Tag: update

Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities

Mar 2, 2026 11:47 PM

Tags: android, exploit, google, update, vulnerability, zero-day

The company’s latest security update contains the highest number of Android vulnerabilities patched in a single month since April 2018. First seen on cyberscoop.com Jump to article: cyberscoop.com/android-security-update-march-2026/
Vulnerability monitoring service secures public-sector websites faster

Mar 2, 2026 9:48 PM

Tags: business, ceo, cyber, dns, government, Internet, monitoring, office, resilience, risk, service, skills, technology, threat, tool, update, vulnerability

Tools good, talk better: The UK government’s VMS uses a combination of commercial and proprietary scanning tools to detect vulnerabilities in internet-facing assets.But McKay cautions against drawing the wrong conclusion from the results.”Process, accountability and taking ownership for explaining why this matters to the resilience of the business is far more important than the technical…
Dust Specter APT Targets Government Officials in Iraq

Mar 2, 2026 5:47 PM

Tags: access, ai, api, apt, attack, backdoor, browser, chrome, cisco, cloud, control, data, detection, encryption, google, government, group, infrastructure, iran, iraq, malicious, malware, monitoring, network, open-source, password, powershell, rat, service, social-engineering, software, threat, tool, update, windows

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. Due to significant overlap in tools, techniques, and procedures (TTPs), as well as victimology, between this campaign and activity associated with Iran-nexus APT groups, ThreatLabz assesses with medium-to-high confidence that an…
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

Mar 2, 2026 5:47 PM

Tags: control, cve, cvss, exploit, Internet, microsoft, russia, update, vulnerability, zero-day

Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that Russia-linked APT28 may have exploited CVE-2026-21513 CVSS score of 8.8), a high-severity MSHTML vulnerability (CVSS 8.8), before Microsoft patched it in February 2026. The vulnerability is an Internet Explorer security control bypass that can lead to code…
IPFire ships its 200th core update with a new domain blocklist and kernel upgrade

Mar 2, 2026 5:47 PM

Tags: firewall, network, update

Network firewall distribution IPFire released Core Update 200, marking the 200th incremental update to the 2.29 branch. The release bundles a kernel upgrade, a beta domain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/02/pfire-2-29-core-update-200-released/
MSHTML Zero-Day in Windows Exploited by APT28 Prior to Feb 2026 Security Update

Mar 2, 2026 3:47 PM

Tags: cve, cyber, exploit, flaw, group, malware, microsoft, threat, update, vulnerability, windows, zero-day

Microsoft released its Patch Tuesday updates, addressing 59 vulnerabilities, including a critical zero-day flaw in the Windows MSHTML framework. Tracked as CVE-2026-21513, this actively exploited vulnerability allows attackers to bypass security features and execute arbitrary code. APT28 is a well-documented advanced persistent threat group known for sophisticated malware campaigns. Security researchers from Akamai discovered that…
Innovation without exposure: A CISO’s secure-by-design framework for business outcomes

Mar 2, 2026 1:47 PM

Tags: ai, authentication, awareness, business, chatgpt, cisa, ciso, cloud, control, cyber, cybersecurity, data, detection, firmware, framework, fraud, governance, identity, injection, iot, law, leak, LLM, metric, mitre, network, nist, offense, radius, RedTeam, resilience, risk, risk-management, service, social-engineering, threat, tool, unauthorized, update

A detection engineer owning “detection as code” patterns and test harnessesA threat hunter owning telemetry quality improvements and query optimizationAn incident responder owning tabletop iterations and runbook hardeningA cloud security lead owning guardrailed landing zone enhancementsThe critical constraint is this: every experiment needs an exit plan. Either it becomes a supported capability, or it is…
OneUptime Command Injection Vulnerability Poses Major Risk of Full System Takeover

Mar 2, 2026 1:47 PM

Tags: cve, cyber, flaw, injection, monitoring, risk, update, vulnerability

A critical command injection vulnerability, identified as CVE-2026-27728, has been discovered in OneUptime, a platform for monitoring and managing online services. This flaw allows authenticated users to execute arbitrary operating system commands on the Probe server, posing a significant risk of a full system takeover. Organizations using versions prior to 10.0.7 are urged to patch…
Brandenburg setzt auf offenes Vergabeverfahren – Innenminister sieht Ausschluss von US-Software Palantir als nicht notwendig

Mar 2, 2026 1:47 PM

Tags: software, update

First seen on security-insider.de Jump to article: www.security-insider.de/palantir-analyse-software-vera-datenschutz-polizei-einsatz-bayern-a-c3deb5d878519bb833591a71fa5226eb/
ClawJacked flaw exposed OpenClaw users to data theft

Mar 2, 2026 12:47 PM

Tags: ai, control, data, data-breach, flaw, malicious, theft, update, vulnerability

“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed malicious websites to brute-force and take control of local AI agent instances. Oasis Security discovered the flaw, which enabled silent data theft. OpenClaw addressed the issue with version 2026.2.26, released…
ClawJacked flaw exposed OpenClaw users to data theft

Mar 2, 2026 12:47 PM

Tags: ai, control, data, data-breach, flaw, malicious, theft, update, vulnerability

“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed malicious websites to brute-force and take control of local AI agent instances. Oasis Security discovered the flaw, which enabled silent data theft. OpenClaw addressed the issue with version 2026.2.26, released…
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

Mar 2, 2026 12:47 PM

Tags: cve, exploit, flaw, framework, microsoft, russia, threat, unauthorized, update, vulnerability, zero-day

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai.The vulnerability in question is CVE-2026-21513 (CVSS score: 8.8), a high-severity security feature bypass affecting the MSHTML Framework.”Protection mechanism failure in MSHTML Framework allows an unauthorized First seen on…
Security hole could let hackers take over Juniper Networks PTX core routers

Feb 27, 2026 11:38 PM

Tags: access, ai, ceo, control, data, data-breach, defense, detection, exploit, firewall, flaw, framework, hacker, identity, malicious, mobile, network, risk, router, service, update, vulnerability

The hole is “especially dangerous, because these devices often sit in the middle of the network, not on the fringes,” said Piyush Sharma, CEO of Tuskira. “If an attacker gains control of a PTX, the impact is bigger than a single device compromise because it can become a traffic vantage point and a control point…
Samsung updates ACR privacy practices after Texas sues TV manufacturers

Feb 27, 2026 7:37 PM

Tags: data, privacy, technology, update

In December, Texas sued five major smart TV manufacturers, Samsung, Sony, LG, Hisense and TCL Technology, for allegedly collecting ACR data without consumers in the state being fully informed and consenting. First seen on therecord.media Jump to article: therecord.media/samsung-updates-acr-privacy-practices-texas
NDSS 2025 Enhancing Security In Third-Party Library Reuse

Feb 27, 2026 6:37 PM

Tags: conference, detection, Internet, network, open-source, programming, software, tool, update, vulnerability

Session 14A: Software Security: Applications & Policies Authors, Creators & Presenters: Shangzhi Xu (The University of New South Wales), Jialiang Dong (The University of New South Wales), Weiting Cai (Delft University of Technology), Juanru Li (Feiyu Tech), Arash Shaghaghi (The University of New South Wales), Nan Sun (The University of New South Wales), Siqi Ma…
Third-Party Patching and the Business Footprint We All Share

Feb 27, 2026 4:37 PM

Tags: attack, business, email, exploit, risk, software, tool, update

Everyday tools like PDF readers, email clients, and archive utilities quietly define the real attack surface. Action1 explains how third-party software drift increases exploit risk and why consistent patching reduces exposure across endpoints. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/third-party-patching-and-the-business-footprint-we-all-share/
Juniper issues emergency patch for critical PTX router RCE

Feb 27, 2026 2:37 PM

Tags: cve, flaw, network, rce, remote-code-execution, router, update, vulnerability

Juniper released an emergency patch for Junos OS Evolved to fix CVE-2026-21902, a critical RCE flaw affecting PTX routers. Juniper Networks issued an out-of-band security update for Junos OS Evolved to address a critical remote code execution vulnerability, tracked as CVE-2026-21902 (CVSS score of 9.3), impacting PTX routers. The company urges customers to apply the…
Your personal OpenClaw agent may also be taking orders from malicious websites

Feb 27, 2026 1:37 PM

Tags: access, ai, api, attack, authentication, credentials, identity, malicious, monitoring, radius, software, update, vulnerability

A larger blast radius: Unlike regular software vulnerabilities, compromised AI agents have a bigger blast radius as they hold sensitive API keys, session tokens, file system access, and the authority to execute tasks across enterprise tools.Barr emphasized that autonomous systems “aggregate identity, credentials, and workflow authority,” meaning a failure doesn’t occur quietly. Instead, the agent…
Android 17 second beta expands privacy controls for contacts, SMS and local networks

Feb 27, 2026 1:37 PM

Tags: android, api, control, google, network, privacy, update

Google’s second beta of Android 17 continues updates to platform behavior and introduces new APIs focused on protecting sensitive data. Protecting contact and local network … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/27/android-17-beta-privacy-updates/
How to make LLMs a defensive advantage without creating a new attack surface

Feb 27, 2026 12:37 PM

Tags: access, ai, api, attack, authentication, best-practice, business, control, credentials, cyber, cybersecurity, data, email, exploit, framework, fraud, governance, group, identity, infrastructure, injection, intelligence, international, LLM, login, malware, mitre, nist, phishing, radius, RedTeam, risk, risk-management, scam, spear-phishing, switch, technology, threat, tool, training, unauthorized, update, vulnerability

Alert triage summaries that turn raw telemetry into a short “what happened, why it matters and what I should check next” narrativeInvestigation copilots that generate a timeline from logs, tickets and chat transcripts, then highlight gaps and recommended pivotsDetection engineering assistance for drafting Sigma, YARA or query language snippets that an engineer can review and…
Critical Trend Micro Apex One Vulnerabilities Allow Remote Malicious Code Execution

Feb 27, 2026 11:37 AM

Tags: cyber, endpoint, flaw, malicious, update, vulnerability, windows

Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to upload malicious code and execute commands on affected systems. The company released a Critical Patch on February 24, 2026, under Solution ID KA-0022458, covering Apex One 2019 (on-premises) on Windows and…
Critical Trend Micro Apex One Vulnerabilities Allow Remote Malicious Code Execution

Feb 27, 2026 11:37 AM

Tags: cyber, endpoint, flaw, malicious, update, vulnerability, windows

Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to upload malicious code and execute commands on affected systems. The company released a Critical Patch on February 24, 2026, under Solution ID KA-0022458, covering Apex One 2019 (on-premises) on Windows and…
Microsoft Defender Enhances Security with URL Click Alerts for Microsoft Teams

Feb 27, 2026 8:37 AM

Tags: cyber, detection, email, malicious, microsoft, monitoring, office, threat, update

Microsoft is expanding its threat detection capabilities by extending Microsoft Defender for Office 365 (MDO) URL click alerting into Microsoft Teams. This critical update allows security teams to detect, investigate, and respond to potentially malicious link clicks within Teams messages, expanding threat monitoring beyond traditional email vectors. By surfacing these alerts, organizations can identify threats…
Trend Micro fixes two critical flaws in Apex One

Feb 27, 2026 12:37 AM

Tags: flaw, remote-code-execution, update, vulnerability, windows

Trend Micro fixed two critical Apex One flaws enabling remote code execution on vulnerable Windows systems and urged immediate updates. Trend Micro has addressed two critical vulnerabilities in Apex One that could allow attackers to achieve remote code execution on affected Windows systems. The company released security updates and strongly urged customers to apply the…
NDSS 2025 Retrofitting XoM For Stripped Binaries Without Embedded Data Relocation

Feb 26, 2026 10:37 PM

Tags: attack, conference, control, data, Hardware, Internet, network, programming, software, threat, update, vulnerability

Session 13D: Software Security: Code and Compiler Authors, Creators & Presenters: Chenke Luo (Wuhan University), Jiang Ming (Tulane University), Mengfei Xie (Wuhan University), Guojun Peng (Wuhan University), Jianming Fu (Wuhan University) PAPER Retrofitting XoM For Stripped Binaries Without Embedded Data Relocation System programs are frequently coded in memory-unsafe languages such as C/C++, rendering them susceptible…
APT37 Adds New Capabilities for Air-Gapped Networks

Feb 26, 2026 5:37 PM

Tags: access, android, api, attack, authentication, backdoor, cloud, communications, computer, credentials, data, detection, endpoint, google, government, group, Hardware, infection, infrastructure, injection, Internet, malicious, malware, microsoft, monitoring, network, north-korea, powershell, service, social-engineering, threat, tool, update, windows

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign, tracked as Ruby Jumper by ThreatLabz, APT37 uses Windows shortcut (LNK) files to initiate an attack that utilizes a set of newly discovered tools. These tools, RESTLEAF, SNAKEDROPPER, THUMBSBD, and VIRUSTASK,…
APT37 Adds New Capabilities for Air-Gapped Networks

Feb 26, 2026 5:37 PM

Tags: access, android, api, attack, authentication, backdoor, cloud, communications, computer, credentials, data, detection, endpoint, google, government, group, Hardware, infection, infrastructure, injection, Internet, malicious, malware, microsoft, monitoring, network, north-korea, powershell, service, social-engineering, threat, tool, update, windows

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign, tracked as Ruby Jumper by ThreatLabz, APT37 uses Windows shortcut (LNK) files to initiate an attack that utilizes a set of newly discovered tools. These tools, RESTLEAF, SNAKEDROPPER, THUMBSBD, and VIRUSTASK,…
Accelerate Secure Releases With Microsoft Copilot and Sonatype Guide

Feb 26, 2026 3:36 PM

Tags: ai, guide, microsoft, software, update

<div cla AI coding assistants, such as Microsoft Copilot, are fundamentally transforming the process of software development. Developers can generate scaffolding, draft functions, update dependencies, and even build full applications in seconds. The speed is real, and so is the productivity boost. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/accelerate-secure-releases-with-microsoft-copilot-and-sonatype-guide/
Accelerate Secure Releases With Microsoft Copilot and Sonatype Guide

Feb 26, 2026 3:36 PM

Tags: ai, guide, microsoft, software, update

<div cla AI coding assistants, such as Microsoft Copilot, are fundamentally transforming the process of software development. Developers can generate scaffolding, draft functions, update dependencies, and even build full applications in seconds. The speed is real, and so is the productivity boost. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/accelerate-secure-releases-with-microsoft-copilot-and-sonatype-guide/
Fraudsters integrate ChatGPT into global scam campaigns

Feb 26, 2026 3:36 PM

Tags: ai, chatgpt, fraud, malicious, openai, scam, update

AI models are being folded into fraud and influence operations that follow long standing tactics. A February 2026 update to OpenAI’s Disrupting Malicious Uses of Our Models … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/26/openai-malicious-chatgpt-use-report/