List cybersec
Aura confirms data breach exposing 900,000 marketing contacts
{ "priority": "HIGH", "cve": "N/A", "target": "Aura", "threat_actor": "N/A", "patch_ready": false, "insight": "Aura experienced a data breach exposing 900,000 marketing contacts with names..
11:10 pm, March 18, 2026 Cybersecurity
Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A student found an interesting message in Cowrie logs, which included an echo ..
1:10 am, March 19, 2026 Cybersecurity
ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, March 19, 2026 Cybersecurity
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft ..
7:10 am, March 19, 2026 Cybersecurity
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]
10:10 am, March 19, 2026 Cybersecurity
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
{ "priority": "CRITICAL", "cve": "N/A", "target": "Apple iOS", "threat_actor": "Multiple threat actors", "patch_ready": false, "insight": "DarkSword iOS exploit kit uses 6 flaws, 3 zero-da..
10:10 am, March 19, 2026 Cybersecurity
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker's systems. [...]..
11:10 am, March 19, 2026 Cybersecurity
How Ceros Gives Security Teams Visibility and Control in Claude Code
{ "priority": "INFO", "cve": "N/A", "target": "Claude Code", "threat_actor": "N/A", "patch_ready": false, "insight": "Security teams face challenges in controlling AI coding agents like Cl..
11:10 am, March 19, 2026 Cybersecurity
New ‘Perseus’ Android malware checks user notes for secrets
{ "priority": "MEDIUM", "cve": "N/A", "target": "Android", "threat_actor": "Perseus", "patch_ready": false, "insight": "New Android malware called Perseus checks user notes for sensitive i..
11:10 am, March 19, 2026 Cybersecurity
Max severity Ubiquiti UniFi flaw may allow account takeover
{ "priority": "CRITICAL", "cve": "N/A", "target": "Ubiquiti UniFi", "threat_actor": "N/A", "patch_ready": true, "insight": "Max severity Ubiquiti UniFi flaw may allow account takeover" }
1:10 pm, March 19, 2026 Cybersecurity
7 Ways to Prevent Privilege Escalation via Password Resets
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses methods to prevent privilege escalation through password..
2:10 pm, March 19, 2026 Cybersecurity
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
{ "priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "Perseus", "patch_ready": false, "insight": "New Perseus Android Banking Malware monitors notes apps to extract sen..
2:10 pm, March 19, 2026 Cybersecurity
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
Hackers part of APT28, a state-backed threat group linked to Russia's military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukraini..
3:10 pm, March 19, 2026 Cybersecurity
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin discusses various threats including FortiGate RaaS, Citrix exploits..
3:10 pm, March 19, 2026 Cybersecurity
Bitrefill blames North Korean Lazarus group for cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Bitrefill", "threat_actor": "Lazarus group (Bluenoroff subgroup)", "patch_ready": false, "insight": "Bitrefill attributes a recent cyberattac..
5:10 pm, March 19, 2026 Cybersecurity
FBI seizes Handala data leak site after Stryker cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Stryker", "threat_actor": "Handala", "patch_ready": false, "insight": "FBI seized Handala's data leak sites after a destructive cyberattack o..
5:10 pm, March 19, 2026 Cybersecurity
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
{ "priority": "CRITICAL", "cve": "N/A", "target": "Magento Open Source and Adobe Commerce", "threat_actor": "N/A", "patch_ready": true, "insight": "Unauthenticated Remote Code Execution (R..
8:10 pm, March 19, 2026 Cybersecurity
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
{ "priority": "HIGH", "cve": "N/A", "target": "EDR systems", "threat_actor": "N/A", "patch_ready": false, "insight": "54 EDR killers use BYOVD to exploit 34 signed vulnerable drivers, disa..
8:10 pm, March 19, 2026 Cybersecurity
Navia discloses data breach impacting 2.7 million people
{ "priority": "HIGH", "cve": "N/A", "target": "Navia Benefit Solutions, Inc.", "threat_actor": "N/A", "patch_ready": false, "insight": "Navia Benefit Solutions discloses a data breach expo..
9:10 pm, March 19, 2026 Cybersecurity
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
{ "priority": "HIGH", "cve": "N/A", "target": "Cobra DocGuard", "threat_actor": "N/A", "patch_ready": false, "insight": "Speagle malware hijacks Cobra DocGuard to steal data via compromise..
9:10 pm, March 19, 2026 Cybersecurity
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "IoT devices (routers, web cameras)", "threat_actor": "Aisuru, Kimwolf, JackSkid, Mossad", "patch_ready": false, "insight": "Feds disrupt IoT ..
1:10 am, March 20, 2026 Cybersecurity
ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, March 20, 2026 Cybersecurity
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Older iPhones", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple warns older iPhones vulnerable to Coruna and DarkSword exploit ..
6:10 am, March 20, 2026 Cybersecurity
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
{ "priority": "HIGH", "cve": "N/A", "target": "EDR software", "threat_actor": "N/A", "patch_ready": false, "insight": "54 EDR killers use BYOVD to exploit 35 signed vulnerable drivers and ..
6:10 am, March 20, 2026 Cybersecurity
Ex-data analyst stole company data in $2.5M extortion scheme
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A former data analyst contractor was found guilty of extorting $2.5M from a D.C..
7:10 am, March 20, 2026 Cybersecurity
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
{"priority":"HIGH","cve":"N/A","target":"IoT devices","threat_actor":"AISURU, Kimwolf, JackSkid, Mossad","patch_ready":false,"insight":"DoJ disrupts IoT botnets behind record 31.4 Tbps global DDoS att..
7:10 am, March 20, 2026 Cybersecurity
International joint action disrupts world’s largest DDoS botnets
{ "priority": "HIGH", "cve": "N/A", "target": "IoT devices", "threat_actor": "Aisuru, KimWolf, JackSkid, Mossad", "patch_ready": false, "insight": "Authorities disrupt C2 infrastructure of..
8:10 am, March 20, 2026 Cybersecurity
Microsoft: March Windows updates break Teams, OneDrive sign-ins
{"priority": "HIGH", "cve": "N/A", "target": "Microsoft Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft's March Windows 11 update causes sign-in issues with Microsoft a..
8:10 am, March 20, 2026 Cybersecurity
GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
{ "priority": "HIGH", "cve": "N/A", "target": "GSocket", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious Bash script installs GSocket backdoor" }
9:10 am, March 20, 2026 Cybersecurity
Musician admits to $10M streaming royalty fraud using AI bots
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "Michael Smith", "patch_ready": false, "insight": "Musician pleads guilty to $10M streaming royalty fraud using AI bots..
10:10 am, March 20, 2026 Cybersecurity
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "AI-powered cyber attacks use behavioral analytics to evade traditional detecti..
11:10 am, March 20, 2026 Cybersecurity
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
{ "priority": "MEDIUM", "cve": "N/A", "target": "Android", "threat_actor": "N/A", "patch_ready": false, "insight": "Google introduces 24-hour wait for unverified app sideloading to mitigat..
12:10 pm, March 20, 2026 Cybersecurity
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
{"priority":"CRITICAL","cve":"N/A","target":"Magento","threat_actor":"N/A","patch_ready":false,"insight":"A critical security flaw in Magento's REST API allows unauthenticated attackers to upload arbi..
1:10 pm, March 20, 2026 Cybersecurity
How CISOs Can Survive the Era of Geopolitical Cyberattacks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "CISOs must limit lateral movement and contain breaches to reduce the impact of..
2:10 pm, March 20, 2026 Cybersecurity
CISA orders feds to patch max-severity Cisco flaw by Sunday
{"priority": "CRITICAL", "cve": "CVE-2026-20131", "target": "Cisco Secure Firewall Management Center (FMC)", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA orders federal agencies to pat..
3:10 pm, March 20, 2026 Cybersecurity
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
{ "priority": "CRITICAL", "cve": "CVE-2026-33017", "target": "Langflow", "threat_actor": "N/A", "patch_ready": false, "insight": "Critical Langflow flaw CVE-2026-33017 is under active expl..
5:10 pm, March 20, 2026 Cybersecurity
Police take down 373,000 fake CSAM sites in Operation Alice
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "International law enforcement operation shut down over 373,000 dark web sites ..
6:10 pm, March 20, 2026 Cybersecurity
Oracle pushes emergency fix for critical Identity Manager RCE flaw
{ "priority": "CRITICAL", "cve": "CVE-2026-21992", "target": "Oracle Identity Manager", "threat_actor": "N/A", "patch_ready": true, "insight": "Oracle releases emergency fix for critical I..
7:10 pm, March 20, 2026 Cybersecurity
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
{ "priority": "CRITICAL", "cve": "N/A", "target": "Trivy Security Scanner GitHub Actions", "threat_actor": "N/A", "patch_ready": false, "insight": "Trivy Security Scanner GitHub Actions br..
7:10 pm, March 20, 2026 Cybersecurity
FBI links Signal phishing attacks to Russian intelligence services
{"priority":"HIGH","cve":"N/A","target":"Signal, WhatsApp","threat_actor":"Russian intelligence services","patch_ready":false,"insight":"Russian intelligence services are actively targeting Signal and..
9:10 pm, March 20, 2026 Cybersecurity
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
{"priority":"HIGH","cve":"N/A","target":"npm packages","threat_actor":"Trivy","patch_ready":false,"insight":"Trivy supply chain attack leads to self-spreading CanisterWorm across 47 npm packages"}
8:10 am, March 21, 2026 Cybersecurity
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
{ "priority": "CRITICAL", "cve": "CVE-2025-31277", "target": "Apple", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA flags CVE-2025-31277 in Apple products for patching by Ap..
9:10 am, March 21, 2026 Cybersecurity
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
{ "priority": "CRITICAL", "cve": "CVE-2026-21992", "target": "Oracle Identity Manager", "threat_actor": "N/A", "patch_ready": true, "insight": "Oracle patches critical CVE-2026-21992 enabl..
11:10 am, March 21, 2026 Cybersecurity
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
{"priority": "HIGH", "cve": "N/A", "target": "WhatsApp, Signal", "threat_actor": "Russian Intelligence Services", "patch_ready": false, "insight": "Russian hackers target Signal and WhatsApp in mass p..
2:10 pm, March 21, 2026 Cybersecurity
Google adds ‘Advanced Flow’ for safe APK sideloading on Android
{ "priority": "INFO", "cve": "N/A", "target": "Android", "threat_actor": "N/A", "patch_ready": false, "insight": "Google introduces 'Advanced Flow' for secure APK sideloading from unverifi..
3:10 pm, March 21, 2026 Cybersecurity
Microsoft Azure Monitor alerts abused in callback phishing campaigns
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Azure Monitor", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft Azure Monitor alerts are being abused to send ca..
3:10 pm, March 21, 2026 Cybersecurity
Microsoft Azure Monitor alerts abused for callback phishing attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Azure Monitor", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft Azure Monitor alerts are being abused to send ca..
5:10 pm, March 21, 2026 Cybersecurity
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions. ..
6:10 pm, March 21, 2026 Cybersecurity
VoidStealer malware steals Chrome master key via debugger trick
An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. [.....
3:10 pm, March 22, 2026 Cybersecurity
ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, March 23, 2026 Cybersecurity
AI Testing
