Skip to main content

Weekly Intelligence Brief on Security Alerts and Vulnerabilities - Week of September 15, 2025

September 16, 2025

Key Takeaways

  • Hiawatha server versions 8.5-11.7 face multiple vulnerabilities.
  • Keysight Technologies recognized as 2025 Global Company of the Year in 6G testing.
  • ASML invests €1.3 billion in Mistral Artificial Intelligence (AI) for product development.
  • Mitsubishi Electric to acquire Nozomi Networks to enhance cybersecurity.
  • Delta Electronics showcased building automation solutions focused on energy efficiency.

Recent advisories disclosed vulnerabilities in the Hiawatha open-source web server, impacting versions 8.5 through 11.7. The vulnerabilities include improper handling of Hypertext Transfer Protocol (HTTP) headers, an authentication timing attack, and a memory management flaw. The developer recommends installing updates once available, even as ongoing support has ceased.

Keysight Technologies received recognition as the 2025 Global Company of the Year for its contributions to 6G testing and measurement. This recognition from Frost & Sullivan underscores its commitment to Research and Development (R&D) focused on advancing 6G technologies.

ASML announced a €1.3 billion investment in Mistral AI, which will provide an 11% ownership stake. The partnership aims to leverage AI for enhancing product performance. Separately, Mitsubishi Electric will acquire Nozomi Networks to bolster its cybersecurity capabilities and Operational technology (OT), building on previous investments in the company.

Delta Electronics participated at MARVEX 2025, presenting its building automation solutions targeted at energy efficiency and carbon neutrality goals. Meanwhile, the Secure Access Service Edge (SASE) market showed growth, with revenue reaching $2.7 billion, primarily driven by increased integration of Software-Defined Wide Area Network (WAN) (SD-WAN) and Security Services Edge (SSE) technologies.

  1. VU#461364: Hiawatha open-source web server has multiple vulnerabilities
    A local attacker can exploit an authentication timing vulnerability in the Tomahawk component of Hiawatha versions 8.5-11.7.
  2. Hiawatha open-source web server has identified vulnerabilities across multiple components.
    A request smuggling flaw affects Hiawatha server versions 8.5-11.7, allowing attackers to access restricted resources.
  3. Keysight Technologies recognized as 2025 Global Company of the Year in 6G testing
    Frost & Sullivan has awarded Keysight Technologies the title of 2025 Global Company of the Year in the 6G test sector.
  4. ASML invests in Mistral AI, Mitsubishi Electric acquires Nozomi Networks
    ASML invests €1.3 billion in Mistral AI to enhance product development through AI.

Related Perspectives

Netskope Cloud TAP Integrations with NDR and Beyond

November 14, 2025

The Netskope One platform continues to evolve, and a major step in that journey is the ability to easily integrate with your existing security and networking ecosystem. Netskope Cloud TAP offers our customers the option for traffic packet captures (PCAPs) for egress traffic from remote users or offices to the Netskope One platform. This is […]