MATLOCK.CA
83Articles
8Categories
2026-03-20Date
🚨
CISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-31277 Apple Multiple Products Buffer Overflow Vulnerability CVE-2025-32432 Craft CMS Code Injection Vulnerability CVE-2025-43510 Apple…
KEVCISA.GOV — Fri, 20 Mar 26 1
🚨
Vulneratility-Lookup 4.2.0submitted by cm0002 to cybersecurity 3 points | 0 comments https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v4.2.0 It is our honour to announce the release of Vulnerability-Lookup 4.2.0 ! This version brings a large number of new CSAF-based vulnerability …
KEVINFOSEC.PUB — 20 Mar 2026
πŸ›
Oracle pushes emergency fix for critical Identity Manager RCE flaw
BLEEPINGCOMPUTER.COM — 20 Mar 2026
πŸ›
CISA orders feds to patch max-severity Cisco flaw by Sunday
BLEEPINGCOMPUTER.COM — 20 Mar 2026
πŸ›
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
THEHACKERNEWS.COM — 20 Mar 2026
πŸ›
CVE-2026-23214 btrfs: reject new transactions if the fs is fully read-only
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23221 bus: fsl-mc: fix use-after-free in driver_override_show()
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2025-71221 dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23110 scsi: core: Wake up the error handler when final completions race against each other
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23171 bonding: fix use-after-free due to enslave fail after slave array update
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2025-71225 md: suspend array while updating raid_disks via sysfs
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2025-71227 wifi: mac80211: don't WARN for connections on invalid channels
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2025-71233 PCI: endpoint: Avoid creating sub-groups asynchronously
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2025-71236 scsi: qla2xxx: Validate sp before freeing associated memory
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23227 drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23207 spi: tegra210-quad: Protect curr_xfer check in IRQ handler
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23113 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23118 rxrpc: Fix data-race warning and potential load/store tearing
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23126 netdevsim: fix a race issue related to the operation on bpf_bound_progs list
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23154 net: fix segmentation of forwarding fraglist GRO
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23157 btrfs: do not strictly require dirty metadata threshold for metadata writepages
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23169 mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23191 ALSA: aloop: Fix racy access at PCM trigger
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23208 ALSA: usb-audio: Prevent excessive number of frames
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23269 apparmor: validate DFA start states are in bounds in unpack_pdb
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23259 io_uring/rw: free potentially allocated iovec on cache put failure
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23268 apparmor: fix unprivileged local user can do privileged policy management
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23266 fbdev: rivafb: fix divide error in nv3_arb()
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23265 f2fs: fix to do sanity check on node footer in {read,write}_end_io
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2006-10002 XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23255 net: add proper RCU protection to /proc/net/ptype
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23253 media: dvb-core: fix wrong reinitialization of ringbuffer on reopen
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2025-71269 btrfs: do not free data reservation in fallback from inline due to -ENOSPC
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2026-23267 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes
MSRC.MICROSOFT.COM — 20 Mar 2026
πŸ›
CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
MSRC.MICROSOFT.COM — 20 Mar 2026
⚠️
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
THEHACKERNEWS.COM — 20 Mar 2026
⚠️
Proton Mail Shared User Information with the Police
SCHNEIER.COM — 2026-03-20
⚠️
FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity Today
KEVCYBERSECURITYTODAY.LIBSYN.COM — 20 Mar 2026
⚠️
Police take down 373,000 fake CSAM sites in Operation Alice
BLEEPINGCOMPUTER.COM — 20 Mar 2026
⚠️
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
THEHACKERNEWS.COM — 20 Mar 2026
⚠️
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
THEHACKERNEWS.COM — 20 Mar 2026
⚠️
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
THEHACKERNEWS.COM — 20 Mar 2026
⚠️
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
THEHACKERNEWS.COM — 20 Mar 2026
⚠️
All aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.
NIST.GOV — 20 Mar 2026
⚠️
GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
ISC.SANS.EDU — 20 Mar 2026
⚠️
CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents
MICROSOFT.COM — 20 Mar 2026
⚠️
Stop using AI to submit bug reports, says Google
CSOONLINE.COM — 20 Mar 2026
⚠️
The espionage reality: Your infrastructure is already in the collection path
CSOONLINE.COM — 20 Mar 2026
⚠️
Ahab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet - SWN #565
YOUTUBE.COM — 2026-03-20
⚠️
Unexpected Flaw in Laundry Cards
YOUTUBE.COM — 2026-03-20
⚠️
Cryptographers engage in war of words over RustSec bug reports and subsequent ban
INFOSEC.PUB — 20 Mar 2026
⚠️
An Android physical security tool
SH.ITJUST.WORKS — 20 Mar 2026
⚠️
Intego X9: Never trust my updates
QUARKSLAB.COM — 2026-03-20
πŸ“’
US accuses Iran’s government of operating hacktivist group that hacked Stryker
TECHCRUNCH.COM — 20 Mar 2026
πŸ“’
DDoS-Attacken: Schlag gegen internationale Cyberkriminelle
CSOONLINE.COM — 20 Mar 2026
πŸ”₯
FBI links Signal phishing attacks to Russian intelligence services
BLEEPINGCOMPUTER.COM — 20 Mar 2026
πŸ”₯
How CISOs Can Survive the Era of Geopolitical Cyberattacks
BLEEPINGCOMPUTER.COM — 20 Mar 2026
πŸ”₯
In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
SECURITYWEEK.COM — 20 Mar 2026
πŸ”₯
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
KREBSONSECURITY.COM — 20 Mar 2026
πŸ”₯
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
THEHACKERNEWS.COM — 20 Mar 2026
πŸ”₯
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
THEHACKERNEWS.COM — 20 Mar 2026
πŸ”₯
Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US
TECHCRUNCH.COM — 20 Mar 2026
πŸ”₯
Denver’s crosswalks hacked to broadcast anti-Trump messages
BITDEFENDER.COM — 20 Mar 2026
πŸ”₯
LeakNet ransomware: what you need to know
FORTRA.COM — 20 Mar 2026
πŸ”₯
Water utilities strengthen cybersecurity through cooperation
CSOONLINE.COM — 20 Mar 2026
πŸ”₯
DoJΒ has taken down botnets behind the largest-ever DDoS attack
INFOSEC.PUB — 20 Mar 2026
πŸ”₯
DoJΒ has taken down botnets behind the largest-ever DDoS attack
PROGRAMMING.DEV — 20 Mar 2026
πŸ”₯
DoJΒ has taken down botnets behind the largest-ever DDoS attack
SH.ITJUST.WORKS — 20 Mar 2026
πŸ”₯
Move fast and save things: A quick guide to recovering a hacked account
WELIVESECURITY.COM — 20 Mar 2026
πŸ•΅οΈ
Friday Squid Blogging: Jumbo Flying Squid in the South Pacific
SCHNEIER.COM — 2026-03-20
πŸ•΅οΈ
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
SECURITYWEEK.COM — 20 Mar 2026
πŸ•΅οΈ
ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
ISC.SANS.EDU — 20 Mar 2026
πŸ•΅οΈ
Secure agentic AI end-to-end
MICROSOFT.COM — 20 Mar 2026
πŸ•΅οΈ
Inside Our 'Human Risk: In-Person Experience' in Leeds
KNOWBE4.COM — 20 Mar 2026
πŸ•΅οΈ
Digital Cleanup: It’s Not Just Your Files, It’s Your Brain
KNOWBE4.COM — 20 Mar 2026
πŸ•΅οΈ
GUEST ESSAY: Executives trust AI security even as security teams confront blind spots, new risks
LASTWATCHDOG.COM — 20 Mar 2026
πŸ•΅οΈ
Discord Age Verification Rollback
YOUTUBE.COM — 2026-03-20
πŸ•΅οΈ
French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure
INFOSEC.PUB — 20 Mar 2026
🌐
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
THEHACKERNEWS.COM — 20 Mar 2026
🌐
Predator spyware disables iOS camera and microphone indicators | Kaspersky official blog
KASPERSKY.COM — 20 Mar 2026
πŸ“‘
A French Navy officer accidentally leaked the location of an aircraft carrier by logging his run on Strava
TECHCRUNCH.COM — 20 Mar 2026
πŸ“‘
Linux & Cloud Detection Engineering - TeamPCP Container Attack Scenario
ELASTIC.CO — 20 Mar 2026