Daily Security Briefing #089

November 30, 2025 | Read Online

Active exploitation of XSS bug in OpenPLC ScadaBR, CISA updates KEV, cross-platform SCADA risks

Executive Summary

The cybersecurity landscape today highlights the growing risks facing critical infrastructure environments, particularly SCADA systems. CISA’s recent update to its Known Exploited Vulnerabilities catalog underlines an actively exploited cross-site scripting (XSS) vulnerability in OpenPLC ScadaBR, a popular SCADA framework used on both Windows and Linux platforms. This incident exemplifies how operational technology (OT) and industrial control systems remain prime targets for attackers. Organizations using these systems must prioritize patching and monitoring to mitigate exposure to evolving threats. The event underscores ongoing challenges in securing the expanding OT attack surface.

Top Articles

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2021-26829, a cross-site scripting vulnerability in OpenPLC ScadaBR, to its Known Exploited Vulnerabilities catalog due to confirmed active exploitation. The flaw, with a CVSS score of 5.4, affects both Windows and Linux deployments of the software, increasing risks for critical infrastructure systems relying on these platforms. CISA’s update serves as a call for organizations to promptly address this vulnerability to prevent further attacks.
BleepingComputer

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.