Safety

CISA flags data-theft bug in NSA-built OT networking tool

Legacy NSA security tool GrassMarlin exposes critical infrastructure to data theft via unpatched XXE vulnerability (CVE-2026-6807), with the tool in end-of-life since 2017 and all versions affected.

Thursday, April 30, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline

CISA warns of an XML External Entity injection vulnerability (CVE-2026-6807) in GrassMarlin, an NSA-developed tool for critical infrastructure and SCADA security. The flaw affects all versions and could allow attackers to extract sensitive data from session files. With the tool in end-of-life since 2017, CISA recommends isolating systems from internet access and securing remote connectivity.

Read original at The Register

Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack

Russian state-sponsored actors are actively exploiting CVE-2026-32202, a Windows flaw that escaped Microsoft's incomplete patch for the same vulnerability class, forcing a May 12 federal agency deadline.