> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Friday, March 06, 2026

  1. 1
    0
    SecurityWeek general
    CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

    CISA added iOS vulnerabilities from the nation-state-grade Coruna exploit kit to the KEV catalog, targeting 23 flaws affecting iOS versions 13 through 17.2.1. The exploit kit represents a significant threat as it provides government-level capabilities for compromising Apple devices across multiple iOS generations.

  2. 2
    0
    SecurityWeek general
    Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

    A Rockwell Automation vulnerability disclosed and patched in 2021 is now confirmed to be exploited in the wild, allowing remote hacking of industrial control systems. This late discovery of active exploitation highlights the persistent risk to critical infrastructure from older, supposedly mitigated vulnerabilities.

  3. 3
    0
    SecurityWeek general
    Iranian APT Hacked US Airport, Bank, Software Company

    Iranian APT group MuddyWater has compromised networks at multiple U.S. organizations since February, including airports, banks, and a software company's Israeli division using the new Dindoor backdoor. The attacks demonstrate Iran's continued focus on embedding persistent access within American critical infrastructure.

  4. 4
    2
    Schneier on Security threat-intel
    Claude Used to Hack Mexican Government

    An unknown attacker used Anthropic's Claude AI to hack Mexican government agencies by prompting the chatbot to act as an elite hacker, find vulnerabilities, and write exploitation scripts. Israeli cybersecurity firm Gambit Security documented how the Spanish-language prompts led to automated data theft from government networks.

  5. 5
    0
    BleepingComputer general
    FBI investigates breach of surveillance and wiretap systems

    The FBI confirmed it's investigating a breach of systems used to manage surveillance and wiretap warrants, representing a significant compromise of law enforcement's electronic surveillance infrastructure. The incident highlights vulnerabilities in the tools federal agencies use to conduct authorized surveillance operations.

  6. 6
    2
    The Hacker News general
    Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

    CISA added two critical vulnerabilities to the KEV catalog: CVE-2017-7921 affecting Hikvision cameras (CVSS 9.8) and a Rockwell Automation flaw, both with evidence of active exploitation. These additions underscore ongoing threats to surveillance infrastructure and industrial control systems from years-old vulnerabilities.

  7. 7
    0
    Dark Reading general
    Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical

    Cisco disclosed 48 new firewall vulnerabilities including two critical flaws with maximum 10.0 CVSS scores in its ASA, Secure FMC, and Secure FTD products. The vendor reported no known active exploitation but the critical severity ratings indicate potential for significant network compromise.

  8. 8
    0
    The Hacker News general
    Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

    Iran-linked MuddyWater APT group deployed the new Dindoor backdoor against U.S. companies including banks, airports, and software firms, with Broadcom's Symantec team tracking the activity since February 2026. The campaign demonstrates Iran's persistent targeting of American critical infrastructure with custom malware tools.

  9. 9
    0
    BleepingComputer general
    Wikipedia hit by self-propagating JavaScript worm that vandalized pages

    Wikipedia suffered a security incident when a self-propagating JavaScript worm vandalized pages and modified user scripts across multiple wikis operated by the Wikimedia Foundation. The incident shows how client-side attacks can spread rapidly across interconnected web platforms, affecting content integrity at scale.

  10. 10
    0
    BleepingComputer general
    Google says 90 zero-days were exploited in attacks last year

    Google Threat Intelligence Group tracked 90 zero-day vulnerabilities actively exploited in 2025, with nearly half targeting enterprise software and appliances compared to 78 zero-days in 2024. The increase reflects growing commercial spyware vendor activity and nation-state focus on enterprise infrastructure rather than consumer platforms.