83Articles
8Categories
2026-03-20Date
🚨 CISA KEV 2[−]
20 Mar KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-31277 Apple Multiple Products Buffer Overflow Vulnerability CVE-2025-32432 Craft CMS Code Injection Vulnerability CVE-2025-43510 Apple…CISA.GOV
20 Mar KEVVulneratility-Lookup 4.2.0submitted by cm0002 to cybersecurity 3 points | 0 comments https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v4.2.0 It is our honour to announce the release of Vulnerability-Lookup 4.2.0 ! This version brings a large number of new CSAF-based vulnerability …INFOSEC.PUB
🐛 COMMON VULNERABILITIES AND EXPOSURES 34[−]
20 MarOracle pushes emergency fix for critical Identity Manager RCE flawOracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992. [...]BLEEPINGCOMPUTER.COM
20 MarCISA orders feds to patch max-severity Cisco flaw by SundayThe Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. [...]BLEEPINGCOMPUTER.COM
20 MarCritical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of DisclosureA critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities. The security defect, tracked as CVE-2026-33017 (CVSS score: 9.3), is a cas…THEHACKERNEWS.COM
20 MarCVE-2025-71225 md: suspend array while updating raid_disks via sysfsInformation published.MSRC.MICROSOFT.COM
20 MarCVE-2026-23154 net: fix segmentation of forwarding fraglist GROInformation published.MSRC.MICROSOFT.COM
20 MarCVE-2026-23169 mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()Information published.MSRC.MICROSOFT.COM
20 MarCVE-2026-23191 ALSA: aloop: Fix racy access at PCM triggerInformation published.MSRC.MICROSOFT.COM
20 MarCVE-2026-23208 ALSA: usb-audio: Prevent excessive number of framesInformation published.MSRC.MICROSOFT.COM
20 MarCVE-2026-23266 fbdev: rivafb: fix divide error in nv3_arb()Information published.MSRC.MICROSOFT.COM
20 MarCVE-2026-23255 net: add proper RCU protection to /proc/net/ptypeInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 18[−]
20 Mar54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable SecurityA new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 34 vulnerable drivers. EDR killer programs have been a common presence in ransomware intrusion…THEHACKERNEWS.COM
20 MarProton Mail Shared User Information with the Police404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. It’s metadata—payment information related to a particular account—but still important knowledge. This sort of thing happens, even to pr…SCHNEIER.COM
20 Mar KEVFBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity TodayFBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack; Apple iPhone Exploit Patch; North Korean Fake IT Workers Grow Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired…CYBERSECURITYTODAY.LIBSYN.COM
20 MarPolice take down 373,000 fake CSAM sites in Operation AliceAn international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages. [...]BLEEPINGCOMPUTER.COM
20 MarTrivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD SecretsTrivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware capable of stealing sensitive CI/CD secrets. The latest incident impacted GitHub Actions "aquasecurity/trivy-action" and "aq…THEHACKERNEWS.COM
20 MarMagento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account TakeoverSansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the atta…THEHACKERNEWS.COM
20 MarDoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS AttacksThe U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control (C2) infrastructure used by several Internet of Things (IoT) botnets like AISURU, Kimwolf, JackSkid, and Mossad as part of a court-authorized law enforcement operation. The effort als…THEHACKERNEWS.COM
20 MarApple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit AttacksApple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword. These attacks employ malicious web content to target out-of-date versions of iOS, tr…THEHACKERNEWS.COM
20 MarAll aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.Workshop Details… We’re looking forward to hearing from the community during our “Future Directions” Workshop! Date: March 31 - April 1, 2026 Where: NIST’s Gaithersburg campus! Registration and Details: HERE Can’t make it? We still want to hear from you – email us at IoTSecurity …NIST.GOV
20 MarGSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)Yesterday, I discovered a malicious Bash script that installs a GSocket backdoor on the victim's computer. I don't know the source of the script not how it is delivered to the victim. ISC.SANS.EDU
20 MarCTI-REALM: A new benchmark for end-to-end detection rule generation with AI agentsExcerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence (CTI) into validated detections. The post CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents appe…MICROSOFT.COM
20 MarStop using AI to submit bug reports, says GoogleGoogle will no longer accept AI-generated submissions to a program it funded to find bugs in open-source software. However, it is contributing to a separate program that uses AI to strengthen security in open-source code. The Google Open Source Software Vulnerability Reward Progr…CSOONLINE.COM
20 MarThe espionage reality: Your infrastructure is already in the collection pathThreat actors have always sought advantage over their targets. Recently we’ve seen two efforts designed for long-term intelligence gain. This activity surfaced right where you would expect inside the enterprise. Enterprises now sit directly in the adversary’s collection path. The…CSOONLINE.COM
20 MarAhab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet - SWN #565Macbeth, Ahab, Peewee Herman, Microsoft, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-565 00:00:00 S…YOUTUBE.COM
20 MarUnexpected Flaw in Laundry CardsA student used a Flipper Zero and AI assistance to reverse engineer an NFC-based laundry card and identify a flaw that allows transaction reversal. Even simple systems like prepaid cards can contain fundamental architectural weaknesses. Tools like Flipper Zero and AI coding assis…YOUTUBE.COM
20 MarCryptographers engage in war of words over RustSec bug reports and subsequent bansubmitted by floofloof to cybersecurity 3 points | 0 comments https://www.theregister.com/2026/03/20/cryptographer_nadim_kobeissi_rustsec_ban/ cross-posted from: infosec.pub/post/43738524 Rust security maintainers contend Nadim Kobeissi’s vulnerability claims are too much Since F…INFOSEC.PUB
20 MarAn Android physical security toolsubmitted by nemesis3856 to cybersecurity 8 points | 0 comments Source code and details: github.com/umutcamliyurt/Praesidium Praesidium is an Android security tool designed to protect devices from physical and software-level intrusion. Running as a persistent foreground service, …SH.ITJUST.WORKS
20 MarIntego X9: Never trust my updatesThis blog post dives into the most common classes of macOS Local Privilege Escalation vulnerabilities, from insecure XPC communications and time-of-check to time-of-use (TOCTOU) Race Conditions to a range of implementation and configuration oversights. We will explore how attacke…QUARKSLAB.COM
📢 SECURITY ADVISORIES 2[−]
20 MarUS accuses Iran’s government of operating hacktivist group that hacked StrykerThe U.S. Justice Department said an Iranian security ministry operates the fake activist persona known as Handala, which claimed responsibility for the destructive hack targeting medical tech giant Stryker.TECHCRUNCH.COM
20 MarDDoS-Attacken: Schlag gegen internationale CyberkriminelleDDos bleibt ein Evergreen unter den Security-Bedrohungen. Karsten Kunert mit ChatGPT In einem großangelegten Schlag gegen ein internationales Hacker-Netzwerk haben Sicherheitsbehörden in Nordamerika und Deutschland die beiden weltgrößten Botnetze zerschlagen. Die Infrastruktur de…CSOONLINE.COM
🔥 INCIDENT REPORTING 14[−]
20 MarFBI links Signal phishing attacks to Russian intelligence servicesThe FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts. [...]BLEEPINGCOMPUTER.COM
20 MarHow CISOs Can Survive the Era of Geopolitical CyberattacksGeopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and contain breaches to reduce the impact of wiper campaigns. [...]BLEEPINGCOMPUTER.COM
20 MarIn Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber ReportingOther noteworthy stories that might have slipped under the radar: vulnerabilities found in KVM devices, Claudy Day Claude vulnerabilities, The Gentlemen ransomware group. The post In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting appeared first o…SECURITYWEEK.COM
20 MarFeds Disrupt IoT Botnets Behind Huge DDoS AttacksThe U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the …KREBSONSECURITY.COM
20 MarThe Importance of Behavioral Analytics in AI-Enabled Cyber AttacksArtificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out phishing attacks and iterate on malware. Now, cybercriminals are using AI to generate personalized phishing emails, deepfakes and malware tha…THEHACKERNEWS.COM
20 MarSpeagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised ServersCybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate program called Cobra DocGuard. "Speagle is designed to surreptitiously harvest sensitive information from infected computers and transmit it to a …THEHACKERNEWS.COM
20 MarCyberattack on vehicle breathalyzer company leaves drivers stranded across the USA cyberattack on a U.S. car breathalyzer company has left drivers across the United States reportedly stranded and unable to start their vehicles.TECHCRUNCH.COM
20 MarDenver’s crosswalks hacked to broadcast anti-Trump messagesPedestrians crossing a street in Denver, Colorado, got rather more than they bargained for last weekend, when the audio signals at two crosswalks began broadcasting a political message alongside their usual walking instructions. Read more in my article on the Hot for Security blo…BITDEFENDER.COM
20 MarLeakNet ransomware: what you need to knowA ransomware gang that claims to be a group of "investigative journalists"? Meet LeakNet - the group using fake CAPTCHA pages to trick employees into hacking themselves. Read more in my article on the Fortra blog.FORTRA.COM
20 MarWater utilities strengthen cybersecurity through cooperationWater utilities are finding that letting information flow can flush out cybersecurity problems. The water industry has a security issue: Many utilities operate with ageing systems and minimal IT or cybersecurity personnel. But by coordinating responses to cyber-attacks, participa…CSOONLINE.COM
20 MarDoJ has taken down botnets behind the largest-ever DDoS attacksubmitted by Innerworld to cybersecurity 10 points | 0 comments https://www.wired.com/story/us-takes-down-botnets-used-in-record-breaking-cyberattacks/INFOSEC.PUB
20 MarDoJ has taken down botnets behind the largest-ever DDoS attacksubmitted by Innerworld to security 2 points | 0 comments https://www.wired.com/story/us-takes-down-botnets-used-in-record-breaking-cyberattacks/PROGRAMMING.DEV
20 MarDoJ has taken down botnets behind the largest-ever DDoS attacksubmitted by Innerworld to cybersecurity 12 points | 0 comments https://www.wired.com/story/us-takes-down-botnets-used-in-record-breaking-cyberattacks/SH.ITJUST.WORKS
20 MarMove fast and save things: A quick guide to recovering a hacked accountWhat you do – and how fast – after an account is compromised often matters more than it may seemWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 9[−]
20 MarFriday Squid Blogging: Jumbo Flying Squid in the South PacificThe population needs better conservation. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.SCHNEIER.COM
20 Mar3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to ChinaThe men violated U.S. export controls laws by scheming to divert massive quantities of the high-performance servers assembled in the United States to China. The post 3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China appeared first on SecurityWeek .SECURITYWEEK.COM
20 MarISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 MarSecure agentic AI end-to-endIn this agentic era, security must be woven into, and around, every layer of the AI estate. At RSAC 2026, we are delivering on that vision with new purpose-built capabilities designed to help organizations secure agents, secure their foundations, and defend using agents and exper…MICROSOFT.COM
20 MarInside Our 'Human Risk: In-Person Experience' in LeedsLast week, our KnowBe4 Leeds office opened its doors to a group of security professionals for an immersive, full-day deep dive into the evolving landscape of human risk.KNOWBE4.COM
20 MarDigital Cleanup: It’s Not Just Your Files, It’s Your BrainDigital Cleanup Day might be seen as a digital chore: delete old files, clear the inbox, reduce your carbon footprint. It’s framed as a technical exercise. But digital cleanup isn't only about your hard drive; it’s also about your mind.KNOWBE4.COM
20 MarGUEST ESSAY: Executives trust AI security even as security teams confront blind spots, new risksIn our recent report, Beyond the Black Box , we found a striking gap: 80% of executives believe their organizations have strong security coverage for AI systems. Only about 40% of AppSec practitioners agree. Related: AI moves mainstream That’s not … (more…) The post GUEST E…LASTWATCHDOG.COM
20 MarDiscord Age Verification RollbackDiscord announced, then quickly retracted, plans for a global age verification system amid mixed reactions. With increasing laws requiring age checks on social media, platforms face pressure to verify users, but technical and privacy challenges slow progress. How can social platf…YOUTUBE.COM
20 MarFrench aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failuresubmitted by Kissaki to cybersecurity 28 points | 1 comments https://securityaffairs.com/189696/intelligence/french-aircraft-carrier-charles-de-gaulle-tracked-via-strava-activity-in-opsec-failure.html Le Monde revealed that France’s aircraft carrier Charles de Gaulle was tracked …INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 2[−]
20 MarGoogle Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and ScamsGoogle on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified developers in an attempt to balance openness with safety. The new changes come against the backdrop of a developer verification…THEHACKERNEWS.COM
20 MarPredator spyware disables iOS camera and microphone indicators | Kaspersky official blogA deep dive into how Intellexa’s Predator spyware interferes with iOS mechanisms to hide camera and microphone activity.KASPERSKY.COM
📡 INFOSEC NEWS 2[−]
20 MarA French Navy officer accidentally leaked the location of an aircraft carrier by logging his run on StravaA French naval officer went on a run around the deck of the Charles de Gaulle aircraft carrier, inadvertently leaking the warship's location when he uploaded the workout to Strava.TECHCRUNCH.COM
20 MarLinux & Cloud Detection Engineering - TeamPCP Container Attack ScenarioThis publication provides a real-world walkthrough of TeamPCP's multi-stage container compromise, demonstrating how Elastic's D4C surfaces runtime signals across each stage of the attack chain.ELASTIC.CO