Tag: vulnerability
-
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
The Russian state-backed hacker group APT28 targeted a Ukrainian government agency by exploiting a vulnerability in Zimbra webmail software. First seen on therecord.media Jump to article: therecord.media/russia-hackers-ukraine-zimbra-breach
-
Claude Vulnerabilities Allow Data Exfiltration and Malicious Redirect Attacks
Security researchers recently uncovered a critical attack chain within Anthropic’s Claude.ai platform. Dubbed >>Claudy Day,<< this vulnerability sequence allows attackers to silently extract sensitive user data through prompt manipulation and malicious redirects. The exploit requires no external integrations or specialized tools, functioning entirely within a default Claude session. Anthropic has patched the prompt injection flaw…
-
Stille Schwachstelle: Prompt Injection und die Risiken sprachbasierter Angriffe auf KI
Prompt Injection: Wer heute KI einsetzt, übernimmt Verantwortung nicht nur für die Ergebnisse, sondern auch für die Möglichkeiten, die man damit schafft. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/prompt-injection-und-die-risiken-sprachbasierter-angriffe-auf-ki/a44191/
-
Apple Patches WebKit Vulnerability CVE-2026-20643 Across iOS, macOS
Apple has released a new security update to address a critical WebKit vulnerability tracked as CVE-2026-20643. The vulnerability was identified as a cross-origin issue within the Navigation API of WebKit, the browser engine that underpins Safari and other web-based functionality across iOS, iPadOS, and macOS. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/webkit-vulnerability-fixed-in-apple-update/
-
CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)
CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/sharepoint-vulnerability-cve-2026-20963-exploited/
-
The Hidden Security Risks in Open-Source Dependencies Nobody Talks About
Open-source dependencies introduce hidden risks, from transitive vulnerabilities to supply chain attacks. Learn how to reduce exposure. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-hidden-security-risks-in-open-source-dependencies-nobody-talks-about/
-
The Hidden Security Risks in Open-Source Dependencies Nobody Talks About
Open-source dependencies introduce hidden risks, from transitive vulnerabilities to supply chain attacks. Learn how to reduce exposure. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-hidden-security-risks-in-open-source-dependencies-nobody-talks-about/
-
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/critical-microsoft-sharepoint-flaw-now-exploited-in-attacks/
-
Your MFA isn’t broken, it’s being bypassed, and your employees can’t tell the difference
Three failures that keep showing up: Through my research into adversary-in-the-middle attacks and reviewing industry incident reports, I have identified three consistent failures that make these attacks successful. 1. We trained our people for the wrong threat Most security awareness programs still teach the same things: Look for misspellings, check the sender address, hover over…
-
Your MFA isn’t broken, it’s being bypassed, and your employees can’t tell the difference
Three failures that keep showing up: Through my research into adversary-in-the-middle attacks and reviewing industry incident reports, I have identified three consistent failures that make these attacks successful. 1. We trained our people for the wrong threat Most security awareness programs still teach the same things: Look for misspellings, check the sender address, hover over…
-
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
Tags: attack, cisco, cve, exploit, firewall, flaw, group, ransomware, rce, remote-code-execution, vulnerability, zero-dayThe Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…
-
Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults
Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/samba-4-24-0-kerberos-hardening/
-
CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies and organizations using the platform must apply the necessary updates by April 1, 2026, to mitigate active exploitation risks. Exploited Zimbra Collaboration Suite Flaw Tracked as CVE-2025-66376,…
-
CVE-2026-3342: Critical OutBounds Write Vulnerability in WatchGuard Fireware OS
Key Takeaways CVSS v3.1 base score of 7.2 (High) according to NVD analysis Affects WatchGuard Fireware OS versions 11.9-11.12.4_Update1, 12.0-12.11.7, and 2025.1-2026.1.1 Authenticated privileged administrators can execute arbitrary code with root permissions via management interface NVD published March 3, 2026; vendor patch status pending official advisory publication CVE-2026-3342: What Happened? CVE-2026-3342 is an out-of-bounds write……
-
CVE-2026-3630: Critical Buffer Overflow in Delta Electronics COMMGR2 Enables Remote Code Execution
Key Takeaways CVSS v3.1 base score of 9.8 (Critical) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, according to the CNA Delta Electronics COMMGR2 contains an out-of-bounds write vulnerability (CWE-787) enabling unauthenticated remote code execution NVD lists the vulnerability as analyzed; vendor advisory Delta-PCSA-2026-00005 is available addressing multiple COMMGR2 vulnerabilities No evidence of active exploitation in the wild; specific affected……
-
CVE-2026-3630: Critical Buffer Overflow in Delta Electronics COMMGR2 Enables Remote Code Execution
Key Takeaways CVSS v3.1 base score of 9.8 (Critical) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, according to the CNA Delta Electronics COMMGR2 contains an out-of-bounds write vulnerability (CWE-787) enabling unauthenticated remote code execution NVD lists the vulnerability as analyzed; vendor advisory Delta-PCSA-2026-00005 is available addressing multiple COMMGR2 vulnerabilities No evidence of active exploitation in the wild; specific affected……
-
ScreenConnect Flaw Lets Hackers Steal Machine Keys and Hijack Sessions
ConnectWise has released a critical security update for its ScreenConnect remote desktop software to address a severe vulnerability that allows attackers to hijack user sessions. The flaw, which compromises the protection of server-level cryptographic material, prompted the company to issue a Priority 1 security bulletin, warning users of a high risk of active exploitation in…
-
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Tags: attack, cisa, cisco, cve, cybersecurity, exploit, flaw, government, infrastructure, microsoft, office, ransomware, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild.The vulnerabilities in question are as follows -CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting First seen…
-
The Ultimate Guide to MCP Security Vulnerabilities
7 min readThis guide catalogs the MCP-specific vulnerabilities you face today, explains why they are uniquely dangerous and outlines actionable defense strategies that work. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-ultimate-guide-to-mcp-security-vulnerabilities/
-
New iOS Exploit Uses Advanced iPhone Hacking Tools to Steal Personal Data
Google Threat Intelligence Group (GTIG) has uncovered a highly sophisticated iOS full-chain exploit dubbed DarkSword. Active since November 2025, this exploit leverages multiple zero-day vulnerabilities to compromise Apple devices running iOS 18.4 through 18.7 fully. DarkSword is highly unusual because it relies entirely on JavaScript throughout its exploit chain, thereby mitigating the need for a…
-
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
Tags: cisco, cyber, exploit, firewall, flaw, network, ransomware, remote-code-execution, threat, vulnerability, zero-daySecurity research has uncovered an active Interlock ransomware campaign exploiting a critical zero-day vulnerability in Cisco Secure Firewall Management Centre (FMC) software. Utilizing this unauthenticated remote code execution flaw via the Amazon MadPot network, threat actors compromised enterprise environments for over a month before public disclosure. Cisco Firewall Zero-Day The intrusion campaign centers entirely on…
-
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
Tags: cisco, cyber, exploit, firewall, flaw, network, ransomware, remote-code-execution, threat, vulnerability, zero-daySecurity research has uncovered an active Interlock ransomware campaign exploiting a critical zero-day vulnerability in Cisco Secure Firewall Management Centre (FMC) software. Utilizing this unauthenticated remote code execution flaw via the Amazon MadPot network, threat actors compromised enterprise environments for over a month before public disclosure. Cisco Firewall Zero-Day The intrusion campaign centers entirely on…
-
ConnectWise Releases ScreenConnect 26.1 Patch for Critical Vulnerability
The new vulnerability in ConnectWise’s ScreenConnect remote support and access tool marks the second time in less than a year ScreenConnect has had cybersecurity issues. First seen on crn.com Jump to article: www.crn.com/news/security/2026/connectwise-releases-screenconnect-26-1-patch-for-critical-vulnerability
-
Cisco’s latest vulnerability spree has a more troubling pattern underneath
Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start, and what’s already compromised. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-firewall-sd-wan-vulnerabilities-exploited/
-
U.S. CISA adds Microsoft SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ([1, 2]) SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first vulnerability added to the catalog, tracked…
-
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/darksword-iphone-exploit-spies-thieves
-
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-zimbra-xss-flaw-exploited-in-attacks/
-
Interlock Ransomware Exploited Cisco Firewall Flaw for Weeks
Tags: cisco, exploit, firewall, flaw, group, hacker, infrastructure, ransomware, software, usa, vulnerabilityAWS Researchers Find an Interlock Server Laden With Tools. Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe. First seen on govinfosecurity.com Jump to…
-
Ransomware gang exploits Cisco flaw in zero-day attacks since January
Tags: attack, cisco, exploit, firewall, flaw, ransomware, remote-code-execution, software, vulnerability, zero-dayThe Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco’s Secure Firewall Management Center (FMC) software in zero-day attacks since late January. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/interlock-ransomware-exploited-secure-fmc-flaw-in-zero-day-attacks-since-january/