Zyxel alerta para falha crítica de RCE em mais de uma dúzia de routers

26 de fevereiro de 2026

Reportado por IA

A Zyxel emitiu um alerta sobre uma falha de segurança crítica de execução remota de código (RCE) que pode afetar mais de uma dúzia dos seus routers. A empresa abordou um punhado de vulnerabilidades preocupantes nos seus dispositivos. Esta atualização faz parte dos esforços contínuos para proteger equipamentos de rede.

A Zyxel, fabricante de equipamentos de rede, alertou os utilizadores para uma falha de segurança crítica de execução remota de código (RCE) que pode afetar potencialmente mais de uma dúzia de modelos de routers. De acordo com a TechRadar, a vulnerabilidade representa riscos significativos para os dispositivos afetados. Em resposta, a Zyxel lançou correções para várias falhas preocupantes em routers para mitigar estes problemas. O alerta destaca a importância de corrigir tais vulnerabilidades rapidamente para prevenir a exploração. Não foram fornecidos modelos específicos de routers ou detalhes de exploração no relatório inicial. O aviso foi publicado a 26 de fevereiro de 2026, enfatizando medidas de segurança proativas no mercado de routers.

FCC bans new foreign-made routers as security risk

24 de março de 2026 Reportado por IA Imagem gerada por IA

The Federal Communications Commission announced on March 23, 2026, that new consumer-grade routers manufactured outside the US pose an unacceptable national security risk and will be added to its Covered List. The ban applies to sales of new models but spares existing and previously authorized routers. Manufacturers may seek exemptions by planning to shift production to the US.

BeyondTrust RCE flaw enables code execution without login

A critical remote code execution vulnerability has been discovered in multiple BeyondTrust products. The flaw, rated 9.9 out of 10 in severity, allows hackers to run code on affected systems without needing to log in. The issue was reported on February 10, 2026.

Veeam patches three critical security flaws in backup servers

13 de março de 2026 Reportado por IA

Veeam has addressed three critical-severity security vulnerabilities that could expose backup servers to remote code execution attacks. The company issued patches to mitigate these risks. The announcement highlights ongoing concerns in cybersecurity for data protection tools.

Tecnologia

Experts claim ransomware attacks increasingly target firewalls

Tecnologia

Critical flaws discovered in n8n workflow tool

Ásia

China warns of retaliation to EU's cybersecurity crackdown on Huawei, ZTE

Simple hack grants access to 7,000 DJI robovacs

A straightforward hack enabled the owner of a new DJI Romo robot vacuum to connect with thousands of other devices worldwide. The incident highlights an ongoing security vulnerability in the product. TechRadar reported the details on February 18, 2026.

New AirSnitch attack bypasses Wi-Fi client isolation

26 de fevereiro de 2026 Reportado por IA

Researchers have unveiled AirSnitch, a series of attacks that undermine client isolation in Wi-Fi networks, allowing unauthorized communication between devices. The technique exploits low-level network behaviors and affects routers from major manufacturers including Netgear, D-Link, and Cisco. Presented at the 2026 Network and Distributed System Security Symposium, the findings highlight vulnerabilities in home, office, and enterprise setups.

US agencies warn of Iranian hackers targeting critical infrastructure PLCs

The FBI, CISA, NSA, EPA, Department of Energy, and US Cyber Command issued a joint advisory warning of intensified cyberattacks by Iranian-affiliated hackers on programmable logic controllers (PLCs) in US critical infrastructure. Attacks since at least March 2026 have caused operational disruptions and financial losses in government facilities, wastewater, water, energy, and municipal systems, amid escalating tensions in the US-Israel war with Iran.

quarta-feira, 22 de abril de 2026, 09:46h