MATLOCK.CA
118Articles
9Categories
2026-03-19Date
๐Ÿšจ
CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning ListThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies and organizations using the platform must apply the neceโ€ฆ
KEVGBHACKERS.COM — 19 Mar 2026
๐Ÿšจ
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.  CVE-2026-20131 Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserializaโ€ฆ
KEVCISA.GOV — Thu, 19 Mar 26 1
๐Ÿ›
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
KEVTHEHACKERNEWS.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23233 f2fs: fix to avoid mapping wrong physical block for swapfile
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23242 RDMA/siw: Fix potential NULL pointer dereference in header processing
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23245 net/sched: act_gate: snapshot parameters with RCU on replace
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2025-71266 fs: ntfs3: check return value of indx_find to avoid infinite loop
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2025-71267 fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23244 nvme: fix memory allocation in nvme_pr_read_keys()
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23243 RDMA/umad: Reject negative data_len in ib_umad_write
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-4224 Stack overflow parsing XML with deeply nested DTD content models
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-3644 Incomplete control character validation in http.cookies
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23248 perf/core: Fix refcount bug and potential UAF in perf_mmap
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23246 wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23247 tcp: secure_seq: add back ports to TS offset
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2025-71265 fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-27459 pyOpenSSL DTLS cookie callback buffer overflow
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
KEVSECURITYWEEK.COM — 19 Mar 2026
๐Ÿ›
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
SH.ITJUST.WORKS — 19 Mar 2026
๐Ÿ›
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
SH.ITJUST.WORKS — 19 Mar 2026
๐Ÿ›
Telnet vulnerability opens door to remote code execution as root
CSOONLINE.COM — 19 Mar 2026
๐Ÿ›
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
CSOONLINE.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-26139 Microsoft Purview Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-26138 Microsoft Purview Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-32191 Microsoft Bing Images Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23658 Azure DevOps: msazure Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-26120 Microsoft Bing Tampering Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-23659 Azure Data Factory Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-24299 M365 Copilot Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-26136 Microsoft Copilot Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-26137 Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
CVE-2026-32194 Microsoft Bing Images Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 19 Mar 2026
๐Ÿ›
ZDI-26-221: GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 19 Mar 2026
๐Ÿ›
ZDI-26-220: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 19 Mar 2026
๐Ÿ›
ZDI-26-219: GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 19 Mar 2026
๐Ÿ›
ZDI-26-218: GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 19 Mar 2026
๐Ÿ›
ZDI-26-217: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 19 Mar 2026
โš ๏ธ
Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
ISC.SANS.EDU — 19 Mar 2026
โš ๏ธ
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
KEVGBHACKERS.COM — 19 Mar 2026
โš ๏ธ
New iOS Exploit Uses Advanced iPhone Hacking Tools to Steal Personal Data
GBHACKERS.COM — 19 Mar 2026
โš ๏ธ
ScreenConnect Flaw Lets Hackers Steal Machine Keys and Hijack Sessions
GBHACKERS.COM — 19 Mar 2026
โš ๏ธ
Aura Confirms Data Breach Exposing 900,000 Customer Records
GBHACKERS.COM — 19 Mar 2026
โš ๏ธ
Anthropic ban heralds new era of supply chain risk โ€” with no clear playbook
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
SECURITYWEEK.COM — 19 Mar 2026
โš ๏ธ
Your MFA isnโ€™t broken โ€” itโ€™s being bypassed, and your employees canโ€™t tell the difference
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
Hacking a Robot Vacuum
SCHNEIER.COM — 2026-03-19
โš ๏ธ
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
THEHACKERNEWS.COM — 19 Mar 2026
โš ๏ธ
Critical Microsoft SharePoint flaw now exploited in attacks
BLEEPINGCOMPUTER.COM — 19 Mar 2026
โš ๏ธ
Pyronut Package Backdoors Telegram Bots With RCE
GBHACKERS.COM — 19 Mar 2026
โš ๏ธ
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
BLEEPINGCOMPUTER.COM — 19 Mar 2026
โš ๏ธ
Claude Vulnerabilities Allow Data Exfiltration and Malicious Redirect Attacks
GBHACKERS.COM — 19 Mar 2026
โš ๏ธ
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
SH.ITJUST.WORKS — 19 Mar 2026
โš ๏ธ
Russian APT Exploits Zimbra Vulnerability Against Ukraine
SECURITYWEEK.COM — 19 Mar 2026
โš ๏ธ
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
THEHACKERNEWS.COM — 19 Mar 2026
โš ๏ธ
7 Ways to Prevent Privilege Escalation via Password Resets
BLEEPINGCOMPUTER.COM — 19 Mar 2026
โš ๏ธ
Cybersecurity Responsibility Is Shifting
YOUTUBE.COM — 2026-03-19
โš ๏ธ
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
THEHACKERNEWS.COM — 19 Mar 2026
โš ๏ธ
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
BLEEPINGCOMPUTER.COM — 19 Mar 2026
โš ๏ธ
Beijing wants its own quantum-resistant encryption standards rather than adopt NISTโ€™s
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
Critical ScreenConnect Vulnerability Exposes Machine Keys
SECURITYWEEK.COM — 19 Mar 2026
โš ๏ธ
Privacy Platform Cloaked Raises $375M to Expand Consumer Tools and Enterprise Reach
SECURITYWEEK.COM — 19 Mar 2026
โš ๏ธ
News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks
LASTWATCHDOG.COM — 19 Mar 2026
โš ๏ธ
Antonโ€™s Security Blog Quarterly Q1 2026
KEVMEDIUM.COM — 19 Mar 2026
โš ๏ธ
CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
That cheap KVM device could expose your network to remote compromise
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
SpyCloudโ€™s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
CSOONLINE.COM — 19 Mar 2026
โš ๏ธ
Hacking IP KVMs & Reversing with Radare2 - Sergi ร€lvarez - PSW #918
YOUTUBE.COM — 2026-03-19
โš ๏ธ
Building an Adversarial Consensus Engine | Multi-Agent LLMs for Automated Malware Analysis
SENTINELONE.COM — 19 Mar 2026
โš ๏ธ
Linux & Cloud Detection Engineering - Getting Started with Defend for Containers (D4C)
ELASTIC.CO — 19 Mar 2026
๐Ÿ“ข
5 key priorities for your RSAC 2026 agenda
CSOONLINE.COM — 19 Mar 2026
๐Ÿ“ข
CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident
GBHACKERS.COM — 19 Mar 2026
๐Ÿ“ข
Ubiquiti security advisory (AV26-258)
CYBER.GC.CA — 2026-03-19
๐Ÿ“ข
CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices
TECHCRUNCH.COM — 19 Mar 2026
๐Ÿ“ข
Microsoft security advisory โ€“ January 2026 monthly rollup (AV26-024) โ€“ Update 2
CYBER.GC.CA — 2026-03-19
๐Ÿ“ข
Spring security advisory (AV26-259)
CYBER.GC.CA — 2026-03-19
๐Ÿ”ฅ
Raven Emerges From Stealth With $20 Million in Funding
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ”ฅ
Aura confirms data breach exposing 900,000 marketing contacts
SH.ITJUST.WORKS — 19 Mar 2026
๐Ÿ”ฅ
Security Firm Aura Discloses Data Breach Impacting 900,000 Records
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ”ฅ
Marquis Data Breach Affects 672,000 Individuals
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ”ฅ
FBI seizes pro-Iranian hacking groupโ€™s websites after destructive Stryker hack
TECHCRUNCH.COM — 19 Mar 2026
๐Ÿ”ฅ
Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ”ฅ
FBI seizes Handala data leak site after Stryker cyberattack
BLEEPINGCOMPUTER.COM — 19 Mar 2026
๐Ÿ”ฅ
When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
MICROSOFT.COM — 19 Mar 2026
๐Ÿ”ฅ
Bitrefill blames North Korean Lazarus group for cyberattack
BLEEPINGCOMPUTER.COM — 19 Mar 2026
๐Ÿ”ฅ
1stProtect Emerges From Stealth With $20 Million in Funding
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ”ฅ
Millions of iPhones can be hacked with a new tool found in the wild
ARSTECHNICA.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
ISC.SANS.EDU — 19 Mar 2026
๐Ÿ•ต๏ธ
SnappyClient Implant Blends Remote Access, Data Theft, and Stealth Evasion
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
WaterPlum Unleashes โ€œStoatWaffleโ€ Malware in VSCode Supply Chain Attack
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Open VSX Extension Delivers RAT and Stealer via GitHub Downloader
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
SH.ITJUST.WORKS — 19 Mar 2026
๐Ÿ•ต๏ธ
Horabot Returns in Mexico, Spreading via Phishing and Email Worm Attacks
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
OpenWebUI Servers Targeted in Attacks Using AI Payloads to Steal Data
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Fake Tools and CDNs Power New โ€œVibe-Codedโ€ Malware Campaign
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
ConnectWise patches new flaw allowing ScreenConnect hijacking
SH.ITJUST.WORKS — 19 Mar 2026
๐Ÿ•ต๏ธ
Average Number of Daily API Attacks Up 113% Annually - Infosecurity Magazine
SH.ITJUST.WORKS — 19 Mar 2026
๐Ÿ•ต๏ธ
Hacker Conversations: Ben Harris, from Unintentional Young Hacker to Intentional Adult CEO
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
CISO Whisperer Names 11 Vendors Leading the Shift from Tools to Outcomes at RSA Conference 2026
GBHACKERS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Oasis Security Raises $120 Million for Agentic Access Management
SECURITYWEEK.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Our KnowBe4 Community Is One of Our Greatest Strengths
KNOWBE4.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
New tools and guidance: Announcing Zero Trust for AI
MICROSOFT.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
Securing the Enterprise AI Ecosystem with ServiceNow and Prisma AIRS
PALOALTONETWORKS.COM — 19 Mar 2026
๐Ÿ•ต๏ธ
App Stores Arenโ€™t Actually Safe
YOUTUBE.COM — 2026-03-19
๐Ÿ•ต๏ธ
PC MLA says hackers accessed and shared intimate images on his devices
INFOSEC.PUB — 19 Mar 2026
๐ŸŒ
New โ€˜Perseusโ€™ Android malware checks user notes for secrets
BLEEPINGCOMPUTER.COM — 19 Mar 2026
๐ŸŒ
2025 Year in Review: Malicious, Infrastructure
RECORDEDFUTURE.COM — 19 Mar 2026
๐ŸŽ™๏ธ
Smashing Security podcast #459: This clever scam nearly hijacked a tech CEOโ€™s Apple ID
GRAHAMCLULEY.COM — 19 Mar 2026
๐Ÿ“ก
IndonesianFoods Spam Campaign: 89 000 junk packages in npm
KASPERSKY.COM — 19 Mar 2026
๐Ÿ“ก
How Ceros Gives Security Teams Visibility and Control in Claude Code
THEHACKERNEWS.COM — 19 Mar 2026
๐Ÿ“ก
Max severity Ubiquiti UniFi flaw may allow account takeover
BLEEPINGCOMPUTER.COM — 19 Mar 2026
๐Ÿ“ก
Consumer-focused privacy company Cloaked raises $375M as it expands to enterprise
TECHCRUNCH.COM — 19 Mar 2026
๐Ÿ“ก
Copyright Lures Mask a Multiโ€‘Stage PureLog Stealer Attack on Key Industries
TRENDMICRO.COM — 19 Mar 2026
๐Ÿ“ก
EDR killers explained: Beyond the drivers
WELIVESECURITY.COM — 19 Mar 2026
๐Ÿ“ก
From Invitation to Infection: How SILENTCONNECT Delivers ScreenConnect
ELASTIC.CO — 19 Mar 2026