matlock.ca // THREAT INTELLIGENCE

101Articles

7Categories

2026-03-17Date

🐛

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

KEVTHEHACKERNEWS.COM — 17 Mar 2026

🐛

CVE-2026-32775

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-23941 Request smuggling via first-wins Content-Length parsing in inets httpd

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-23943 Pre-auth SSH DoS via unbounded zlib inflate

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2025-69647

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2025-69648

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-32249 NFA regex engine NULL pointer dereference affects Vim < 9.2.0137

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-32776

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-32778

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-32777

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-4105 Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-23066 rxrpc: Fix recvmsg() unconditional requeue

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-1703 Limited path traversal when installing wheel archives

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()

MSRC.MICROSOFT.COM — 17 Mar 2026

🐛

Angular XSS Vulnerability Threatens Thousands of Web Applications

GBHACKERS.COM — 17 Mar 2026

🐛

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

SECURITYWEEK.COM — 17 Mar 2026

🐛

Nvidia NemoClaw promises to run OpenClaw agents securely

CSOONLINE.COM — 17 Mar 2026

🐛

Apple pushes first Background Security Improvements update to fix WebKit flaw

BLEEPINGCOMPUTER.COM — 17 Mar 2026

🐛

ZDI-26-216: (Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability

ZERODAYINITIATIVE.COM — 17 Mar 2026

⚠️

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

THEHACKERNEWS.COM — 17 Mar 2026

⚠️

New CondiBot Variant and ‘Monaco’ Miner Target More Network Devices

GBHACKERS.COM — 17 Mar 2026

⚠️

CISA Alerts Users to Exploited Chrome 0-Day Flaws

KEVGBHACKERS.COM — 17 Mar 2026

⚠️

Runtime: The new frontier of AI agent security

CSOONLINE.COM — 17 Mar 2026

⚠️

WebFiling Flaw at UK Companies House Exposed Director Data for Months

GBHACKERS.COM — 17 Mar 2026

⚠️

CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks

KEVGBHACKERS.COM — 17 Mar 2026

⚠️

Creating Better Security Guidance and Code with LLMs - Mark Curphey - ASW #374

YOUTUBE.COM — 2026-03-17

⚠️

South Korean Police Accidentally Post Cryptocurrency Wallet Password

SCHNEIER.COM — 2026-03-17

⚠️

Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools

GBHACKERS.COM — 17 Mar 2026

⚠️

AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch

CSOONLINE.COM — 17 Mar 2026

⚠️

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

SH.ITJUST.WORKS — 17 Mar 2026

⚠️

LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

BLEEPINGCOMPUTER.COM — 17 Mar 2026

⚠️

CISA flags Wing FTP Server flaw as actively exploited in attacks

KEVSH.ITJUST.WORKS — 17 Mar 2026

⚠️

174 Vulnerabilities Targeted by RondoDox Botnet

SECURITYWEEK.COM — 17 Mar 2026

⚠️

Iranian Hackers Use Compromised Cameras for Regional Surveillance

GBHACKERS.COM — 17 Mar 2026

⚠️

Microsoft stops force-installing the Microsoft 365 Copilot app

BLEEPINGCOMPUTER.COM — 17 Mar 2026

⚠️

Outdated OWASP Advice

YOUTUBE.COM — 2026-03-17

⚠️

UK Companies House Exposed Details of Millions of Firms

SECURITYWEEK.COM — 17 Mar 2026

⚠️

Tech Giants Invest $12.5 Million in Open Source Security

SECURITYWEEK.COM — 17 Mar 2026

⚠️

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

THEHACKERNEWS.COM — 17 Mar 2026

⚠️

End / Collapse: New Code, New Risks

YOUTUBE.COM — 2026-03-17

⚠️

Apple rolls out first ‘background security’ update for iPhones, iPads, and Macs to fix Safari bug

TECHCRUNCH.COM — 17 Mar 2026

⚠️

Anton’s Vibe Coding Experience: A Reflection on Risk Decisions

MEDIUM.COM — 17 Mar 2026

⚠️

Malware Hiding on Steam

YOUTUBE.COM — 2026-03-17

⚠️

LABScon25 Replay | Your Apps May Be Gone, But the Hackers Made $9 Billion and They’re Still Here

SENTINELONE.COM — 17 Mar 2026

⚠️

Investing in the people shaping open source and securing the future together

GITHUB.BLOG — 17 Mar 2026

⚠️

Get started with Elastic Security from your AI agent

ELASTIC.CO — 17 Mar 2026

📢

Windows 11 25H2/24H2 Update Addresses Bluetooth Device Visibility Issues

GBHACKERS.COM — 17 Mar 2026

📢

Spring security advisory (AV26-245)

CYBER.GC.CA — 2026-03-17

📢

Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices

TECHCRUNCH.COM — 17 Mar 2026

📢

GitHub security advisory (AV26-246)

CYBER.GC.CA — 2026-03-17

🔥

Weekly Update 495

TROYHUNT.COM — 17 Mar 2026

🔥

Stryker Targeted by Large-Scale Wiper Attack, Tens of Thousands of Devices Lost

GBHACKERS.COM — 17 Mar 2026

🔥

Hackers Abuse Trusted Websites in New Attacks on Microsoft Teams Users

GBHACKERS.COM — 17 Mar 2026

🔥

Payload ransomware hits Windows and ESXi with Babuk-style encryption

GBHACKERS.COM — 17 Mar 2026

🔥

AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks

SECURITYWEEK.COM — 17 Mar 2026

🔥

Google Warns Ransomware Groups Shift to Data Theft as Profits Decline

GBHACKERS.COM — 17 Mar 2026

🔥

Robotic Surgery Giant Intuitive Discloses Cyberattack

SECURITYWEEK.COM — 17 Mar 2026

🔥

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

THEHACKERNEWS.COM — 17 Mar 2026

🔥

Europe sanctions Chinese and Iranian firms for cyberattacks

BLEEPINGCOMPUTER.COM — 17 Mar 2026

🕵️

ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)

ISC.SANS.EDU — 17 Mar 2026

🕵️

LiveChat Support Tools Abused in SaaS Phishing Scheme

GBHACKERS.COM — 17 Mar 2026

🕵️

Malicious NPM Packages Spread PylangGhost RAT in Supply Chain Attack

GBHACKERS.COM — 17 Mar 2026

🕵️

Researchers Uncover Ways to Decrypt Palo Alto Cortex XDR BIOC Rules for Evasion

GBHACKERS.COM — 17 Mar 2026

🕵️

Hackers Leverage Safe Links and URL Rewriting to Evade Detection

GBHACKERS.COM — 17 Mar 2026

🕵️

What is Integrated Cloud Email Security (ICES) and Why do you Need It?

KNOWBE4.COM — 17 Mar 2026

🕵️

Packagist Themes Deliver Trojanized jQuery in OphimCMS Supply Chain Attack

GBHACKERS.COM — 17 Mar 2026

🕵️

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

THEHACKERNEWS.COM — 17 Mar 2026

🕵️

Glassworm Malware Infects Popular React Native npm Packages

GBHACKERS.COM — 17 Mar 2026

🕵️

Microsoft Issues Emergency Patch for Critical Windows 11 RRAS Vulnerabilities

SH.ITJUST.WORKS — 17 Mar 2026

🕵️

IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)

ISC.SANS.EDU — 17 Mar 2026

🕵️

Tracebit Raises $20M for Cloud-Native Deception Technology

SECURITYWEEK.COM — 17 Mar 2026

🕵️

Microsoft shares fix for Windows C: drive access issues on Samsung PCs

BLEEPINGCOMPUTER.COM — 17 Mar 2026

🕵️

Google, Meta, Microsoft Among Signatories of Pact to Combat Scams

SECURITYWEEK.COM — 17 Mar 2026

🕵️

Security Flaw in AWS Bedrock Code Interpreter Raises Alarms - Infosecurity Magazine

SH.ITJUST.WORKS — 17 Mar 2026

🕵️

Cyber-Attacken fluten Eon-Netz: Angriffe verzehnfacht

CSOONLINE.COM — 17 Mar 2026

🕵️

UK Agency Exposed Corporate Executive Data - BankInfoSecurity

SH.ITJUST.WORKS — 17 Mar 2026

🕵️

GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

GBHACKERS.COM — 17 Mar 2026

🕵️

Orchid Security Recognized by Gartner® as a Representative Vendor of Guardian Agents

GBHACKERS.COM — 17 Mar 2026

🕵️

Surf AI Raises $57 Million for Agentic Security Operations Platform

SECURITYWEEK.COM — 17 Mar 2026

🕵️

CyberheistNews Vol 16 #11 9 Must-Know Best Practices for Email Security

KNOWBE4.COM — 17 Mar 2026

🕵️

We don't need to hack your AI Agent to hack your AI Agent - SRLabs Research

INFOSEC.PUB — 17 Mar 2026

🕵️

We don't need to hack your AI Agent to hack your AI Agent - SRLabs Research

INFOSEC.PUB — 17 Mar 2026

🕵️

Switzerland built an alternative to BGP. Nobody noticed

INFOSEC.PUB — 17 Mar 2026

🕵️

Switzerland built an alternative to BGP. Nobody noticed

SH.ITJUST.WORKS — 17 Mar 2026

🕵️

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

SH.ITJUST.WORKS — 17 Mar 2026

🕵️

New font-rendering trick hides malicious commands from AI tools

SH.ITJUST.WORKS — 17 Mar 2026

🕵️

From Phishing to AI Agents: Can We Design for Digital Mindfulness?

KNOWBE4.COM — 17 Mar 2026

🕵️

So Many AI Attacks, It Made Quantum Seem Easy

KNOWBE4.COM — 17 Mar 2026

🕵️

AI Spicy Mode, Steam, Glassworm, Samsung, Stryker, Waymo, Cole Porter, and More - SWN #564

YOUTUBE.COM — 2026-03-17

🌐

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

THEHACKERNEWS.COM — 17 Mar 2026

🌐

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

BLEEPINGCOMPUTER.COM — 17 Mar 2026

📡

Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic

BLEEPINGCOMPUTER.COM — 17 Mar 2026

📡

New Windows 11 hotpatch fixes Bluetooth device visibility issue

BLEEPINGCOMPUTER.COM — 17 Mar 2026

📡

New font-rendering trick hides malicious commands from AI tools

BLEEPINGCOMPUTER.COM — 17 Mar 2026

📡

Top 5 Things CISOs Need to Do Today to Secure AI Agents

BLEEPINGCOMPUTER.COM — 17 Mar 2026

📡

Researchers disclose vulnerabilities in IP KVMs from four manufacturers

ARSTECHNICA.COM — 17 Mar 2026

📡

How World ID wants to put a unique human identity on every AI agent

ARSTECHNICA.COM — 17 Mar 2026

📡

AWS completes the second GDV community audit with participant insurers in Germany

AWS.AMAZON.COM — 17 Mar 2026