Tag: exploit
-
CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)
CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/sharepoint-vulnerability-cve-2026-20963-exploited/
-
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker’s systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-businesses-to-secure-microsoft-intune-systems-after-stryker-breach/
-
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/critical-microsoft-sharepoint-flaw-now-exploited-in-attacks/
-
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/interlock-ransomware-exploit-cisco/
-
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
Tags: attack, cisco, cve, exploit, firewall, flaw, group, ransomware, rce, remote-code-execution, vulnerability, zero-dayThe Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…
-
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout.According to GTIG, multiple commercial surveillance vendors and suspected state-sponsored actors have utilized the full-chain exploit kit, codenamed…
-
CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies and organizations using the platform must apply the necessary updates by April 1, 2026, to mitigate active exploitation risks. Exploited Zimbra Collaboration Suite Flaw Tracked as CVE-2025-66376,…
-
Exploit-Kette entdeckt: Hacker infiltrieren iPhones durch nur einen Klick
Eine Exploit-Kette namens Darksword gefährdet unzählige iPhone-Nutzer. Nur ein falscher Klick im Web lädt datensammelnde Malware auf das Gerät. First seen on golem.de Jump to article: www.golem.de/news/exploit-kette-entdeckt-hacker-infiltrieren-iphones-durch-nur-einen-klick-2603-206677.html
-
CVE-2026-3630: Critical Buffer Overflow in Delta Electronics COMMGR2 Enables Remote Code Execution
Key Takeaways CVSS v3.1 base score of 9.8 (Critical) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, according to the CNA Delta Electronics COMMGR2 contains an out-of-bounds write vulnerability (CWE-787) enabling unauthenticated remote code execution NVD lists the vulnerability as analyzed; vendor advisory Delta-PCSA-2026-00005 is available addressing multiple COMMGR2 vulnerabilities No evidence of active exploitation in the wild; specific affected……
-
CVE-2026-3630: Critical Buffer Overflow in Delta Electronics COMMGR2 Enables Remote Code Execution
Key Takeaways CVSS v3.1 base score of 9.8 (Critical) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, according to the CNA Delta Electronics COMMGR2 contains an out-of-bounds write vulnerability (CWE-787) enabling unauthenticated remote code execution NVD lists the vulnerability as analyzed; vendor advisory Delta-PCSA-2026-00005 is available addressing multiple COMMGR2 vulnerabilities No evidence of active exploitation in the wild; specific affected……
-
ScreenConnect Flaw Lets Hackers Steal Machine Keys and Hijack Sessions
ConnectWise has released a critical security update for its ScreenConnect remote desktop software to address a severe vulnerability that allows attackers to hijack user sessions. The flaw, which compromises the protection of server-level cryptographic material, prompted the company to issue a Priority 1 security bulletin, warning users of a high risk of active exploitation in…
-
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Tags: attack, cisa, cisco, cve, cybersecurity, exploit, flaw, government, infrastructure, microsoft, office, ransomware, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild.The vulnerabilities in question are as follows -CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting First seen…
-
New iOS Exploit Uses Advanced iPhone Hacking Tools to Steal Personal Data
Google Threat Intelligence Group (GTIG) has uncovered a highly sophisticated iOS full-chain exploit dubbed DarkSword. Active since November 2025, this exploit leverages multiple zero-day vulnerabilities to compromise Apple devices running iOS 18.4 through 18.7 fully. DarkSword is highly unusual because it relies entirely on JavaScript throughout its exploit chain, thereby mitigating the need for a…
-
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
Tags: cisco, cyber, exploit, firewall, flaw, network, ransomware, remote-code-execution, threat, vulnerability, zero-daySecurity research has uncovered an active Interlock ransomware campaign exploiting a critical zero-day vulnerability in Cisco Secure Firewall Management Centre (FMC) software. Utilizing this unauthenticated remote code execution flaw via the Amazon MadPot network, threat actors compromised enterprise environments for over a month before public disclosure. Cisco Firewall Zero-Day The intrusion campaign centers entirely on…
-
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
Tags: cisco, cyber, exploit, firewall, flaw, network, ransomware, remote-code-execution, threat, vulnerability, zero-daySecurity research has uncovered an active Interlock ransomware campaign exploiting a critical zero-day vulnerability in Cisco Secure Firewall Management Centre (FMC) software. Utilizing this unauthenticated remote code execution flaw via the Amazon MadPot network, threat actors compromised enterprise environments for over a month before public disclosure. Cisco Firewall Zero-Day The intrusion campaign centers entirely on…
-
State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns
Darksword is the second iOS exploit chain in a month First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/darksword_exploit_kit_steals_iphone/
-
U.S. CISA adds Microsoft SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ([1, 2]) SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first vulnerability added to the catalog, tracked…
-
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/darksword-iphone-exploit-spies-thieves
-
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-zimbra-xss-flaw-exploited-in-attacks/
-
Russia-linked hackers use advanced iPhone exploit to target Ukrainians
The malware, dubbed DarkSword, allows attackers to break into iPhones with little to no user interaction, extract sensitive data within minutes, and then erase traces of the intrusion, researchers at cybersecurity firm Lookout said. First seen on therecord.media Jump to article: therecord.media/russia-linked-hackers-use-iphone-exploit-ukraine
-
Interlock Ransomware Exploited Cisco Firewall Flaw for Weeks
Tags: cisco, exploit, firewall, flaw, group, hacker, infrastructure, ransomware, software, usa, vulnerabilityAWS Researchers Find an Interlock Server Laden With Tools. Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe. First seen on govinfosecurity.com Jump to…
-
Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure
Interlock’s post-exploit toolkit exposed First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/amazon_cisco_firewall_0_day_ransomware/
-
Ransomware gang exploits Cisco flaw in zero-day attacks since January
Tags: attack, cisco, exploit, firewall, flaw, ransomware, remote-code-execution, software, vulnerability, zero-dayThe Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco’s Secure Firewall Management Center (FMC) software in zero-day attacks since late January. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/interlock-ransomware-exploited-secure-fmc-flaw-in-zero-day-attacks-since-january/
-
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Tags: access, cisco, cve, exploit, firewall, flaw, intelligence, ransomware, threat, vulnerability, zero-dayAmazon Threat Intelligence is warning of an active Interlock ransomware campaign that’s exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software.The vulnerability in question is CVE-2026-20131 (CVSS score: 10.0), a case of insecure deserialization of user-supplied Java byte stream, which could allow an unauthenticated, remote attacker to First seen…
-
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/
-
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/
-
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/
-
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/
-
Second iOS exploit kit now in use by suspected Russian hackers
The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. First seen on cyberscoop.com Jump to article: cyberscoop.com/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools/