Dark Reading
North Korean APTs Use AI to Enhance IT Worker Scams
DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.
Senaste 1h
Senaste 6h
Senaste 24h
Senaste 7d
Senaste 30d
Endast lokalt
Analys/ledare
Endast följda källor
Snabbfilter
Toppnyheter
Säkerhet
Poster
110
Källor
11
Senast uppdaterad
2026-03-07 00:13
NVD (National Vulnerability Database)10
SecurityWeek Vulnerabilities10
CERT-SE10
CISA KEV-katalog10
Microsoft MSRC10
Cisco PSIRT10
CVE-toppar
CVE-2026-201223
CVE-2017-79212
CVE-2025-154672
CVE-2026-200792
CVE-2026-201272
Senaste CVE
CVE-2026-26122
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability
CVE-2026-23651
CVE-2026-23651 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
CVE-2026-26124
CVE-2026-26124 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
CVE-2026-3336
CVE-2026-3336 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC
CVE-2026-24821
CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine.
Säkerhet
110 artiklar
Dark Reading
DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.
SecurityWeek Vulnerabilities
The company will accelerate platform development, expand go-to-market efforts, and invest in product innovation. The post ArmorCode Raises $16 Million for Exposure Management Platform appeared first on SecurityWeek.
Microsoft MSRC
Added FAQ information. This is an informational change only.
1 fler källor
Microsoft MSRC
CVE-2026-23651 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
2026-03-06 17:00
Microsoft MSRC
CVE-2026-26124 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
2026-03-06 17:00
Microsoft MSRC
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability
2026-03-06 17:00
SecurityWeek Vulnerabilities
Other noteworthy stories that might have slipped under the radar: Avira antivirus vulnerabilities, Transport for London data breach affects 10 million, Gaming cheat exposes North Korean hacker. The post In Other News:...
The Hacker News
The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is...
Dark Reading
The European Union is taking new precautions as climate change and cybersecurity threats rise across the automotive industry.
The Hacker News
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm,...
Dark Reading
Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one in the same.
Dark Reading
Using Anthropic's Claude, OpenAI's ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencies and its citizens' data.
CERT-SE
I veckobrevet går det att ta del av den nya upplagan av Cybersäkerhetskollen som visar på behov av ökat engagemang från ledningen gällande cybersäkerhet inom bland annat offentlig sektor. Veckobrevet består utöver det...
1 fler källor
SecurityWeek Vulnerabilities
The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on...
SecurityWeek Vulnerabilities
Bishop replaces David McKeown, who will take on a role in the private sector after 40 years of government service. The post James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
The attacks, observed since February, show that Iranian hackers already have a presence in the networks of US organizations. The post Iranian APT Hacked US Airport, Bank, Software Company appeared first on SecurityWeek.
The Hacker News
Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it...
The Hacker News
New research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies' networks, including banks, airports, non-...
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
SecurityWeek Vulnerabilities
The company has raised a total of $46 million in funding for its developer-focused encryption and orchestration platform. The post Data Security Firm Evervault Raises $25 Million in Series B Funding appeared first on...
The Hacker News
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three...
The Hacker News
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma...
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing...
Dark Reading
Pakistan's APT36 threat group has begun using vibe-coding to churn out mediocre malware, but at a scale that could overwhelm defenses.
Dark Reading
The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses.
Dark Reading
Edge bugs are so fetch, and Cisco just patched 50 new ones, including some heavy hitters with 10 out of 10 scores on the CVSS scale.
Dark Reading
Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error.
The Hacker News
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are listed below -...
The Hacker News
Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting...
SecurityWeek Vulnerabilities
Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first...
Dark Reading
Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage.
The Hacker News
Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity,...
SecurityWeek Vulnerabilities
Evgenii Ptitsyn was extradited to the United States from South Korea in November 2024. The post Russian Ransomware Operator Pleads Guilty in US appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first...
CERT-SE
Cisco har publicerat information gällande två kritiska sårbarheter i Cisco Secure Firewall Management Center (FMC) och Cisco Security Cloud Control (SCC) Firewall Management. Båda sårbarheterna (CVE-2026-20079 och...
Cisco PSIRT
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite...
CISA KEV-katalog
Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information. | Åtgärd: Apply mitigations...
CISA KEV-katalog
Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are...
CISA KEV-katalog
Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead to memory corruption. | Åtgärd: Apply mitigations per vendor...
CISA KEV-katalog
Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code execution. | Åtgärd: Apply...
CISA KEV-katalog
Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01...
Cisco PSIRT
Multiple vulnerabilities in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote...
1 fler källor
Cisco PSIRT
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability
2026-03-05 01:00
Cisco PSIRT
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected...
1 fler källor
Cisco PSIRT
Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability
2026-03-05 01:00
Dark Reading
Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud environments.
Cisco PSIRT
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform...
Cisco PSIRT
A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local...
Cisco PSIRT
Multiple Cisco products are affected by vulnerabilities in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an...
CISA KEV-katalog
Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerability that allows an unauthenticated attacker to execute arbitrary commands, potentially leading to...
CISA KEV-katalog
Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud...
CERT-SE
Cisco har publicerat information om en nolldagssårbarhet (CVE-2026-20127) som påverkar i Cisco Catalyst SD-WAN Controller (tidigare vSmart) och Cisco Catalyst SD-WAN Manager (tidigare vManage). Sårbarheten är kritisk...
CISA KEV-katalog
Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful...
CISA KEV-katalog
Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to...
CISA KEV-katalog
Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product and sends a specially crafted HTTP request. | Åtgärd: Apply mitigations per vendor instructions,...
Palo Alto Networks Advisories
Ingen sammanfattning.
CERT-SE
Dell har publicerat information om en kritisk sårbarhet (CVE-2026-22769) som påverkar RecoverPoint for Virtual Machines. Sårbarheten är kritisk och har en CVSS v3.1-klassning på 10. [1] [2]
Palo Alto Networks Advisories
Ingen sammanfattning.
Palo Alto Networks Advisories
Ingen sammanfattning.
1 fler källor
Palo Alto Networks Advisories
PAN-SA-2026-0001 Chromium: Monthly Vulnerability Update (January 2026) (Severity: MEDIUM)
2026-01-14 18:00
CERT-SE
Flera leverantörer har släppt sina månatliga säkerhetsuppdateringar för februari.
Fortinet PSIRT
CVSSv3 Score: 5.2 An HTTP request smuggling vulnerability [CWE-444] in FortiOS may allow an unauthenticated attacker to smuggle an unlogged http request through the firewall policies via a specially crafted header...
Fortinet PSIRT
CVSSv3 Score: 6.4 An Improper Link Resolution Before File Access vulnerability [CWE-59] in FortiClient Windows may allow a local low-privilege attacker to perform an arbitrary file write with elevated permissions via...
Fortinet PSIRT
CVSSv3 Score: 3.8 An Improper Verification of Source of a Communication Channel vulnerability [CWE-940] in FortiOS FSSO Terminal Services Agent may allow an authenticated user with knowledge of FSSO policy...
Fortinet PSIRT
CVSSv3 Score: 6.7 A Use of Externally-Controlled Format String vulnerability [CWE-134] in FortiGate may allow an authenticated admin to execute unauthorized code or commands via specifically crafted configuration....
Fortinet PSIRT
CVSSv3 Score: 7.5 An Authentication Bypass by Primary Weakness vulnerability [CWE-305] in FortiOS fnbamd may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, under...
Fortinet PSIRT
CVSSv3 Score: 6.8 A missing authorization vulnerability [CWE-862] in FortiAuthenticator may allow a read-only admin to make modification to local users via a file upload to an unprotected endpoint. Revised on...
Fortinet PSIRT
CVSSv3 Score: 5.3 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to bypass the patch developed for the symbolic...
Palo Alto Networks Advisories
Ingen sammanfattning.
CERT-SE
Behöver din organisation stärka sin förmåga att hantera cyberhot och arbeta effektivt med informationsdelning? Då kan en MISP-övning vara ett bra alternativ.
Fortinet PSIRT
CVSSv3 Score: 9.8 CVE-2025-15467Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. A stack buffer overflow may lead to a crash, causing Denial of...
Fortinet PSIRT
CVSSv3 Score: 7.4 A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiSwitchManager cw_acd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically...
Palo Alto Networks Advisories
Ingen sammanfattning.
Palo Alto Networks Advisories
Ingen sammanfattning.
Palo Alto Networks Advisories
Ingen sammanfattning.
Palo Alto Networks Advisories
Ingen sammanfattning.
Fortinet PSIRT
CVSSv3 Score: 6.7 An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS, FortiPAM and FortiProxy RDP bookmark connection may allow an authenticated user to execute unauthorized code via crafted requests....
Palo Alto Networks Advisories
Ingen sammanfattning.
NVD (National Vulnerability Database)
A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6. This affects an unknown part of the file src/defaultConfig.js of the component ENV Variable Handler. The manipulation...
NVD (National Vulnerability Database)
A vulnerability was found in Vaerys-Dawn DiscordSailv2 up to 2.10.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Tag Handler. The manipulation leads to improper...
NVD (National Vulnerability Database)
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Magnesium-PHP up to 0.3.0. It has been classified as problematic. Affected is the function formatEmailString of the file...
NVD (National Vulnerability Database)
A vulnerability was found in Vaerys-Dawn DiscordSailv2 up to 2.10.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Command Mention Handler. The...
NVD (National Vulnerability Database)
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the...
NVD (National Vulnerability Database)
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
NVD (National Vulnerability Database)
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability
NVD (National Vulnerability Database)
A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication.
NVD (National Vulnerability Database)
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.
NVD (National Vulnerability Database)
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
Threatpost
2.5 million people were affected, in a breach that could spell more trouble down the line.
Threatpost
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Threatpost
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Threatpost
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Threatpost
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Threatpost
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Threatpost
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Threatpost
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
Threatpost
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Threatpost
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
