News
-
Perseus Android banking malware enables device takeover and note theft
Perseus is a new Android banking trojan delivered through sideloaded IPTV apps that enables Accessibility based device takeover overlay attacks and extraction of notes and credentials, primarily targeting Turkey and Italy.
-
DarkSword iOS exploit kit used since November 2025 to steal data from iPhones running iOS 18.4 to 18.7
DarkSword is a full chain iOS exploit kit used since November 2025 to exfiltrate emails, messages and crypto wallet data from iPhones running iOS 18.4 through 18.7 according to a technical analysis.
-
CISA urges agencies to patch actively exploited Zimbra and SharePoint flaws
CISA issued an advisory on March 18, 2026 urging agencies to patch two actively exploited vulnerabilities in Synacor Zimbra and Microsoft SharePoint. Deadlines and technical details are provided for federal agencies.
-
Aura confirms breach exposed nearly 900,000 marketing contacts
Aura confirmed a breach that exposed nearly 900,000 marketing contacts, including names and emails. The company says 35,000 were customers and that SSNs and financial data were not compromised.
-
Interlock ransomware exploited Cisco FMC zero-day CVE-2026-20131
Amazon Threat Intelligence links Interlock ransomware to exploitation of Cisco Secure FMC CVE-2026-20131. The flaw allowed unauthenticated root code execution and was used as a zero-day from January 26, 2026. Apply patches and assess systems.
-
Nine vulnerabilities in low-cost IP KVM devices can enable root access and arbitrary code execution
Nine vulnerabilities in low-cost IP KVM devices can allow unauthenticated attackers root access or arbitrary code execution. A technical analysis by Eclypsium highlights a CVSS 9.8 flaw and notes partial firmware fixes are available.
-
CVE-2026-3888 in Ubuntu Desktop allows local users to escalate to root
A high severity flaw in default Ubuntu Desktop installs of 24.04 and later allows a local unprivileged user to escalate to root. The issue is CVE-2026-3888 and patches for snapd are available for affected releases.
-
Critical pre-auth buffer overflow found in GNU InetUtils telnetd tracked as CVE-2026-32746
A pre-authentication buffer overflow in GNU InetUtils telnetd, tracked as CVE-2026-32746 and rated CVSS 9.8, can allow unauthenticated remote code execution as root. A fix is expected by April 1, 2026.
-
Big Tech provides $12.5m to help open source maintainers handle AI-generated bug reports
Six major tech firms have provided $12.5 million in grants to a foundation project and OpenSSF to help open source maintainers triage and remediate AI-generated bug and security reports. Details and timing remain unclear.
-
EU sanctions three firms and two individuals over cyberattacks
The EU Council sanctioned three firms and two individuals for cyberattacks on critical infrastructure and devices. One Chinese firm enabled hacking of over 65,000 devices across six EU states and an Iranian firm ran influence operations.
