CVE-2021-26828 | FAIR INTEL

When Your PLC Becomes Everyone’s PLC: ScadaBR’s Unwanted Guest Login

CISA reports that two long-known OpenPLC ScadaBR web vulnerabilities (stored XSS and authenticated arbitrary file upload) are now being actively exploited and must be urgently remediated by federal and other organizations using the software.

Dec 816 min read

When Your PLC Becomes Everyone’s PLC: ScadaBR’s Unwanted Guest Login

The App Looked Legit. The Fraud Was Even Better.

Your Dream Job, Sponsored by PureRAT

The Case of the Vanishing Attachment and the Stolen Login