ICYMI: 2026-03-18
Latest Headlines
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
Claude Code Security and Magecart: Getting the Threat Model Right
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild
The Collapse of Predictive Security in the Age of Machine-Speed Attacks
Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
Cloud Security Startup Native Exits Stealth With $42 Million in Funding
‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
Virtual Summit Today: Supply Chain & Third-Party Risk Summit
EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches
Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
Apple Debuts Background Security Improvements With Fresh WebKit Patches
Cisco Firewall 0-day Vulnerability Exploited in the Wild to Deploy Interlock Ransomware
New iOS Exploit With Advanced iPhone Hacking Tools Attacking Users to Steal Personal Data
The High Cost of Slow Triage: How to Make Tier 1 the Fastest Layer in Your SOC
OpenAI Launches GPT-5.4 Mini and Nano to Provide Answers 2X Faster
UIDAI Launches Bug Bounty Programme to Strengthen Aadhaar Security
Apple WebKit Vulnerability Enables Malicious Web Content Bypass on iOS and macOS
New Malware Campaigns Turn Network Devices Into DDoS Nodes and Crypto-Mining Bots
FancyBear Server Exposure Reveals Stolen Credentials, 2FA Secrets and NATO-Linked Targets
ScreenConnect Vulnerability Allows Hackers to Extract Unique Machine Keys and Hijack Sessions
LeakNet Scales Ransomware Operations With ClickFix Lures and Stealthy Deno Loader
Aura confirms data breach exposing 900,000 marketing contacts
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
ConnectWise patches new flaw allowing ScreenConnect hijacking
Ransomware gang exploits Cisco flaw in zero-day attacks since January
Marquis: Ransomware gang stole data of 672K people in cyberattack
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
New “Darksword” iOS exploit used in infostealer attack on iPhones
Nordstrom’s email system abused to send crypto scams to customers
Apple pushes first Background Security Improvements update to fix WebKit flaw
– MTZ