Tag: vulnerability
-
CISA orders feds to patch max-severity Cisco flaw by Sunday
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday/
-
Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/cisco-fmc-interlock-ransomware-cve-2026-20131/
-
Interlock Ransomware Targets Cisco Enterprise Firewalls
The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/interlock-ransomware-targets-cisco-enterprise-firewalls
-
Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable attackers to execute malicious code remotely. The Stable channel update introduces versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS systems, while Linux environments will receive version 146.0.7680.153. This substantial patch cycle is actively rolling out…
-
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover.The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that…
-
Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge
Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones running outdated iOS versions are at risk from exploit kits like Coruna and DarkSword. These attacks use malicious web content to trigger infection chains that can steal sensitive data. Users are…
-
Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
A severe security vulnerability has been uncovered in UNISOC modem firmware, allowing attackers to execute arbitrary code remotely over cellular networks. UNISOC is a major semiconductor manufacturer providing chipsets for prominent mobile brands such as Motorola, Samsung, Vivo, and Realme. This unpatched flaw leaves millions of devices potentially vulnerable to remote compromise. Vulnerability Overview The…
-
Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/connectwise-screenconnect-cve-2026-3564/
-
Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/connectwise-screenconnect-cve-2026-3564/
-
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
Tags: attack, cisa, cisco, cloud, control, cve, cyber, cybercrime, cybersecurity, exploit, firewall, flaw, infrastructure, ransomware, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a critical zero-day vulnerability affecting heavily relied-upon Cisco security products. Tracked officially as CVE-2026-20131, this severe flaw is actively being exploited by cybercriminals in targeted ransomware campaigns. Organizations relying on Cisco Secure Firewall Management Center and Cisco Security Cloud Control must take immediate…
-
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
Tags: attack, cisa, cisco, cloud, control, cve, cyber, cybercrime, cybersecurity, exploit, firewall, flaw, infrastructure, ransomware, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a critical zero-day vulnerability affecting heavily relied-upon Cisco security products. Tracked officially as CVE-2026-20131, this severe flaw is actively being exploited by cybercriminals in targeted ransomware campaigns. Organizations relying on Cisco Secure Firewall Management Center and Cisco Security Cloud Control must take immediate…
-
Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
Atlassian has officially resolved a high-severity Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre application. Officially tracked as CVE-2026-21570, this critical security flaw introduces severe risks to enterprise continuous integration and continuous deployment environments. Because Bamboo serves as a central hub for automated software builds, testing, and release management, a compromise here could…
-
Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
Atlassian has officially resolved a high-severity Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre application. Officially tracked as CVE-2026-21570, this critical security flaw introduces severe risks to enterprise continuous integration and continuous deployment environments. Because Bamboo serves as a central hub for automated software builds, testing, and release management, a compromise here could…
-
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
Tags: advisory, automation, credentials, cyber, exploit, flaw, network, rce, remote-code-execution, risk, vulnerabilityThe Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration and continuous deployment (CI/CD) environments to severe risks, including arbitrary file creation, credential exposure, and remote code execution (RCE). Because Jenkins controllers often hold elevated privileges across enterprise networks, administrators…
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 35 vulnerable drivers.EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security…
-
That cheap KVM device could expose your network to remote compromise
Stealthy backdoors: A compromised KVM device can become a powerful backdoor in any environment. An attacker can inject keystrokes to execute commands or access UEFI settings to disable security features such as disk encryption and Secure Boot.Because the device operates outside the controlled system’s OS, endpoint detection tools and host firewalls cannot see it. These…
-
FDA Issues Recall for Some GE Imaging Products Due to Cyber
Vulnerability Affects Certain Centricity Medical Imaging Products. The U.S. Food and Drug Administration has issued a recall notice for certain GE Healthcare Centricity medical imaging products due to a potential cybersecurity vulnerability that could allow a hacker to manipulate data or impact availability of the affected products. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fda-issues-recall-for-some-ge-imaging-products-due-to-cyber-a-31090
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking
Ubiquiti fixed two UniFi vulnerabilities, including a critical flaw that could let attackers take over user accounts. Ubiquiti patched two vulnerabilities in its UniFi Network app, including a maximum-severity flaw that could enable account takeover. The software is widely used to manage UniFi networking devices like access points, switches, and gateways. The Ubiquiti UniFi Network…
-
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
A newly disclosed vulnerability dubbed ‘PolyShell’ affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-polyshell-flaw-allows-unauthenticated-rce-on-magento-e-stores/
-
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 34 vulnerable drivers.EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security…
-
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
Tags: attack, cisco, cve, defense, exploit, firewall, government, group, healthcare, infrastructure, malicious, malware, ransom, ransomware, service, software, tool, update, vulnerability, zero-dayCSO that the “week’s head start” he referred to was the gap between the date of the first exploit that Amazon’s later analysis had unearthed and Cisco’s discovery of the bug.Amazon gained insight into the attacker’s infrastructure by using the honeypot to mimic a vulnerable firewall system. This resulted in an attack on the honeypot,…
-
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
Tags: cisa, cisco, cloud, control, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…
-
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
Tags: cisa, cisco, cloud, control, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…
-
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
Tags: cisa, cisco, cloud, control, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…
-
Jeremy Snyder talks AI Governance on Security Weekly FireTail Blog
Tags: ai, api, attack, data, GDPR, governance, monitoring, privacy, saas, threat, tool, vulnerabilityMar 19, 2026 – Lina Romero – The speed of AI adoption is unlike any tech shift we’ve seen before. While the transition to SaaS and BYOD took years, AI has integrated into the enterprise in months, often moving faster than security teams can track.”Jeremy joined the Security Weekly team to talk about AI governance…

