207Articles
9Categories
2026-03-10Date
🚨 CISA KEV 1[−]
10 Mar KEV3 New Actively Exploited Flaws to PatchCISA recently added three new vulnerabilities to the Known Exploited Vulnerabilities catalog (KEV), signaling active exploitation in the wild. These flaws impact critical software including Workspace ONE UEM, SolarWinds help desk, and Ivanti Endpoint Manager, allowing remote atta…YOUTUBE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 99[−]
10 Mar KEVCISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively ExploitedThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 (CVSS score: 7.5) - A server…THEHACKERNEWS.COM
10 MarCVE-2026-3494 MariaDB Server Audit Plugin Comment Handling BypassInformation published.MSRC.MICROSOFT.COM
10 MarCloudflare Pingora Flaws Enable Request Smuggling and Cache Poisoning AttacksIn a recent security advisory, Cloudflare disclosed multiple HTTP request smuggling and cache poisoning vulnerabilities in its open-source Pingora framework. Tracked under the identifiers CVE-2026-2833, CVE-2026-2835, and CVE-2026-2836, these flaws specifically impact standalone …GBHACKERS.COM
10 MarGogs Flaw Could Let Attackers Quietly Overwrite Large File Storage DataA critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this flaw allows unauthenticated attackers to silently overwrite Git Large File Storage (LFS) objects across any repository. By exploitin…GBHACKERS.COM
10 Mar KEVCISA Alerts on Ivanti Endpoint Manager Vulnerability Auth Bypass Exploited in the WildThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed security vulnerability affecting Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) Catalog, warning that the issue is being actively exploited in the wild. The vu…GBHACKERS.COM
10 MarCVE-2026-21262 SQL Server Elevation of Privilege VulnerabilityImproper access control in SQL Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23660 Windows Admin Center in Azure Portal Elevation of Privilege VulnerabilityImproper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-23664 Azure IoT Explorer Information Disclosure VulnerabilityImproper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23667 Broadcast DVR Elevation of Privilege VulnerabilityUse after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-23668 Windows Graphics Component Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-23669 Windows Print Spooler Remote Code Execution VulnerabilityUse after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23671 Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-23673 Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityOut-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24282 Push message Routing Service Elevation of Privilege VulnerabilityOut-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24283 Multiple UNC Provider Kernel Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24285 Win32k Elevation of Privilege VulnerabilityUse after free in Windows Win32K allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24287 Windows Kernel Elevation of Privilege VulnerabilityExternal control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24288 Windows Mobile Broadband Driver Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.MSRC.MICROSOFT.COM
10 MarCVE-2026-24289 Windows Kernel Elevation of Privilege VulnerabilityUse after free in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24290 Windows Projected File System Elevation of Privilege VulnerabilityImproper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege VulnerabilityIncorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24292 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityUse after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityNull pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24294 Windows SMB Server Elevation of Privilege VulnerabilityImproper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24295 Windows Device Association Service Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24296 Windows Device Association Service Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-24297 Windows Kerberos Security Feature Bypass VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25165 Performance Counters for Windows Elevation of Privilege VulnerabilityNull pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution VulnerabilityDeserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25167 Microsoft Brokering File System Elevation of Privilege VulnerabilityUse after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25168 Windows Graphics Component Denial of Service VulnerabilityNull pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25169 Windows Graphics Component Denial of Service VulnerabilityDivide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25170 Windows Hyper-V Elevation of Privilege VulnerabilityUse after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25171 Windows Authentication Elevation of Privilege VulnerabilityUse after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25172 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityInteger overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25173 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityInteger overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25174 Windows Extensible File Allocation Table Elevation of Privilege VulnerabilityOut-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25175 Windows NTFS Elevation of Privilege VulnerabilityOut-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25176 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImproper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25177 Active Directory Domain Services Elevation of Privilege VulnerabilityImproper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25178 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityUse after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25179 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImproper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25180 Windows Graphics Component Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25181 GDI+ Information Disclosure VulnerabilityOut-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25185 Windows Shell Link Processing Spoofing VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25186 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25187 Winlogon Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25188 Windows Telephony Service Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.MSRC.MICROSOFT.COM
10 MarCVE-2026-25189 Windows DWM Core Library Elevation of Privilege VulnerabilityUse after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-25190 GDI Remote Code Execution VulnerabilityUntrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26105 Microsoft SharePoint Server Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityInteger overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26112 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26113 Microsoft Office Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26114 Microsoft SharePoint Server Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23656 Windows App Installer Spoofing VulnerabilityInsufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-20967 System Center Operations Manager (SCOM) Elevation of Privilege VulnerabilityImproper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26121 Azure IOT Explorer Spoofing VulnerabilityServer-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26115 SQL Server Elevation of Privilege VulnerabilityImproper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26116 SQL Server Elevation of Privilege VulnerabilityImproper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26128 Windows SMB Server Elevation of Privilege VulnerabilityImproper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26131 .NET Elevation of Privilege VulnerabilityIncorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26132 Windows Kernel Elevation of Privilege VulnerabilityUse after free in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26134 Microsoft Office Elevation of Privilege VulnerabilityInteger overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26127 .NET Denial of Service VulnerabilityOut-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23674 MapUrlToZone Security Feature Bypass VulnerabilityImproper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege VulnerabilityExternal initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-23654 GitHub: Zero Shot SCFoundation Remote Code Execution VulnerabilityDependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23661 Azure IoT Explorer Information Disclosure VulnerabilityCleartext transmission of sensitive information in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23662 Azure IoT Explorer Information Disclosure VulnerabilityMissing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-23665 Linux Azure Diagnostic extension (LAD) Elevation of Privilege VulnerabilityHeap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26106 Microsoft SharePoint Server Remote Code Execution VulnerabilityImproper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26107 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26108 Microsoft Excel Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26109 Microsoft Excel Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26110 Microsoft Office Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege VulnerabilityAuthentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26118 Azure MCP Server Tools Elevation of Privilege VulnerabilityServer-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26123 Microsoft Authenticator Information Disclosure VulnerabilityCwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26130 ASP.NET Core Denial of Service VulnerabilityAllocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege VulnerabilityImproper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 MarCVE-2026-26144 Microsoft Excel Information Disclosure VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
10 MarCVE-2026-26030 GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable[CVE-2026-26030](https://www.cve.org/CVERecord?id=CVE-2026-26030) is a Remote Code Execution vulnerability that has been identified in Microsoft Semantic Kernel Python SDK, specifically within the InMemoryVectorStore filter functionality. GitHub created this CVE on their behalf. …MSRC.MICROSOFT.COM
10 MarMarch Patch Tuesday: Three high severity holes in Microsoft OfficeThree high severity holes in Microsoft’s Office suite headline the 78 issues listed in the March Patch Tuesday releases, which, grateful CSOs will notice, contain no surprise zero day vulnerabilities. Still, Jack Bicer , director of vulnerability research at Action1, says these O…CSOONLINE.COM
10 MarZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ra…ZERODAYINITIATIVE.COM
10 MarZDI-26-185: Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure VulnerabilityThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. Interaction with the GDI library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigne…ZERODAYINITIATIVE.COM
10 MarZDI-26-184: Microsoft Windows NDIS Driver Use-After-Free Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-183: Microsoft Windows win32full Improper Release Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-182: Microsoft Windows win32full Improper Release Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-181: Microsoft Windows win32full Improper Release Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-180: Microsoft Windows cdd Improper Locking Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-179: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-178: Microsoft Windows cdd Improper Locking Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS ratin…ZERODAYINITIATIVE.COM
10 MarZDI-26-177: Array Networks MotionPro ArrayInstallManager Incorrect Permission Assignment Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Array Networks MotionPro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVS…ZERODAYINITIATIVE.COM
10 MarZDI-26-176: Apple macOS libusd_ms Alembic File Parsing Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must receive a malicious file that is written to the local filesystem. The ZDI has assigned…ZERODAYINITIATIVE.COM
10 MarZDI-26-175: Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure VulnerabilityThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigne…ZERODAYINITIATIVE.COM
10 MarZDI-26-174: Apple macOS ImageIO SGI File Parsing Integer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS r…ZERODAYINITIATIVE.COM
10 MarZDI-26-173: Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of…ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 42[−]
10 MarAn iPhone-hacking toolkit used by Russian spies likely came from U.S military contractorGoogle found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs.TECHCRUNCH.COM
10 MarHacker abusing .arpa domain to evade phishing detection, says InfobloxA threat actor has found a new way to evade phishing detection defenses: Manipulate the .arpa top-level domain (TLD) and IPv6-to-IPv4 tunneling to host phishing content on domains that shouldn’t resolve to an IP address. For the uninitiated, the .arpa domain is an Address and Rou…CSOONLINE.COM
10 MarChinese APT Campaign Uses Middle East Lures to Target Qatar With PlugXChinese state-linked cyber espionage groups are actively exploiting geopolitical tensions in the Middle East to target organizations in Qatar, according to new findings. The campaign began almost immediately after the recent escalation in the region, highlighting how quickly adva…GBHACKERS.COM
10 MarWhen AI safety constrains defenders more than attackersSecurity teams are being urged to adopt AI copilots for threat modeling, phishing simulations, and SOC workflows. Yet many of the most widely deployed, enterprise-approved AI systems struggle to support realistic defensive scenarios once prompts resemble real-world attack behavio…CSOONLINE.COM
10 MarI replaced manual pen tests with automation. Here’s what I learned.More accreditation and compliance requirements have been added in response to cyber incidents. While these frameworks play an important role in establishing security baselines, true security is more than just achieving a perfect compliance score. As I often say, “policies and pro…CSOONLINE.COM
10 MarThreat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector ToolSalesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the …THEHACKERNEWS.COM
10 MariPhone Hacking Toolkit Tied to Russian Espionage May Have Originated in the U.S.A highly advanced iPhone hacking toolkit, originally developed for Western intelligence agencies, has leaked into the hands of Russian spies and Chinese cybercriminals. The exploit framework, known internally as “Coruna,” was likely created by Trenchant, the hacking a…GBHACKERS.COM
10 MarMaking Medical Devices Secure - Tamil Mathi - ASW #373Medical devices are a special segment of the IoT world where availability and patient safety are paramount. Tamil Mathi explains why many devices need to fail open -- the opposite of what traditional appsec approaches might initially think -- and what makes threat modeling these …YOUTUBE.COM
10 MarWhy access decisions are becoming the weakest link in identity securityIn my nearly two decades leading identity and risk programs, I’ve learned a sobering truth that every CISO eventually confronts: hackers don’t hack in — they log in. We often obsess over the perimeter and the sophistication of technical exploits, but many of the most damaging sec…CSOONLINE.COM
10 MarOpenAI to acquire Promptfoo to strengthen AI agent security testingOpenAI said it plans to acquire AI testing startup Promptfoo, a move aimed at strengthening security checks for AI agents as enterprises move toward deploying autonomous systems in business workflows. Promptfoo’s tools allow developers to test LLM applications against adversarial…CSOONLINE.COM
10 MarAPT28 hackers deploy customized variant of Covenant open-source toolThe Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. [...]BLEEPINGCOMPUTER.COM
10 MarThe OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fixWhen I first secured a production line, part of the control system was still running on an unpatched Windows XP machine tucked under a lab table — right next to the state-of-the-art GMP manufacturing setup that produced millions in value every day. Everyone knew that the system w…CSOONLINE.COM
10 MarOpenClaw Advisory Surge Highlights Blind Spot Between GitHub and CVE Vulnerability TrackingOpenClaw’s rapid rise has accidentally exposed how far GitHub’s advisory ecosystem has drifted from traditional CVE‑centric vulnerability tracking. Within roughly three weeks, the project published more than 200 GitHub Security Advisories (GHSA), and its advisory page now lists a…GBHACKERS.COM
10 MarSIM Swaps Expose a Critical Flaw in Identity SecuritySIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. The post SIM Swaps Expose a Critical Flaw in Identity Security appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarDevs looking for OpenClaw get served a GhostClaw RATA malicious npm package posing as an OpenClaw Installer has been caught deploying a remote access trojan (RAT) on victim machines, according to new JFrog research. The package, published under the name “@openclaw-ai/openclawai”, pretends to be an installer for the legitimate CLI …CSOONLINE.COM
10 Mar KEVCISA: Recently patched Ivanti EPM flaw now actively exploitedCISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. [...]BLEEPINGCOMPUTER.COM
10 Mar KEVRecent Ivanti Endpoint Manager Flaw Exploited in AttacksCISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarThe Zero-Day Scramble is Avoidable: A Guide to Attack Surface ReductionYou can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how …THEHACKERNEWS.COM
10 MarSAP Releases Patches for Security Flaws Allowing Remote Code ExecutionOn March 10, 2026, SAP released its monthly Security Patch Day updates, addressing multiple vulnerabilities across its enterprise software products. Maintaining a structured patch management cycle aligned with this monthly schedule remains a foundational practice for enterprise S…GBHACKERS.COM
10 MarShinyHunters claims ongoing Salesforce Aura data theft attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/shinyhunters-claims-ongoing-salesforce-aura-data-theft-attacks/SH.ITJUST.WORKS
10 MarOpenAI Rolls Out Codex Security Vulnerability ScannerCodex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month. The post OpenAI Rolls Out Codex Security Vulnerability Scanner appeared first on SecurityWeek .SECURITYWEEK.COM
10 Mar KEVKevin Mandia’s Armadin Launches With $190 Million in FundingArmadin uses AI-powered red teaming to find and exploit weaknesses in the same way that attackers attack them. The post Kevin Mandia’s Armadin Launches With $190 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarHundreds of Salesforce Customers Allegedly Targeted in New Data Theft CampaignSalesforce has confirmed that customers are being targeted via poorly secured instances. The post Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarNew "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL QueriesCybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcoming…THEHACKERNEWS.COM
10 MarAnnouncing the Custom SAPA Agent: Security Awareness Measurement Built for Your EnvironmentSecurity awareness programs are built on measurement. Before you can reduce human risk, you need a clear understanding of where knowledge gaps exist across your workforce. For many organizations, that process starts with a baseline assessment.KNOWBE4.COM
10 MarAttackers Use Malformed ZIP Archives to Evade Antivirus and EDR ToolsCybersecurity researchers at the CERT Coordination Center (CERT/CC) have issued a warning regarding a newly disclosed evasion technique tracked as VU#976247. Threat actors are increasingly utilizing malformed ZIP archives to bypass Antivirus (AV) and Endpoint Detection and Respon…GBHACKERS.COM
10 MarTop 10 Best Anti-Phishing Tools in 2026The cybersecurity landscape has shifted dramatically, and traditional spam filters are no longer enough to protect sensitive enterprise data. As we navigate through 2026, threat actors are leveraging sophisticated AI-powered exploits to bypass standard security protocols, craft h…GBHACKERS.COM
10 MarAI Medical Devices Attack SurfaceMachine learning models have existed in medical devices for years. They help clinicians predict events like heart attacks or sudden changes in patient health. But historically, these models were small and limited in scope. Now AI systems are expanding rapidly. Models are getting …YOUTUBE.COM
10 MarFortiGate Devices Exploited to Breach Networks and Steal Service Account CredentialsCybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks.  The activity involves the exploitation of recently disclosed security vulnerabil…THEHACKERNEWS.COM
10 MarMicrosoft Patch Tuesday March 2026, (Tue, Mar 10th)Microsoft today released patches for 93 vulnerabilities, including 9 vulnerabilities in Chromium affecting Microsoft Edge. 8 of the vulnerabilities are rated critical. 2 were disclosed prior to today but have not yet been exploited. This update addresses no already-exploited vuln…ISC.SANS.EDU
10 MarMicrosoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flawsToday is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day vulnerabilities. [...]BLEEPINGCOMPUTER.COM
10 MarMicrosoft releases Windows 10 KB5078885 extended security updateMicrosoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including 2 zero-days and an issue that prevent some devices from shutting down. [...]BLEEPINGCOMPUTER.COM
10 MarAdobe Patches 80 Vulnerabilities Across Eight ProductsAdobe has rolled out patches for 80 vulnerabilities across 8 products, including Commerce, Illustrator, Acrobat Reader, and Premiere Pro. The post Adobe Patches 80 Vulnerabilities Across Eight Products appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarMicrosoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flawssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2026-patch-tuesday-fixes-2-zero-days-79-flaws/SH.ITJUST.WORKS
10 Mar KEVMicrosoft Patches 83 VulnerabilitiesMicrosoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild. The post Microsoft Patches 83 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarThe CSO role is evolving fast with AI in Cyber Defense strategyAI and cybersecurity are proving to be extremely challenging for organisations. AI is a double-edged sword – as used by threat actors and under effectively by security companies to ward off AI-centric threats besides the traditional threats. Organizations are continuously ramping…CSOONLINE.COM
10 MarThreat intelligence by ESET is a game changerCyber threats have gained the upper hand on many global organizations, attacking through a relentless cycle of new phishing scams, malware attacks and deepfake incidents. As new-age IT and cybersecurity projects continue to proliferate, CIOs, CISOs, and their teams are embracing …CSOONLINE.COM
10 MarGoogle Cloud Security Threat Horizons Report #13 (H1 2026) Is Out!This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #13 ( full version , no info to enter!) that we just released ( the official blog for #1 report , my unofficial blogs …MEDIUM.COM
10 MarNew ‘BlackSanta’ EDR killer spotted targeting HR departmentsFor more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. [...]BLEEPINGCOMPUTER.COM
10 MarMultiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Mozilla Firefox, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow for a…CISECURITY.ORG
10 MarCritical Patches Issued for Microsoft Products, March 10, 2026Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. …CISECURITY.ORG
10 MarMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a comprehensive software family designed to create, edit, manage, and sign PDF documents across desktop, web, and mobile devices. A…CISECURITY.ORG
📋 SECURITY BULLETINS 1[−]
10 MarMicrosoft to enable Windows hotpatch security updates by defaultMicrosoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security update. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 18[−]
10 MarJailbreaking the F-35 Fighter JetCountries around the world are becoming increasingly concerned about their dependencies on the US. If you’ve purchase US-made F-35 fighter jets, you are dependent on the US for software maintenance. The Dutch Defense Secretary recently said that he could jailbreak the plane…SCHNEIER.COM
10 MarPwC got hackedsubmitted by laz to cybersecurity 1 points | 0 comments cross-posted from: lemmy.dbzer0.com/post/65113725 linkedin.com/…/activity-7436961550927785986-2xH8?… Broken Function Level Authorization in Enterprise Campus Recruitment: A Case Study in BFLA and DPDP Compliance. Recently, I…INFOSEC.PUB
10 MarPwC got hackedsubmitted by laz to security 1 points | 0 comments cross-posted from: lemmy.dbzer0.com/post/65113725 linkedin.com/…/activity-7436961550927785986-2xH8?… Broken Function Level Authorization in Enterprise Campus Recruitment: A Case Study in BFLA and DPDP Compliance. Recently, I audi…PROGRAMMING.DEV
10 MarPwC got hackedsubmitted by laz to cybersecurity 1 points | 0 comments cross-posted from: lemmy.dbzer0.com/post/65113725 linkedin.com/…/activity-7436961550927785986-2xH8?… Broken Function Level Authorization in Enterprise Campus Recruitment: A Case Study in BFLA and DPDP Compliance. Recently, I…SH.ITJUST.WORKS
10 MarMy nephew says he hacked PwC's Saas vendorsubmitted by laz to security -1 points | 0 comments cross-posted from: lemmy.dbzer0.com/post/65115248 Broken Function Level Authorization in Enterprise Campus Recruitment: A Case Study in BFLA and DPDP Compliance. Recently, I audited the frontend architecture of Superset, a recru…PROGRAMMING.DEV
10 MarDOGE employee stole Social Security data and put it on a thumb drive, report saysA whistleblower is accusing a former DOGE member of stealing a large number of Americans’ personal data while he was working at the Social Security Administration, with the plan of using it at his new job.TECHCRUNCH.COM
10 MarPrecious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland - SWN #562Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Tube Stations, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-562YOUTUBE.COM
10 MarAWS European Sovereign Cloud achieves first compliance milestone: SOC 2 and C5 reports plus seven ISO certificationsIn January 2026, we announced the general availability of the AWS European Sovereign Cloud, a new, independent cloud for Europe entirely located within the European Union (EU), and physically and logically separate from all other AWS Regions. The unique approach of the AWS Europe…AWS.AMAZON.COM
🔥 INCIDENT REPORTING 10[−]
10 MarMalicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS CredentialsCybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to the registry by a user…THEHACKERNEWS.COM
10 MarWeekly Update 494Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Since starting HIBP a dozen and a bit years ago, I've loaded an average of one breach every 4.7 days. That's 959 of them to d…TROYHUNT.COM
10 MarGhostClaw Masquerades as OpenClaw in Bid to Plunder Developer DataA malicious npm package, @openclaw-ai/openclawai, that impersonates the legitimate OpenClaw CLI while quietly deploying a full-featured infostealer and RAT against developers’ machines. Internally branded “GhostLoader,” this threat combines polished social engineering, encrypted …GBHACKERS.COM
10 MarSignal Confirms Sophisticated Phishing Scheme Caused Account CompromisesThe secure messaging platform Signal recently confirmed active, targeted phishing campaigns resulting in severe account takeovers. These sophisticated attacks have successfully compromised the accounts of high-profile individuals, specifically targeting government officials and j…GBHACKERS.COM
10 MarSurxRAT Android Malware Uses LLMs for Phishing and Data TheftA new Android Remote Access Trojan (RAT) named SurxRAT, which is being sold as a commercial malware platform through a Telegram-based malware‑as‑a‑service (MaaS) ecosystem. The malware, marketed under the SURXRAT V5 branding, enables cybercriminals to create customized Android ma…GBHACKERS.COM
10 MarTriZetto Provider Solutions Breach Hits 3.4 Million Patients - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/trizetto-provider-solutions-breach/SH.ITJUST.WORKS
10 MarEricsson US discloses data breach after service provider hacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/ericsson-us-discloses-data-breach-after-service-provider-hack/SH.ITJUST.WORKS
10 MarUNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Devicesubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2026/03/unc4899-used-airdrop-file-transfer-and.htmlSH.ITJUST.WORKS
10 MarThousands Affected by Ericsson Data BreachThe telecommunications equipment and services giant has blamed the incident on a third-party vendor. The post Thousands Affected by Ericsson Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarThrough the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress SitesOur analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the …TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 19[−]
10 MarISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
10 MarHackers Use Microsoft Teams to Manipulate Employees Into Allowing Remote AccessA newly discovered malware operation is targeting employees at finance and healthcare organizations by posing as internal IT support. Once inside, the attackers deploy a stealthy new tool called the A0Backdoor. Cybersecurity researchers at BlueVoyant have identified a threat grou…GBHACKERS.COM
10 MarAnthropic Files Lawsuit Against U.S. Government Over Claude Risk DesignationAnthropic has launched an unprecedented lawsuit against the U.S. government after being designated a “supply chain risk“. The legal action, filed in a California federal court, targets the executive office of President Donald Trump, Defense Secretary Pete Hegseth, and…GBHACKERS.COM
10 MarCylake Raises $45 Million to Secure Organizations Barred From CloudThe company, founded by Palo Alto Networks’ Nir Zuk, has developed a platform that focuses on data sovereignty. The post Cylake Raises $45 Million to Secure Organizations Barred From Cloud appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarSigned malware posing as Teams and Zoom apps drops RMM backdoorsA wave of phishing campaigns that used signed malware posing as popular workplace apps like Microsoft Teams, Zoom, and Adobe Reader to deploy remote monitoring and management (RMM) backdoors. The activity, attributed to an as-yet unidentified threat actor, highlights how trusted …GBHACKERS.COM
10 MarOpenAI to Acquire Promptfoo to Address Vulnerabilities in AI SystemsOpenAI has announced the acquisition of Promptfoo, an artificial intelligence security platform designed to help enterprises identify and fix vulnerabilities in their AI systems during development. Once the acquisition is finalized, OpenAI plans to integrate Promptfoo’s advanced …GBHACKERS.COM
10 MarLeading Myanmar Fleet Management Company Yoma Fleet Selects AccuKnox SIEM to Replace Legacy ToolsMenlo Park, USA, March 10th, 2026, CyberNewswire AccuKnox, a leading Zero Trust Cloud-Native Application Protection Platform (CNAPP), today announced that Yoma Fleet, a premier fleet management and leasing company in Myanmar, has selected AccuKnox SIEM to secure its operations an…GBHACKERS.COM
10 MarEscape Raises $18 Million to Automate PentestingThe company will deepen its platform's AI agent capabilities and scale engineering and go-to-market teams. The post Escape Raises $18 Million to Automate Pentesting appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarAPT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian MilitaryThe Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in …THEHACKERNEWS.COM
10 MarMicrosoft Teams phishing targets employees with A0Backdoor malwaresubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-targets-employees-with-backdoors/SH.ITJUST.WORKS
10 MarDutch Intel Warns of Russian Hackers Hijacking Signal, WhatsApp Attackssubmitted by kid to cybersecurity 1 points | 1 comments https://hackread.com/dutch-intel-russia-hackers-hijack-signal-whatsapp-attacks/SH.ITJUST.WORKS
10 MarSAP Patches Critical FS-QUO, NetWeaver VulnerabilitiesA code injection bug in FS-QUO and an insecure deserialization flaw in NetWeaver could lead to arbitrary code execution. The post SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarKai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT SecurityThe company was created by a Claroty founder and is backed by Evolution Equity Partners, N47, and other investors. The post Kai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT Security appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarWebinar Today: Securing Fragile OT in an Exposed WorldJoin the webinar as we examine the current OT threat landscape and move past the "doom and gloom" to discuss the mechanics of modern OT exposure. The post Webinar Today: Securing Fragile OT in an Exposed World appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarJazz Emerges From Stealth With $61M in Funding for AI-Powered DLPThe startup brings AI to data loss prevention to provide visibility into intent, context, and risk. The post Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP appeared first on SecurityWeek .SECURITYWEEK.COM
10 MarReadable Code Might Improve SecuritySoftware maintainers are increasingly focusing on reducing code complexity. One example comes from Daniel Stenberg, who has written about efforts to simplify code by shortening long functions and refactoring abstraction layers. The idea is straightforward: code that humans can ea…YOUTUBE.COM
10 MarYes, You Need AI to Defeat AILong-time followers of mine know that I am not an AI hype person. Some people might even call me an AI critic. I prefer to call myself an AI realist. I do not think AI will kill us all (despite our best efforts to bypass all guardrails and common sense). I do not think AI will re…KNOWBE4.COM
10 MarSednit reloaded: Back in the trenchesThe resurgence of one of Russia’s most notorious APT groupsWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
10 MarThe New Turing Test: How Threats Use Geometry to Prove 'Humanness'Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, including geometry-based cursor tests and CPU timing checks. [...]BLEEPINGCOMPUTER.COM
10 MarNew KadNap botnet hijacks ASUS routers to fuel cybercrime proxy networkA newly discovered botnet malware called KadNap is targeting ASUS routers and other edge networking devices to turn them into proxies for malicious traffic. [...]BLEEPINGCOMPUTER.COM
10 MarKadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy BotnetCybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with mo…THEHACKERNEWS.COM
10 MarNew 'Zombie ZIP' technique lets malware slip past security toolsA new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) products. [...]BLEEPINGCOMPUTER.COM
10 MarNew BeatBanker Android malware poses as Starlink app to hijack devicesA new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store. [...]BLEEPINGCOMPUTER.COM
10 MarBeatBanker: A dual‑mode Android TrojanKaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable of both crypto mining and stealing banking data.SECURELIST.COM
📡 INFOSEC NEWS 11[−]
10 MarCISOs in a Pinch: A Security Analysis of OpenClawLearn about OpenClaw (a sovereign agent) and how this can be viable for enterprises.TRENDMICRO.COM
10 MarHow to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic WorkflowsArtificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open …THEHACKERNEWS.COM
10 MarMicrosoft brings phishing-resistant Windows sign-ins via Entra passkeysMicrosoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello. [...]BLEEPINGCOMPUTER.COM
10 MarTwitter suspended 800 million accounts last year – so why does manipulation remain so rampant?Elon Musk's social media site says it suspended 800 million accounts in a year for spam and manipulation - but with state-backed campaigns still flooding the platform, the real question is how many fake accounts remain. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
10 MarWindows 11 KB5079473 & KB5078883 cumulative updates releasedMicrosoft has released Windows 11 KB5079473 and KB5078883 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]BLEEPINGCOMPUTER.COM
10 MarHPE warns of critical AOS-CX flaw allowing admin password resetsHewlett Packard Enterprise (HPE) has patched multiple security vulnerabilities in the Aruba Networking AOS-CX operating system, including several authentication and code execution issues. [...]BLEEPINGCOMPUTER.COM
10 MarMental health apps are leaking your private thoughts. How do you protect yourself? | Kaspersky official blogA new study has uncovered hundreds of vulnerabilities in popular mental health apps, including leaks of diagnoses, therapy notes, and mood tracking. We break down exactly how this data escapes, and how to choose a more secure service.KASPERSKY.COM
10 MarMandiant’s founder just raised $190M for his autonomous AI agent security startupMandia, who sold his previous company Mandiant to Google for $5.4 billion in 2022, has launched an agentic security startup.TECHCRUNCH.COM
10 MarInvestigating multi-vector attacks in Log ExplorerLog Explorer customers can now identify and investigate multi-vector attacks. Log Explorer supports 14 additional Cloudflare datasets, enabling users to have a 360-degree view of their network.CLOUDFLARE.COM
10 MarSecurity is a team sport: AWS at RSAC 2026 ConferenceThe RSAC 2026 Conference brings together thousands of professionals, practitioners, vendors, and associations to discuss issues covering the entire spectrum of cybersecurity—a place where innovation meets collaboration and the industry’s brightest minds converge to shape its futu…AWS.AMAZON.COM
10 MarAWS Security Hub is expanding to unify security operations across multicloud environmentsAfter talking with many customers, one thing is clear: the security challenge has not gotten easier. Enterprises today operate across a complex mix of environments, including on-premises infrastructure, private data centers, and multiple clouds, often with tools that were never d…AWS.AMAZON.COM