The Containment Era is here. →Explore

aviatrix logoAviatrix
Under Active Attack
Industry Category

Facilities Services

Breach intelligence, attack campaigns, and threat reports targeting the Facilities Services sector.

4 threat reports
Page 1 of 1

Explore Other Sectors

Accounting
Aerospace/Aviation
Agriculture
Airlines/Aviation
Animation
Apparel/Fashion
Architecture/Planning
Artificial Intelligence
Artificial Intelligence/Machine Learning
Arts/Crafts
Automotive
Aviation/Aerospace
Banking/Mortgage
Biotechnology/Greentech
Blockchain/Cryptocurrency
Broadcast Media
Broadcasting Media
Broadcasting/Media
Building Materials
Business Supplies/Equipment
Capital Markets/Hedge Fund/Private Equity
Chemical
Chemicals
Civic/Social Organization
Civil Engineering
Cloud Computing
Cloud Computing/SaaS
Cloud Services
Commercial Facilities
Commercial Real Estate
Computer Games
Computer Hardware
Computer Networking
Computer Software/Engineering
Computer/Network Security
Construction
Consulting
Consumer Electronics
Consumer Goods
Consumer Services
Cosmetics
Cosmetics
Critical Manufacturing
Cryptocurrencies
Customer Services
Cybersecurity
Dairy
Dating/Personal Services
Defense/Space
Design
E-Learning
Education Management
Electrical/Electronic Manufacturing
Emergency Services
Energy
Energy/Oil/Solar/Greentech
Entertainment/Movie Production
Environmental Services
Events Services
Facilities Services
Farming
Fashion/Apparel
Financial Services
Fine Art
Fishery
Food Production
Food/Beverages
Fortune 500 companies
Franchising
Fundraising
Gambling/Casinos
Gaming
Gaming/Casinos
Government Administration
Government Facilities
Government Relations
Graphic Design/Web Design
Health Care / Life Sciences
Higher Education/Acadamia
Hospitality
Human Resources/HR
Import/Export
Individual/Family Services
Industrial Automation
Information Services
Information Technology/IT
Insurance
International Affairs
International Trade/Development
Internet
Investment Banking/Venture
Investment Management/Hedge Fund/Private Equity
Judiciary
Law Enforcement
Law Practice/Law Firms
Legal Services
Legislative Office
Leisure/Travel
Logistics/Procurement
Luxury Goods/Jewelry
Machinery
Management Consulting
Manufacturing
Maritime
Marketing/Advertising/Sales
Mechanical or Industrial Engineering
Media Production
Medical Equipment
Medical Practice
Military Industry
Mining/Metals
Mobile
Museums/Institutions
Music
Newspapers/Journalism
Non-Profit/Volunteering
Oil/Energy/Solar/Greentech
Online Publishing
Outsourcing/Offshoring
Package/Freight Delivery
Parking
Pharmaceuticals
Philanthropy
Photography
Plastics
Political Organization
Primary/Secondary Education
Professional Training
Public Relations/PR
Public Safety
Publishing Industry
Railroad Manufacture
Real Estate/Mortgage
Recreational Facilities/Services
Religious Institutions
Renewables/Environment
Research Industry
Restaurants
Retail Industry
Robotics
Rural Healthcare
Security/Investigations
Semiconductors
Sporting Goods
Sports
Staffing/Recruiting
Supermarkets
Technology
Technology/IT
Telecommunications
Think Tanks
Toys and Games
Transportation
Travel/Tourism
Trucking/Freight
Utilities
Venture Capital/VC
Warehousing
Water and Wastewater
Water and Wastewater Systems
Water and Wastewater Treatment
Water, Waste, Steam, and Air Conditioning Services
Water/Wastewater Management
Water/Wastewater/Utilities
Wholesale
Wireless

Facilities Services Threat Reports

Showing 14 / 4 reports
Yarbo Mobile App Vulnerabilities Expose Robot Fleet to Remote Control
Impact· CRITICAL
Commercial Real Estate

Yarbo Mobile App Vulnerabilities Expose Robot Fleet to Remote Control

In June 2026, critical vulnerabilities were identified in Yarbo's Android and iOS mobile applications and cloud infrastructure. These flaws included hard-coded MQTT broker credentials and inadequate authorization controls, allowing unauthorized access to telemetry data and remote command execution on Yarbo's robotic devices. Exploitation of these vulnerabilities could lead to unauthorized control over the robot fleet and exposure of sensitive user information. Yarbo has since released updates to address these issues, urging users to update their applications to version 3.17.4 or later. This incident underscores the persistent risks associated with hard-coded credentials and misconfigured cloud services in IoT devices. As the adoption of connected devices continues to rise, ensuring robust security measures and regular updates is crucial to prevent unauthorized access and potential exploitation.

1 week ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(high)
Read Report
Critical Vulnerability in ABB EIBPORT Devices Disclosed
Impact· HIGH
Construction

Critical Vulnerability in ABB EIBPORT Devices Disclosed

In May 2026, ABB disclosed a critical vulnerability in its EIBPORT V3 KNX and KNX GSM devices, versions prior to 3.9.2. The flaw, identified as CVE-2021-22291, is a cross-site scripting (XSS) vulnerability that could allow attackers to access sensitive information and alter device configurations. ABB has released firmware updates to address this issue and recommends immediate application to mitigate potential risks. This incident underscores the persistent threat of web-based vulnerabilities in industrial control systems, emphasizing the need for continuous monitoring and timely patch management to protect critical infrastructure from evolving cyber threats.

3 weeks ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(low)
E
Exfiltration(low)
I
Impact(low)
Read Report
Siemens Building X Firmware Supply Chain Flaw: Risks and Mitigation
Impact· medium
Critical Manufacturing

Siemens Building X Firmware Supply Chain Flaw: Risks and Mitigation

In December 2025, Siemens disclosed a critical vulnerability in its Building X - Security Manager Edge Controller (ACC-AP), affecting all firmware versions. The flaw, tracked as CVE-2022-31807, is an improper verification of cryptographic signature that enables a local—or, in some cases, remote—attacker to upload maliciously altered firmware to the device. This could be exploited by an individual with physical access or by intercepting firmware updates, introducing risks to device integrity and broadening the attack surface in critical manufacturing environments. Siemens has issued operational mitigations but no permanent patch is planned. This incident highlights increasing attention on firmware supply chain vulnerabilities across operational technology (OT) in critical infrastructure. Insecure update mechanisms are a prime target for actors seeking persistent access or sabotage, echoing a trend that is prompting regulators and organizations to strengthen controls—especially amid rising regulatory scrutiny and high-profile supply chain breaches.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(low)
C&C
Command & Control(low)
E
Exfiltration(low)
I
Impact(medium)
Read Report
PRC State Actors Compromise Public Sector with BRICKSTORM Malware
Impact· medium
Government Administration

PRC State Actors Compromise Public Sector with BRICKSTORM Malware

In late 2025, PRC state-sponsored cyber actors launched a sophisticated espionage campaign using the BRICKSTORM malware, targeting government and information technology sectors. The threat actors gained initial access via a compromised web server in victim DMZs, progressed laterally to internal VMware vCenter servers, and deployed BRICKSTORM to maintain deep persistence in both VMware vSphere and Windows environments. Leveraging advanced encrypted communication channels, stolen credentials, and techniques such as DNS-over-HTTPS and rogue virtual machines, the actors exfiltrated sensitive data while evading detection for extended periods. This incident underscores the evolving tactics of nation-state adversaries, who now frequently employ modular, stealthy malware to attack critical infrastructure. The widespread use of cloud and virtualization platforms in public sector IT environments makes these organizations particularly vulnerable to such persistent threats.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(medium)
Read Report
[ INCIDENT RESPONSE // UNDER ATTACK? ]

Stop Active Cloud Data Exfiltration

Aviatrix Breach Lock helps teams instantly identify what data is leaving the environment, from which workload, and where it’s going — during an active breach.

Under Attack

Looking for threats in a different sector?

Browse All Threat Reports