List cybersec
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
{"priority":"HIGH","cve":"N/A","target":"IoT devices","threat_actor":"AISURU, Kimwolf, JackSkid, Mossad","patch_ready":false,"insight":"DoJ disrupts IoT botnets behind record 31.4 Tbps global DDoS att..
7:10 am, March 20, 2026 Cybersecurity
Ex-data analyst stole company data in $2.5M extortion scheme
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A former data analyst contractor was found guilty of extorting $2.5M from a D.C..
7:10 am, March 20, 2026 Cybersecurity
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
{ "priority": "HIGH", "cve": "N/A", "target": "EDR software", "threat_actor": "N/A", "patch_ready": false, "insight": "54 EDR killers use BYOVD to exploit 35 signed vulnerable drivers and ..
6:10 am, March 20, 2026 Cybersecurity
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Older iPhones", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple warns older iPhones vulnerable to Coruna and DarkSword exploit ..
6:10 am, March 20, 2026 Cybersecurity
ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, March 20, 2026 Cybersecurity
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "IoT devices (routers, web cameras)", "threat_actor": "Aisuru, Kimwolf, JackSkid, Mossad", "patch_ready": false, "insight": "Feds disrupt IoT ..
1:10 am, March 20, 2026 Cybersecurity
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
{ "priority": "HIGH", "cve": "N/A", "target": "Cobra DocGuard", "threat_actor": "N/A", "patch_ready": false, "insight": "Speagle malware hijacks Cobra DocGuard to steal data via compromise..
9:10 pm, March 19, 2026 Cybersecurity
Navia discloses data breach impacting 2.7 million people
{ "priority": "HIGH", "cve": "N/A", "target": "Navia Benefit Solutions, Inc.", "threat_actor": "N/A", "patch_ready": false, "insight": "Navia Benefit Solutions discloses a data breach expo..
9:10 pm, March 19, 2026 Cybersecurity
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
{ "priority": "HIGH", "cve": "N/A", "target": "EDR systems", "threat_actor": "N/A", "patch_ready": false, "insight": "54 EDR killers use BYOVD to exploit 34 signed vulnerable drivers, disa..
8:10 pm, March 19, 2026 Cybersecurity
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
{ "priority": "CRITICAL", "cve": "N/A", "target": "Magento Open Source and Adobe Commerce", "threat_actor": "N/A", "patch_ready": true, "insight": "Unauthenticated Remote Code Execution (R..
8:10 pm, March 19, 2026 Cybersecurity
FBI seizes Handala data leak site after Stryker cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Stryker", "threat_actor": "Handala", "patch_ready": false, "insight": "FBI seized Handala's data leak sites after a destructive cyberattack o..
5:10 pm, March 19, 2026 Cybersecurity
Bitrefill blames North Korean Lazarus group for cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Bitrefill", "threat_actor": "Lazarus group (Bluenoroff subgroup)", "patch_ready": false, "insight": "Bitrefill attributes a recent cyberattac..
5:10 pm, March 19, 2026 Cybersecurity
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin discusses various threats including FortiGate RaaS, Citrix exploits..
3:10 pm, March 19, 2026 Cybersecurity
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
Hackers part of APT28, a state-backed threat group linked to Russia's military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukraini..
3:10 pm, March 19, 2026 Cybersecurity
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
{ "priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "Perseus", "patch_ready": false, "insight": "New Perseus Android Banking Malware monitors notes apps to extract sen..
2:10 pm, March 19, 2026 Cybersecurity
7 Ways to Prevent Privilege Escalation via Password Resets
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses methods to prevent privilege escalation through password..
2:10 pm, March 19, 2026 Cybersecurity
Max severity Ubiquiti UniFi flaw may allow account takeover
{ "priority": "CRITICAL", "cve": "N/A", "target": "Ubiquiti UniFi", "threat_actor": "N/A", "patch_ready": true, "insight": "Max severity Ubiquiti UniFi flaw may allow account takeover" }
1:10 pm, March 19, 2026 Cybersecurity
New ‘Perseus’ Android malware checks user notes for secrets
{ "priority": "MEDIUM", "cve": "N/A", "target": "Android", "threat_actor": "Perseus", "patch_ready": false, "insight": "New Android malware called Perseus checks user notes for sensitive i..
11:10 am, March 19, 2026 Cybersecurity
How Ceros Gives Security Teams Visibility and Control in Claude Code
{ "priority": "INFO", "cve": "N/A", "target": "Claude Code", "threat_actor": "N/A", "patch_ready": false, "insight": "Security teams face challenges in controlling AI coding agents like Cl..
11:10 am, March 19, 2026 Cybersecurity
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker's systems. [...]..
11:10 am, March 19, 2026 Cybersecurity
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
{ "priority": "CRITICAL", "cve": "N/A", "target": "Apple iOS", "threat_actor": "Multiple threat actors", "patch_ready": false, "insight": "DarkSword iOS exploit kit uses 6 flaws, 3 zero-da..
10:10 am, March 19, 2026 Cybersecurity
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]
10:10 am, March 19, 2026 Cybersecurity
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft ..
7:10 am, March 19, 2026 Cybersecurity
ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, March 19, 2026 Cybersecurity
Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A student found an interesting message in Cowrie logs, which included an echo ..
1:10 am, March 19, 2026 Cybersecurity
Aura confirms data breach exposing 900,000 marketing contacts
{ "priority": "HIGH", "cve": "N/A", "target": "Aura", "threat_actor": "N/A", "patch_ready": false, "insight": "Aura experienced a data breach exposing 900,000 marketing contacts with names..
11:10 pm, March 18, 2026 Cybersecurity
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Zimbra Collaboration Suite (ZCS)", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA orders U.S. government agencies to patch ..
8:10 pm, March 18, 2026 Cybersecurity
ConnectWise patches new flaw allowing ScreenConnect hijacking
{ "priority": "HIGH", "cve": "N/A", "target": "ConnectWise ScreenConnect", "threat_actor": "N/A", "patch_ready": true, "insight": "ConnectWise patches new flaw allowing ScreenConnect hijac..
7:10 pm, March 18, 2026 Cybersecurity
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "DPRK IT workers", "patch_ready": false, "insight": "OFAC sanctions DPRK IT worker network for funding WMD programs thr..
6:10 pm, March 18, 2026 Cybersecurity
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
{ "priority": "CRITICAL", "cve": "CVE-2026-20131", "target": "Cisco Secure Firewall Management Center (FMC) Software", "threat_actor": "Interlock", "patch_ready": false, "insight": "Interl..
5:10 pm, March 18, 2026 Cybersecurity
Ransomware gang exploits Cisco flaw in zero-day attacks since January
{ "priority": "CRITICAL", "cve": "N/A", "target": "Cisco Secure Firewall Management Center (FMC) software", "threat_actor": "Interlock ransomware gang", "patch_ready": false, "insight": "I..
5:10 pm, March 18, 2026 Cybersecurity
Marquis: Ransomware gang stole data of 672K people in cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Marquis", "threat_actor": "Ransomware gang", "patch_ready": false, "insight": "Ransomware gang stole data of 672K people in cyberattack on Ma..
4:10 pm, March 18, 2026 Cybersecurity
Scans for "adminer", (Wed, Mar 18th)
{ "priority": "INFO", "cve": "N/A", "target": "Adminer", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are scanning for Adminer, a popular alternative to phpMyAdmin, w..
2:10 pm, March 18, 2026 Cybersecurity
Nordstrom's email system abused to send crypto scams to customers
{ "priority": "HIGH", "cve": "N/A", "target": "Nordstrom", "threat_actor": "N/A", "patch_ready": false, "insight": "Nordstrom's email system was abused to send cryptocurrency scams to cust..
2:10 pm, March 18, 2026 Cybersecurity
New “Darksword” iOS exploit used in infostealer attack on iPhones
A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app. [...]
2:10 pm, March 18, 2026 Cybersecurity
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Refund fraud has become a business with methods and tutorials sold to exploit ..
2:10 pm, March 18, 2026 Cybersecurity
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
{ "priority": "CRITICAL", "cve": "N/A", "target": "IP KVM devices from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM", "threat_actor": "Eclypsium", "patch_ready": fals..
1:10 pm, March 18, 2026 Cybersecurity
Claude Code Security and Magecart: Getting the Threat Model Right
{"priority": "MEDIUM", "cve": "N/A", "target": "Claude Code Security", "threat_actor": "Magecart", "patch_ready": false, "insight": "Magecart payload hidden in EXIF data of favicon evades repository s..
1:10 pm, March 18, 2026 Cybersecurity
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
{"priority":"CRITICAL","cve":"CVE-2026-32746","target":"GNU InetUtils telnet daemon","threat_actor":"N/A","patch_ready":false,"insight":"Unauthenticated remote attacker can execute arbitrary code with..
1:10 pm, March 18, 2026 Cybersecurity
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understan..
12:10 pm, March 18, 2026 Cybersecurity
ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
11:10 am, March 18, 2026 Cybersecurity
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
{ "priority": "HIGH", "cve": "CVE-2026-3888", "target": "Ubuntu Desktop", "threat_actor": "N/A", "patch_ready": true, "insight": "A high-severity security flaw in Ubuntu Desktop versions 2..
9:10 am, March 18, 2026 Cybersecurity
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
{ "priority": "HIGH", "cve": "CVE-2026-20643", "target": "Apple iOS, iPadOS, macOS", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple fixes WebKit vulnerability CVE-2026-20643..
7:10 am, March 18, 2026 Cybersecurity
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
{"priority":"CRITICAL","cve":"CVE-2026-32746","target":"GNU InetUtils telnet daemon (telnetd)","threat_actor":"N/A","patch_ready":false,"insight":"Critical Unpatched Telnetd Flaw Enables Unauthenticat..
6:10 am, March 18, 2026 Cybersecurity
Apple pushes first Background Security Improvements update to fix WebKit flaw
{ "priority": "MEDIUM", "cve": "CVE-2026-20643", "target": "Apple WebKit", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple releases Background Security Improvements update to..
1:10 am, March 18, 2026 Cybersecurity
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub, npm, VSCode, OpenVSX", "threat_actor": "GlassWorm", "patch_ready": false, "insight": "GlassWorm malware campaign targets over 400 cod..
10:10 pm, March 17, 2026 Cybersecurity
Europe sanctions Chinese and Iranian firms for cyberattacks
{ "priority": "MEDIUM", "cve": "N/A", "target": "Chinese and Iranian firms", "threat_actor": "N/A", "patch_ready": false, "insight": "The European Union Council has announced sanctions aga..
7:10 pm, March 17, 2026 Cybersecurity
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
{ "priority": "HIGH", "cve": "N/A", "target": "Amazon Bedrock", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers disclose method to exfiltrate sensitive data from AI en..
6:10 pm, March 17, 2026 Cybersecurity
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tr..
3:10 pm, March 17, 2026 Cybersecurity
Microsoft stops force-installing the Microsoft 365 Copilot app
Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices outside the European Economic Area (EEA) that have the Microsoft 365 desktop client apps. [...]
2:10 pm, March 17, 2026 Cybersecurity
