MATLOCK.CA
76Articles
8Categories
2026-03-30Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-3055 Citrix NetScaler Out-of-Bounds Read Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors …
KEVCISA.GOV — Mon, 30 Mar 26 1
πŸ›
Critical Citrix NetScaler memory flaw actively exploited in attacks
KEVBLEEPINGCOMPUTER.COM — 30 Mar 2026
πŸ›
Fortinet hit by another exploited cybersecurity flaw
KEVCSOONLINE.COM — 30 Mar 2026
πŸ›
LangChain path traversal bug adds to input validation woes in AI pipelines
CSOONLINE.COM — 30 Mar 2026
πŸ›
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) - Help Net Security
SH.ITJUST.WORKS — 30 Mar 2026
πŸ›
ZDI-26-249: NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-248: NoMachine External Control of File Path Local Privilege Escalation Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-247: NoMachine External Control of File Path Arbitrary File Deletion Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-244: (Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-243: (Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-242: (Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-241: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-240: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-239: (Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-238: Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-237: (Pwn2Own) QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-236: Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-235: Digilent DASYLab DSA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-234: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-233: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-232: (Pwn2Own) Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-231: Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-229: OpenClaw Client PKCE Verifier Information Disclosure Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-228: OpenClaw Canvas Authentication Bypass Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
ZDI-26-227: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
ZERODAYINITIATIVE.COM — 30 Mar 2026
πŸ›
VU#221883: CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read
KB.CERT.ORG — 2026-03-30
⚠️
Russian State Hackers Go After IoS Devices
CYBERSECURITYTODAY.LIBSYN.COM — 30 Mar 2026
⚠️
A Vulnerability in F5 Products Could Allow for Remote Code Execution
CISECURITY.ORG — 30 Mar 2026
⚠️
Multiple Vulnerabilities in NetScaler ADC and NetScaler Gateway Could Allow for Memory Overread
CISECURITY.ORG — 30 Mar 2026
⚠️
Healthcare tech firm CareCloud says hackers stole patient data
BLEEPINGCOMPUTER.COM — 30 Mar 2026
⚠️
Hackers exploiting critical F5 BIG-IP flaw in attacks, patch now
BLEEPINGCOMPUTER.COM — 30 Mar 2026
⚠️
Critical Fortinet Forticlient EMS flaw now exploited in attacks
BLEEPINGCOMPUTER.COM — 30 Mar 2026
⚠️
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
THEHACKERNEWS.COM — 30 Mar 2026
⚠️
⚑ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
THEHACKERNEWS.COM — 30 Mar 2026
⚠️
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
THEHACKERNEWS.COM — 30 Mar 2026
⚠️
Report: There Are Nearly 66 Billion Stolen Identity Records on Criminal Forums
KNOWBE4.COM — 30 Mar 2026
⚠️
Leak reveals Anthropic’s β€˜Mythos,’ a powerful AI model aimed at cybersecurity use cases
CSOONLINE.COM — 30 Mar 2026
⚠️
APIs are the new perimeter: Here’s how CISOs are securing them
CSOONLINE.COM — 30 Mar 2026
⚠️
Why Kubernetes controllers are the perfect backdoor
CSOONLINE.COM — 30 Mar 2026
⚠️
Oops, all Interviews: Switching to Cyber, CISO Reflections, and the State of TPCRM - ESW #452
YOUTUBE.COM — 2026-03-30
⚠️
VU#655822: Kyverno is vulnerable to server-side request forgery (SSRF)
KB.CERT.ORG — 2026-03-30
⚠️
Cloudflare Client-Side Security: smarter detection, now open to everyone
CLOUDFLARE.COM — 30 Mar 2026
πŸ“’
Popular AI gateway startup LiteLLM ditches controversial startup Delve
TECHCRUNCH.COM — 30 Mar 2026
πŸ“’
Automated Audits vs. Manual: The Binary Choice
YOUTUBE.COM — 2026-03-30
πŸ”₯
New RoadK1ll WebSocket implant used to pivot on breached networks
BLEEPINGCOMPUTER.COM — 30 Mar 2026
πŸ”₯
European Commission confirms data breach after Europa.eu hack
BLEEPINGCOMPUTER.COM — 30 Mar 2026
πŸ”₯
HIBP Mega Update: Passkeys, k-Anonymity Searches, Massive Speed Enhancements and a Bulk Domain Verification API
TROYHUNT.COM — 30 Mar 2026
πŸ”₯
Dutch Police discloses security breach after phishing attack
SH.ITJUST.WORKS — 30 Mar 2026
πŸ•΅οΈ
Apple’s Camera Indicator Lights
SCHNEIER.COM — 2026-03-30
πŸ•΅οΈ
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
THEHACKERNEWS.COM — 30 Mar 2026
πŸ•΅οΈ
ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)
ISC.SANS.EDU — 30 Mar 2026
πŸ•΅οΈ
Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio
MICROSOFT.COM — 30 Mar 2026
πŸ•΅οΈ
Criminals Are Selling Stolen Tax Forms for Cheap on the Dark Web
KNOWBE4.COM — 30 Mar 2026
πŸ•΅οΈ
FIRESIDE CHAT: AI gives rise to a semantic attack surface, forcing a new class of network defense
LASTWATCHDOG.COM — 30 Mar 2026
πŸ•΅οΈ
Security Leadership Styles: Builder, Fixer, or Scale Operator
YOUTUBE.COM — 2026-03-30
πŸ•΅οΈ
Mentorship Monday - Discussions for career and learning!
INFOSEC.PUB — 30 Mar 2026
πŸ•΅οΈ
Security boffins harvest bumper crop of API keys from web β€’ The Register
SH.ITJUST.WORKS — 30 Mar 2026
πŸ•΅οΈ
DevSecOps Tools?
SH.ITJUST.WORKS — 30 Mar 2026
πŸ•΅οΈ
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
SH.ITJUST.WORKS — 30 Mar 2026
πŸ•΅οΈ
TeamPCP Targets Telnyx Package in Latest Software Supply Chain Attack - Infosecurity Magazine
SH.ITJUST.WORKS — 30 Mar 2026
πŸ•΅οΈ
China Upgrades the Backdoor It Uses to Spy on Telcos Globally
SH.ITJUST.WORKS — 30 Mar 2026
πŸ•΅οΈ
ANY.RUN at RSACβ„’ 2026: Highlights & Industry Recognition
ANY.RUN — 30 Mar 2026
🌐
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
TRENDMICRO.COM — 30 Mar 2026
πŸ“‘
Apple adds macOS Terminal warning to block ClickFix attacks
BLEEPINGCOMPUTER.COM — 30 Mar 2026
πŸ“‘
How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
BLEEPINGCOMPUTER.COM — 30 Mar 2026
πŸ“‘
Microsoft pulls KB5079391 Windows update over install issues
BLEEPINGCOMPUTER.COM — 30 Mar 2026
πŸ“‘
3 SOC Process Fixes That Unlock Tier 1 Productivity
THEHACKERNEWS.COM — 30 Mar 2026
πŸ“‘
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
THEHACKERNEWS.COM — 30 Mar 2026
πŸ“‘
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
THEHACKERNEWS.COM — 30 Mar 2026
πŸ“‘
DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
ISC.SANS.EDU — 30 Mar 2026
πŸ“‘
Apple will hide your email address from apps and websites, but not cops
TECHCRUNCH.COM — 30 Mar 2026
πŸ“‘
An iron curtain for AI: how to improve autonomous AI agent security | Kaspersky official blog
KASPERSKY.COM — 30 Mar 2026
πŸ“‘
15 Top Cybersecurity CEOs On The Future Of AI Agents: RSAC 2026
PROOFPOINT.COM — 30 Mar 2026