Zyxel advierte de fallo crítico de RCE en más de una docena de routers

26 de febrero de 2026

Reportado por IA

Zyxel ha emitido una advertencia sobre un fallo de seguridad crítico de ejecución remota de código (RCE) que podría afectar a más de una docena de sus routers. La compañía ha abordado varias vulnerabilidades preocupantes en sus dispositivos. Esta actualización forma parte de los esfuerzos continuos para proteger los equipos de red.

Zyxel, un fabricante de equipos de red, ha alertado a los usuarios sobre un fallo de seguridad crítico de ejecución remota de código (RCE) que podría afectar potencialmente a más de una docena de modelos de routers. Según TechRadar, la vulnerabilidad representa riesgos significativos para los dispositivos afectados. En respuesta, Zyxel ha lanzado correcciones para varios fallos preocupantes en routers con el fin de mitigar estos problemas. La advertencia resalta la importancia de aplicar parches a tales vulnerabilidades de manera rápida para evitar su explotación. No se proporcionaron modelos específicos de routers ni detalles sobre la explotación en el informe inicial. La advertencia se publicó el 26 de febrero de 2026, enfatizando las medidas de seguridad proactivas en el mercado de routers.

FCC bans new foreign-made routers as security risk

24 de marzo de 2026 Reportado por IA Imagen generada por IA

The Federal Communications Commission announced on March 23, 2026, that new consumer-grade routers manufactured outside the US pose an unacceptable national security risk and will be added to its Covered List. The ban applies to sales of new models but spares existing and previously authorized routers. Manufacturers may seek exemptions by planning to shift production to the US.

BeyondTrust RCE flaw enables code execution without login

A critical remote code execution vulnerability has been discovered in multiple BeyondTrust products. The flaw, rated 9.9 out of 10 in severity, allows hackers to run code on affected systems without needing to log in. The issue was reported on February 10, 2026.

Veeam patches three critical security flaws in backup servers

13 de marzo de 2026 Reportado por IA

Veeam has addressed three critical-severity security vulnerabilities that could expose backup servers to remote code execution attacks. The company issued patches to mitigate these risks. The announcement highlights ongoing concerns in cybersecurity for data protection tools.

Tecnología

Experts claim ransomware attacks increasingly target firewalls

Tecnología

Critical flaws discovered in n8n workflow tool

Asia

China warns of retaliation to EU's cybersecurity crackdown on Huawei, ZTE

Simple hack grants access to 7,000 DJI robovacs

A straightforward hack enabled the owner of a new DJI Romo robot vacuum to connect with thousands of other devices worldwide. The incident highlights an ongoing security vulnerability in the product. TechRadar reported the details on February 18, 2026.

New AirSnitch attack bypasses Wi-Fi client isolation

26 de febrero de 2026 Reportado por IA

Researchers have unveiled AirSnitch, a series of attacks that undermine client isolation in Wi-Fi networks, allowing unauthorized communication between devices. The technique exploits low-level network behaviors and affects routers from major manufacturers including Netgear, D-Link, and Cisco. Presented at the 2026 Network and Distributed System Security Symposium, the findings highlight vulnerabilities in home, office, and enterprise setups.

US agencies warn of Iranian hackers targeting critical infrastructure PLCs

The FBI, CISA, NSA, EPA, Department of Energy, and US Cyber Command issued a joint advisory warning of intensified cyberattacks by Iranian-affiliated hackers on programmable logic controllers (PLCs) in US critical infrastructure. Attacks since at least March 2026 have caused operational disruptions and financial losses in government facilities, wastewater, water, energy, and municipal systems, amid escalating tensions in the US-Israel war with Iran.

22 de abril de 2026 09:46