MATLOCK.CA
115Articles
9Categories
2026-03-27Date
🚨
CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV CatalogThe Cybersecurity and Infrastructure Security Agency (CISA) has urgently added a critical flaw affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this security weakness involves embedded malicious code that targ…
KEVGBHACKERS.COM — 27 Mar 2026
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-53521 F5 BIG-IP Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and…
KEVCISA.GOV — Fri, 27 Mar 26 1
πŸ›
ISC Issues Critical Warning Over Kea DHCP Vulnerability That Could Remotely Crash Services
GBHACKERS.COM — 27 Mar 2026
πŸ›
Windows Error Reporting Vulnerability Exposes Systems to Privilege Escalation, Allowing SYSTEM Access
GBHACKERS.COM — 27 Mar 2026
πŸ›
CVE-2026-28753 NGINX ngx_mail_proxy_module vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-32647 NGINX ngx_http_mp4_module vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-23398 icmp: fix NULL pointer dereference in icmp_tag_validation()
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-23396 wifi: mac80211: fix NULL deref in mesh_matches_local()
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-4645 Github.com/antchfx/xpath: xpath: denial of service via crafted boolean xpath expressions
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-34085
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-33526 Squid vulnerable to Denial of Service in ICP Request handling
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-33515 Squid has issues in ICP message handling
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-32748 Squid has Denial of Service in ICP Response handling
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-27654 NGINX ngx_http_dav_module vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-27784 NGINX ngx_http_mp4_module vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-28755 NGINX ngx_stream_ssl_module vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-23397 nfnetlink_osf: validate individual option lengths in fingerprints
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-4746 Heap Buffer Over-Write Vulenrabilty in timeplus-io/proton
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-4775 Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-23068 spi: spi-sprd-adi: Fix double free in probe error path
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2025-71183 btrfs: always detect conflicting inodes when logging inode refs
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2025-71184 btrfs: fix NULL dereference on root when tracing inode eviction
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-23004 dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
SECURITYWEEK.COM — 27 Mar 2026
πŸ›
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm
KEVCSOONLINE.COM — 27 Mar 2026
πŸ›
Rapid Exploitation of CVE-2026-21962 Hits Oracle WebLogic - Infosecurity Magazine
SH.ITJUST.WORKS — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4673 Heap buffer overflow in WebAudio
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4680 Use after free in FedCM
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4677 Out of bounds read in WebAudio
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4675 Heap buffer overflow in WebGL
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4679 Integer overflow in Fonts
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4674 Out of bounds read in CSS
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
Chromium: CVE-2026-4442 Heap buffer overflow in CSS
MSRC.MICROSOFT.COM — 27 Mar 2026
πŸ›
CVE-2026-32187 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability
MSRC.MICROSOFT.COM — 27 Mar 2026
⚠️
Google: The quantum apocalypse is coming sooner than we thought
CSOONLINE.COM — 27 Mar 2026
⚠️
BreachForums Verion 5 - 339,778 breached accounts
HAVEIBEENPWNED.COM — 27 Mar 2026
⚠️
Red Hat Warns of Malware Embedded in Popular Linux Tool, Opening Doors for Unauthorized Access
GBHACKERS.COM — 27 Mar 2026
⚠️
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
THEHACKERNEWS.COM — 27 Mar 2026
⚠️
TeamPCP Hackers Focus on AI Developers, Planting Malicious Code to Disrupt Projects
GBHACKERS.COM — 27 Mar 2026
⚠️
8 steps CISOs can take to empower their teams
CSOONLINE.COM — 27 Mar 2026
⚠️
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
SECURITYWEEK.COM — 27 Mar 2026
⚠️
CISA: New Langflow flaw actively exploited to hijack AI workflows
KEVSH.ITJUST.WORKS — 27 Mar 2026
⚠️
BIND 9 Security Flaws Allow Attackers to Bypass Security Controls and Crash Servers
GBHACKERS.COM — 27 Mar 2026
⚠️
A forensic intelligence suite for Matrix investigators
SH.ITJUST.WORKS — 27 Mar 2026
⚠️
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
THEHACKERNEWS.COM — 27 Mar 2026
⚠️
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
THEHACKERNEWS.COM — 27 Mar 2026
⚠️
A Matrix forensic intelligence suite for investigators
SH.ITJUST.WORKS — 27 Mar 2026
⚠️
Custom Fonts Can Trick AI Assistants Into Approving Phishing Sites
KNOWBE4.COM — 27 Mar 2026
⚠️
Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets
PROGRAMMING.DEV — 27 Mar 2026
⚠️
European Commission data stolen in a cyberattack on the infrastructure hosting its web sites
CSOONLINE.COM — 27 Mar 2026
⚠️
Spot Scam Red Flags Fast
YOUTUBE.COM — 2026-03-27
πŸ“’
WatchGuard security advisory (AV26-289)
CYBER.GC.CA — 2026-03-27
πŸ“’
Ericsson security advisory (AV26-292)
CYBER.GC.CA — 2026-03-27
πŸ“’
FreeBSD security advisory (AV26-291)
CYBER.GC.CA — 2026-03-27
πŸ“’
[Control systems] Siemens security advisory (AV26-290)
CYBER.GC.CA — 2026-03-27
πŸ“’
Microsoft Edge security advisory (AV26-293)
CYBER.GC.CA — 2026-03-27
πŸ”₯
Iran Targeted by Self-Propagating Malware in Supply-Chain Cyberattacks
INFOSEC.PUB — 27 Mar 2026
πŸ”₯
Anonymous Tip System Breach May Expose Tipsters
CYBERSECURITYTODAY.LIBSYN.COM — 27 Mar 2026
πŸ”₯
Dutch Police discloses security breach after phishing attack
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ”₯
Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams
GBHACKERS.COM — 27 Mar 2026
πŸ”₯
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
THEHACKERNEWS.COM — 27 Mar 2026
πŸ”₯
Cyberangriff auf die Linke
CSOONLINE.COM — 27 Mar 2026
πŸ”₯
European Commission investigating breach after Amazon cloud hack
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ”₯
Hightower Holding Data Breach Impacts 130,000 - SecurityWeek
SH.ITJUST.WORKS — 27 Mar 2026
πŸ”₯
In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
SECURITYWEEK.COM — 27 Mar 2026
πŸ”₯
TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)
ISC.SANS.EDU — 27 Mar 2026
πŸ”₯
Apple says no one using Lockdown Mode has been hacked with spyware
TECHCRUNCH.COM — 27 Mar 2026
πŸ”₯
Iranian hackers claim breach of FBI director Kash Patel’s personal email account
TECHCRUNCH.COM — 27 Mar 2026
πŸ”₯
European Commission investigating breach after Amazon cloud account hack
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ”₯
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
THEHACKERNEWS.COM — 27 Mar 2026
πŸ”₯
Lloyds Bank reveals how IT bug exposed transaction data
CSOONLINE.COM — 27 Mar 2026
πŸ”₯
European Commission confirms cyberattack after hackers claim data breach
TECHCRUNCH.COM — 27 Mar 2026
πŸ”₯
The telnyx packages on PyPI have been compromised
INFOSEC.PUB — 27 Mar 2026
πŸ”₯
Compromised telnyx on PyPI: WAV Steganography and Credential Theft
PROGRAMMING.DEV — 27 Mar 2026
πŸ”₯
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ”₯
Iranian-linked hackers claimed responsibility for the breach of FBI Direct Kash Patel’s personal email account
INFOSEC.PUB — 27 Mar 2026
πŸ”₯
Iranian-linked hackers claimed responsibility for the breach of FBI Direct Kash Patel’s personal email account
PROGRAMMING.DEV — 27 Mar 2026
πŸ”₯
Iranian-linked hackers claimed responsibility for the breach of FBI Direct Kash Patel’s personal email account
SH.ITJUST.WORKS — 27 Mar 2026
πŸ•΅οΈ
ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)
ISC.SANS.EDU — 27 Mar 2026
πŸ•΅οΈ
Off-Topic Friday
INFOSEC.PUB — 27 Mar 2026
πŸ•΅οΈ
Fake Cloudflare CAPTCHA Pages Deliver Infiniti Stealer Malware on macOS
GBHACKERS.COM — 27 Mar 2026
πŸ•΅οΈ
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
GBHACKERS.COM — 27 Mar 2026
πŸ•΅οΈ
Phishing ZIP Files Used to Deploy PXA Stealer Targeting Financial Firms
GBHACKERS.COM — 27 Mar 2026
πŸ•΅οΈ
Hackers Deploy USB Malware, RATs, and Stealers in Southeast Asian Government Attacks
GBHACKERS.COM — 27 Mar 2026
πŸ•΅οΈ
Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks
GBHACKERS.COM — 27 Mar 2026
πŸ•΅οΈ
RSAC 2026 Conference Announcements Summary (Days 3-4)
SECURITYWEEK.COM — 27 Mar 2026
πŸ•΅οΈ
TP-Link Patches High-Severity Router Vulnerabilities
SECURITYWEEK.COM — 27 Mar 2026
πŸ•΅οΈ
How Adaptive Email Security Helps Navigate Threats in the Age of AI
KNOWBE4.COM — 27 Mar 2026
πŸ•΅οΈ
Invoice Fraud Costs UK Construction Sector Millions, NCA Warns - Infosecurity Magazine
SH.ITJUST.WORKS — 27 Mar 2026
πŸ•΅οΈ
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
THEHACKERNEWS.COM — 27 Mar 2026
πŸ•΅οΈ
NYC Health Notifying Patients of 2 Third-Party Hacks
SH.ITJUST.WORKS — 27 Mar 2026
πŸ•΅οΈ
OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
SECURITYWEEK.COM — 27 Mar 2026
πŸ•΅οΈ
The Post-Quantum Visibility Problem
YOUTUBE.COM — 2026-03-27
πŸ•΅οΈ
Pro-Iranian Hacking group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account
SECURITYWEEK.COM — 27 Mar 2026
πŸ•΅οΈ
Hackers have exposed more than 8.3 million supposedly confidential reports to tip lines like Crime Stoppers
INFOSEC.PUB — 27 Mar 2026
πŸ•΅οΈ
Hackers have exposed more than 8.3 million supposedly confidential reports to tip lines like Crime Stoppers
PROGRAMMING.DEV — 27 Mar 2026
πŸ•΅οΈ
Hackers have exposed more than 8.3 million supposedly confidential reports to tip lines like Crime Stoppers
SH.ITJUST.WORKS — 27 Mar 2026
πŸ•΅οΈ
Introducing Our KnowBe4 AI Agents
KNOWBE4.COM — 27 Mar 2026
πŸ•΅οΈ
Friday Squid Blogging: Bioluminescent Bacteria in Squid
SCHNEIER.COM — 2026-03-27
πŸ•΅οΈ
How Microsoft Defender protects high-value assets in real-world attack scenarios
MICROSOFT.COM — 27 Mar 2026
πŸ•΅οΈ
Scam Baiting, AI, and the New Grift Economy, Part 2 - Rinoa Poison - SWN #567
YOUTUBE.COM — 2026-03-27
πŸ•΅οΈ
RSAC 2026: No easy fixes for expanding AI attack surface, but a coordinated response is emerging
LASTWATCHDOG.COM — 27 Mar 2026
🌐
Fake VS Code alerts on GitHub spread malware to developers
BLEEPINGCOMPUTER.COM — 27 Mar 2026
🌐
Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER
ELASTIC.CO — 27 Mar 2026
πŸŽ™οΈ
Soap Box: Red teaming AI systems with SpecterOps
RISKY.BIZ — 27 Mar 2026
πŸ“‘
Windows 11 KB5079391 update rolls out Smart App Control improvements
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ“‘
Anti-piracy coalition takes down AnimePlay app with 5 million users
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ“‘
We Are At War
THEHACKERNEWS.COM — 27 Mar 2026
πŸ“‘
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
BLEEPINGCOMPUTER.COM — 27 Mar 2026
πŸ“‘
Most notable supply-chain attacks of 2025 | Kaspersky official blog
KASPERSKY.COM — 27 Mar 2026
πŸ“‘
RSAC 2026 wrap-up – Week in security with Tony Anscombe
WELIVESECURITY.COM — 27 Mar 2026
πŸ“‘
A cunning predator: How Silver Fox preys on Japanese firms this tax season
WELIVESECURITY.COM — 27 Mar 2026
πŸ“‘
How AI Agents Are Redefining the Insider Risk Threat Model
PROOFPOINT.COM — 27 Mar 2026