CISA Adds OpenPLC ScadaBR XSS Vulnerability to KEV Amid Exploits

November 30, 2025 at 09:23 AM

•

1 min read

CISA Adds OpenPLC ScadaBR XSS Vulnerability to KEV Amid Exploits — Photo: The Hacker News

TL;DR Summary

CISA has added the actively exploited CVE-2021-26829 XSS vulnerability in OpenPLC ScadaBR to its KEV catalog, highlighting ongoing threats from hacktivist groups like TwoNet, which exploited this flaw in a honeypot to deface a system. The attack involved using default credentials and web application layer exploits, with federal agencies required to patch by December 19, 2025. Additionally, a long-running exploit operation targeting Brazil has been observed, utilizing legitimate cloud infrastructure to evade detection.

Topics:business #cisa #cve-2021-26829 #cybersecurity #exploitation #openplc-scadabr #xss

Share this article

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV The Hacker News
CISA adds four-year-old ScadaBR vulnerability to KEV Catalog Cyber Daily
CISA Adds CVE-2021-26829 to KEV Catalog Amid Russian Hacktivist Exploits WebProNews
CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks CybersecurityNews
CISA Warns of OpenPLC ScadaBR Vulnerability Exploitation Red Hot Cyber

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

88%

622 → 73 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights