of a laptop, and the mitigation is to disable the advanced security systems. We recommend patching your Latitude, Precision, or Dell Pro devices, because fingerprint access is a lot better than recycled passwords. And any laptop can be hacked or will be at some point handed over to another person, for service or if it's lost/stolen.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/controlvault-vulnerabilities-dubbed-revault-expose-dell-business-laptops-to-firmware-level-attacks-s-s-3-x-l/gD2P6Ple2L
Critical flaws in Trend Micro Apex One Management Console actively exploited
Trend Micro issued an emergency bulletin for two critical command injection vulnerabilities (CVE-2025-54948 and CVE-2025-54987, CVSS 9.4) in its Apex One endpoint security platform that allow pre-authenticated attackers to execute malicious code and are being actively exploited in the wild.
If you're running on-premise Trend Micro Apex One 2019 (version 14039 or below), immediately download and run the "FixTool_Aug2025" mitigation tool. Your Apex One console is actively exploited. Then reach-out to Trend Micro for a patch and apply it as soon as it's available.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-flaws-in-trend-micro-apex-one-management-console-actively-exploited-g-6-b-0-p/gD2P6Ple2L
PBS reports data breach exposing data of almost 4,000 employees and affiliates
PBS confirmed a data breach affecting 3,997 employees and affiliates where corporate contact information was stolen from the internal MyPBS.org platform and circulated on Discord servers within "PBS Kids" fan communities.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/pbs-reports-data-breach-exposing-data-of-almost-4000-employees-and-affiliates-r-4-4-r-n/gD2P6Ple2L
Manassas Park City Schools hit by ransomware attack exposing student and staff info
Manassas Park City Schools in Virginia suffered a ransomware attack on June 12, 2025 that potentially compromised sensitive personal information of students, staff, and associated individuals. The attack has been reported to the FBI Cyber Division and Virginia Fusion Center. The number of affected individuals is not disclosed.
****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/manassas-park-city-schools-hit-by-ransomware-attack-exposing-student-and-staff-info-4-j-1-o-8/gD2P6Ple2L
Cursor IDE vulnerability enables persistent code execution through AI plugin trust bypass
Cursor AI code editor patched a vulnerability (CVE-2025-54136) that allowed attackers to achieve persistent remote code execution through the "MCPoison" attack, where malicious modifications to previously approved Model Context Protocol configurations execute automatically without additional security prompts.
If you're using Cursor AI code editor, upgrade to version 1.3 or later to avoid the MCPoison vulnerability that can be abused by attackers to send code execution through poisoned MCP configurations. If you can't upgrade right away, restrict who can modify .cursor/rules/mcp.json files in your repositories and treat these MCP configurations like critical code that requires thorough review before approval.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/cursor-ide-vulnerability-enables-persistent-code-execution-through-ai-plugin-trust-bypass-6-i-3-u-r/gD2P6Ple2L
Pandora Jewelry confirms data breach caused by third-party platform attack
Pandora confirmed a data breach affecting customer data after threat actors linked to the ShinyHunters group used voice phishing to trick employees into authorizing a malicious OAuth application to the company's Salesforce database. The attack is part of an ongoing campaign targeting major companies' Salesforce instances through social engineering tactics that impersonate IT support staff.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/pandora-jewelry-confirms-data-breach-caused-by-third-party-platform-attack-k-a-m-s-w/gD2P6Ple2L
Today I learned that Moebius designed a cover for a computer manual.
I want one.
The naked truth of #cybersecurity
BeyondMachines :verified: