List cybersec
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understan..
12:10 pm, March 18, 2026 Cybersecurity
ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
11:10 am, March 18, 2026 Cybersecurity
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
{ "priority": "HIGH", "cve": "CVE-2026-3888", "target": "Ubuntu Desktop", "threat_actor": "N/A", "patch_ready": true, "insight": "A high-severity security flaw in Ubuntu Desktop versions 2..
9:10 am, March 18, 2026 Cybersecurity
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
{ "priority": "HIGH", "cve": "CVE-2026-20643", "target": "Apple iOS, iPadOS, macOS", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple fixes WebKit vulnerability CVE-2026-20643..
7:10 am, March 18, 2026 Cybersecurity
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
{"priority":"CRITICAL","cve":"CVE-2026-32746","target":"GNU InetUtils telnet daemon (telnetd)","threat_actor":"N/A","patch_ready":false,"insight":"Critical Unpatched Telnetd Flaw Enables Unauthenticat..
6:10 am, March 18, 2026 Cybersecurity
Apple pushes first Background Security Improvements update to fix WebKit flaw
{ "priority": "MEDIUM", "cve": "CVE-2026-20643", "target": "Apple WebKit", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple releases Background Security Improvements update to..
1:10 am, March 18, 2026 Cybersecurity
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub, npm, VSCode, OpenVSX", "threat_actor": "GlassWorm", "patch_ready": false, "insight": "GlassWorm malware campaign targets over 400 cod..
10:10 pm, March 17, 2026 Cybersecurity
Europe sanctions Chinese and Iranian firms for cyberattacks
{ "priority": "MEDIUM", "cve": "N/A", "target": "Chinese and Iranian firms", "threat_actor": "N/A", "patch_ready": false, "insight": "The European Union Council has announced sanctions aga..
7:10 pm, March 17, 2026 Cybersecurity
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
{ "priority": "HIGH", "cve": "N/A", "target": "Amazon Bedrock", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers disclose method to exfiltrate sensitive data from AI en..
6:10 pm, March 17, 2026 Cybersecurity
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tr..
3:10 pm, March 17, 2026 Cybersecurity
Microsoft stops force-installing the Microsoft 365 Copilot app
Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices outside the European Economic Area (EEA) that have the Microsoft 365 desktop client apps. [...]
2:10 pm, March 17, 2026 Cybersecurity
New font-rendering trick hides malicious commands from AI tools
{ "priority": "HIGH", "cve": "N/A", "target": "AI tools", "threat_actor": "N/A", "patch_ready": false, "insight": "A new font-rendering attack causes AI assistants to miss malicious comman..
2:10 pm, March 17, 2026 Cybersecurity
Top 5 Things CISOs Need to Do Today to Secure AI Agents
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article highlights the importance of securing AI agents by implementing id..
2:10 pm, March 17, 2026 Cybersecurity
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and Ty..
1:10 pm, March 17, 2026 Cybersecurity
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A study finds that most security leaders are struggling to defend AI systems w..
12:10 pm, March 17, 2026 Cybersecurity
IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are using IPv4-mapped IPv6 addresses to possibly obfuscate their att..
12:10 pm, March 17, 2026 Cybersecurity
Microsoft shares fix for Windows C: drive access issues on Samsung PCs
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11 on Samsung PCs", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft provides a fix for C: drive access issues on ..
12:10 pm, March 17, 2026 Cybersecurity
LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Corporate environments", "threat_actor": "LeakNet ransomware gang", "patch_ready": false, "insight": "LeakNet ransomware gang uses ClickFix a..
12:10 pm, March 17, 2026 Cybersecurity
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop application to distribute malicious payloads to certain contacts...
11:10 am, March 17, 2026 Cybersecurity
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Outlook Classic", "threat_actor": "N/A", "patch_ready": false, "insight": "Enabling Microsoft Teams Meeting add-in causes classic..
11:10 am, March 17, 2026 Cybersecurity
New Windows 11 hotpatch fixes Bluetooth device visibility issue
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released an emergency update to fix a Bluetooth device visib..
11:10 am, March 17, 2026 Cybersecurity
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
{"priority": "HIGH", "cve": "CVE-2025-47813", "target": "Wing FTP", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA flags actively exploited Wing FTP vulnerability leaking server paths"}
6:10 am, March 17, 2026 Cybersecurity
ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "SANS Internet Storm Center podcast for March 17th, 2026." }
2:10 am, March 17, 2026 Cybersecurity
Stryker attack wiped tens of thousands of devices, no malware needed
{ "priority": "HIGH", "cve": "N/A", "target": "Stryker's Microsoft environment", "threat_actor": "N/A", "patch_ready": false, "insight": "A cyberattack on Stryker's internal Microsoft envi..
8:10 pm, March 16, 2026 Cybersecurity
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
```json { "priority": "HIGH", "cve": "N/A", "target": "Python repositories on GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "The GlassWorm malware campaign is leveraging..
8:10 pm, March 16, 2026 Cybersecurity
CISA flags Wing FTP Server flaw as actively exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Wing FTP Server", "threat_actor": "N/A", "patch_ready": false, "insight": "An actively exploited vulnerability in Wing FTP Server may be ..
6:10 pm, March 16, 2026 Cybersecurity
UK’s Companies House confirms security flaw exposed business data
{ "priority": "MEDIUM", "cve": "N/A", "target": "Companies House WebFiling service", "threat_actor": "N/A", "patch_ready": "true", "insight": "A security flaw in the UK's Companies House W..
5:10 pm, March 16, 2026 Cybersecurity
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A weekly recap of various security incidents and research findings, including ..
4:10 pm, March 16, 2026 Cybersecurity
Microsoft Exchange Online outage blocks access to mailboxes
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Exchange Online", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft Exchange Online is experiencing an outage, blo..
4:10 pm, March 16, 2026 Cybersecurity
Microsoft pulls Samsung app blocking Windows C: drive from Store
{ "priority": "LOW", "cve": "N/A", "target": "Samsung Galaxy Connect app", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft removed the Samsung Galaxy Connect app from th..
2:10 pm, March 16, 2026 Cybersecurity
/proxy/ URL scans with IP addresses, (Mon, Mar 16th)
{"priority": "INFO", "cve": "N/A", "target": "Proxy Servers", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are scanning for proxy servers using /proxy/ URL prefixes and IP addres..
2:10 pm, March 16, 2026 Cybersecurity
Shadow AI is everywhere. Here’s how to find and secure it.
{ "priority": "INFO", "cve": "N/A", "target": "SaaS environments", "threat_actor": "N/A", "patch_ready": false, "insight": "Shadow AI is spreading across SaaS environments as employees ado..
2:10 pm, March 16, 2026 Cybersecurity
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
{ "priority": "HIGH", "cve": "N/A", "target": "macOS", "threat_actor": "N/A", "patch_ready": false, "insight": "MacSync macOS infostealer is being spread through fake AI tool installers in..
1:10 pm, March 16, 2026 Cybersecurity
Why Security Validation Is Becoming Agentic
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Security validation is evolving to become a more integrated and automated proc..
1:10 pm, March 16, 2026 Cybersecurity
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
{ "priority": "HIGH", "cve": "N/A", "target": "Ukrainian entities, Microsoft Edge", "threat_actor": "Laundry Bear (aka UAC-0190 or Void Blizzard)", "patch_ready": false, "insight": "A new ..
10:10 am, March 16, 2026 Cybersecurity
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
{ "priority": "MEDIUM", "cve": "N/A", "target": "Android 17", "threat_actor": "N/A", "patch_ready": true, "insight": "Android 17 Beta 2 introduces a security feature to prevent non-accessi..
6:10 am, March 16, 2026 Cybersecurity
ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The SANS Internet Storm Center has released a podcast for Monday, March 16th, ..
2:10 am, March 16, 2026 Cybersecurity
OpenAI says ChatGPT ads are not rolling out globally for now
{ "priority": "INFO", "cve": "N/A", "target": "ChatGPT", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI has clarified that ChatGPT ads on Free and Go plans are not yet rol..
12:10 am, March 16, 2026 Cybersecurity
Betterleaks, a new open-source secrets scanner to replace Gitleaks
{ "priority": "INFO", "cve": "N/A", "target": "Gitleaks", "threat_actor": "N/A", "patch_ready": "false", "insight": "Betterleaks is a new open-source secrets scanner designed to replace Gi..
3:10 pm, March 15, 2026 Cybersecurity
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows 11 Enterprise", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft has released an out-of-band update to fix a Rem..
10:10 pm, March 14, 2026 Cybersecurity
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
{ "priority": "MEDIUM", "cve": "N/A", "target": "OpenClaw AI Agent", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenClaw AI Agent's weak default security configurations could..
6:10 pm, March 14, 2026 Cybersecurity
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
{ "priority": "HIGH", "cve": "N/A", "target": "AppsFlyer Web SDK", "threat_actor": "N/A", "patch_ready": false, "insight": "The AppsFlyer Web SDK was temporarily hijacked to spread crypto-..
3:10 pm, March 14, 2026 Cybersecurity
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
{"priority": "HIGH", "cve": "N/A", "target": "Open VSX registry", "threat_actor": "GlassWorm", "patch_ready": false, "insight": "GlassWorm campaign abuses 72 Open VSX extensions using extensionPack an..
2:10 pm, March 14, 2026 Cybersecurity
SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)
{ "priority": "HIGH", "cve": "N/A", "target": "ClickFix page", "threat_actor": "SmartApeSG", "patch_ready": false, "insight": "The SmartApeSG campaign is utilizing a ClickFix page to distr..
2:10 am, March 14, 2026 Cybersecurity
Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
{"priority": "MEDIUM", "cve": "N/A", "target": "Windows 11 on Samsung laptops", "threat_actor": "N/A", "patch_ready": false, "insight": "A post-February 2026 security update issue on some Samsung lapt..
11:10 pm, March 13, 2026 Cybersecurity
FBI seeks victims of Steam games used to spread malware
{"priority": "HIGH", "cve": "N/A", "target": "Steam", "threat_actor": "N/A", "patch_ready": false, "insight": "The FBI is investigating malware spread through malicious Steam games and seeking informa..
9:10 pm, March 13, 2026 Cybersecurity
Fake enterprise VPN sites used to steal company credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Ivanti, Cisco, and Fortinet VPN clients", "threat_actor": "Storm-2561", "patch_ready": false, "insight": "Storm-2561 is distributing fake ent..
6:10 pm, March 13, 2026 Cybersecurity
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
{ "priority": "INFO", "cve": "N/A", "target": "Instagram End-to-End Encrypted Chat", "threat_actor": "N/A", "patch_ready": false, "insight": "Meta will discontinue support for end-to-end e..
6:10 pm, March 13, 2026 Cybersecurity
Poland's nuclear research centre targeted by cyberattack
{ "priority": "INFO", "cve": "N/A", "target": "Poland's National Centre for Nuclear Research (NCBJ)", "threat_actor": "N/A", "patch_ready": false, "insight": "Poland's National Centre for ..
6:10 pm, March 13, 2026 Cybersecurity
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
{ "priority": "HIGH", "cve": "N/A", "target": "Southeast Asian military organizations", "threat_actor": "CL-STA-1087 (suspected China-based)", "patch_ready": false, "insight": "A suspected..
6:10 pm, March 13, 2026 Cybersecurity
AI Testing
