Cisco Switches Hit by Reboot Loops Due to DNS Client Bug
Cisco has identified a firmware bug in the DNS client service of several switch families that treats DNS lookup failures as fatal, causing affected devices to reboot repeatedly. The issue, first observed around 2 AM on July 18, 2024, impacts CBS250, CBS350, Catalyst C1200, SG350, SG350X, and SG550X series switches. Logs show a "SRCADDRFAIL" fatal error before each reboot, disrupting network stability. Cisco has not released a permanent fix, but temporary mitigations include disabling DNS, SNTP, or outbound internet access on the switches.
Texas Court Blocks Samsung From Tracking TV Viewing, Then Vacates Order
A Texas district court issued a temporary restraining order (TRO) on Jan. 5 prohibiting Samsung from collecting audio and visual data from smart‑TVs using Automated Content Recognition (ACR). The order cited deceptive enrollment practices and alleged Chinese Communist Party access to...
Texas Court Blocks Samsung From Collecting Smart TV Viewing Data
Texas a district court issued a temporary restraining order prohibiting Samsung from collecting, selling, or transferring audio‑visual data from smart TVs owned by Texas residents. The order targets Samsung’s Automated Content Recognition (ACR) system, which captures screenshots every 500 milliseconds...
Microsoft Exchange Online Outage Blocks Access to Mailboxes via IMAP4
Microsoft confirmed an Exchange Online outage that intermittently blocks mailbox access via IMAP4, first reported at 23:35 UTC on Wednesday. The issue stems from a code conflict that introduced an authentication misconfiguration, while other connection methods remain functional. Microsoft has deployed...
Microsoft to Enforce MFA for Microsoft 365 Admin Center Sign-Ins
Microsoft announced that starting next month it will require multi‑factor authentication for every user who signs into the Microsoft 365 admin center. The policy applies to all admin‑level accounts, regardless of organization size or licensing tier. Existing MFA configurations will...
Cisco Warns of Identity Service Engine Flaw with Exploit Code
Cisco has released patches for a critical vulnerability (CVE‑2026‑20029) in its Identity Services Engine (ISE) that allows administrators to read arbitrary files via malformed XML uploads. A proof‑of‑concept exploit is publicly available, prompting Cisco to advise immediate upgrades to the...
CISA Tags Max Severity HPE OneView Flaw as Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has designated a maximum‑severity vulnerability in Hewlett Packard Enterprise (HPE) OneView as actively exploited. Identified as CVE‑2025‑37164, the flaw permits unauthenticated code‑injection attacks that lead to remote code execution on any OneView...
New GoBruteforcer Attack Wave Targets Crypto, Blockchain Projects
A new wave of GoBruteforcer botnet attacks is targeting cryptocurrency and blockchain projects by exploiting exposed FTP, MySQL, PostgreSQL and phpMyAdmin services. The malware uses compromised Linux servers to scan public IP ranges, brute‑force default credentials, and drop web shells...
Microsoft: Classic Outlook Bug Prevents Opening Encrypted Emails
Microsoft is investigating a bug in classic Outlook that blocks recipients from opening emails encrypted with the “Encrypt Only” permission after the Current Channel Version 2511 update (Build 19426.20218). Affected users see a message_v2.rpmsg attachment and a credential prompt instead of the email...
New Veeam Vulnerabilities Expose Backup Servers to RCE Attacks
Veeam announced security updates for its Backup & Replication suite, addressing a critical remote code execution flaw (CVE‑2025‑59470) that impacts version 13.0.1.180 and earlier builds. The patch, delivered in version 13.0.1.1071 on January 6, also resolves two additional high‑ and medium‑severity...