> TritonInfoSec News

# Archive

Browse past daily curated stories

May 09 May 08 May 05 May 03 May 02 May 01 Apr 30 Apr 28 Apr 26 Apr 25 Apr 24 Apr 23 Apr 22 Apr 21 Apr 20 Apr 19 Apr 18 Apr 17 Apr 16 Apr 15 Apr 14 Apr 12 Apr 11 Apr 10 Apr 09 Apr 08 Apr 07 Apr 05 Apr 04 Apr 03

Thursday, March 19, 2026

  1. 1
    1
    BleepingComputer general
    Ransomware gang exploits Cisco flaw in zero-day attacks since January

    The Interlock ransomware gang has been exploiting CVE-2026-20131 (CVSS 10.0) in Cisco Secure Firewall Management Center since late January, achieving unauthenticated remote code execution through insecure Java deserialization. This zero-day attack demonstrates how quickly threat actors can weaponize critical vulnerabilities in enterprise security infrastructure.

  2. 2
    1
    BleepingComputer general
    CISA orders feds to patch Zimbra XSS flaw exploited in attacks

    CISA has issued a binding operational directive ordering federal agencies to patch an actively exploited XSS vulnerability in Zimbra Collaboration Suite. The cross-site scripting flaw is being leveraged in ongoing attacks against government email systems, highlighting the continued targeting of federal communications infrastructure.

  3. 3
    0
    The Record threat-intel
    Russia-linked hackers use advanced iPhone exploit to target Ukrainians

    Russia-linked threat actors are using the DarkSword iPhone exploit kit to target users in Ukraine, Saudi Arabia, Turkey, and Malaysia with multiple zero-day vulnerabilities. The sophisticated iOS exploit chain enables complete device compromise with minimal user interaction and can extract cryptocurrency wallet data within minutes while erasing forensic traces.

  4. 4
    0
    The Hacker News general
    Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

    A critical unauthenticated remote code execution vulnerability (CVE-2026-32746, CVSS 9.8) in GNU InetUtils telnetd remains unpatched and affects telnet daemons listening on port 23. The out-of-bounds write flaw in LINEMODE Set processing allows attackers to gain root privileges without authentication.

  5. 5
    0
    The Hacker News general
    Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

    Ubuntu Desktop versions 24.04 and later contain a high-severity privilege escalation vulnerability (CVE-2026-3888, CVSS 7.8) that allows unprivileged local attackers to gain root access. The flaw exploits systemd cleanup timing issues in default Ubuntu installations.

  6. 6
    0
    The Hacker News general
    9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

    Security researchers discovered nine critical vulnerabilities across four low-cost IP KVM vendors (GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM) that enable unauthenticated root access. These devices provide keyboard, video, and mouse control over IP, making the vulnerabilities particularly dangerous for remote server management.

  7. 7
    0
    The Record threat-intel
    Bank software vendor Marquis says more than 670,000 impacted by August breach

    Marquis, a Texas financial services provider, disclosed that a ransomware attack in August 2025 compromised data of over 672,000 individuals and disrupted operations at 74 banks across the United States. The breach affected customer names, addresses, Social Security numbers, and account information at credit unions and financial institutions.

  8. 8
    0
    BleepingComputer general
    Aura confirms data breach exposing 900,000 marketing contacts

    Identity protection company Aura confirmed a data breach exposing nearly 900,000 customer records containing names and email addresses of marketing contacts. The breach affects customers who use Aura's identity theft protection and credit monitoring services.

  9. 9
    0
    BleepingComputer general
    ConnectWise patches new flaw allowing ScreenConnect hijacking

    ConnectWise has patched a cryptographic signature verification vulnerability in ScreenConnect that could allow attackers to hijack remote access sessions and escalate privileges. The flaw affects the popular remote support platform used by managed service providers and IT departments.

  10. 10
    0
    Dark Reading general
    'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

    Security researchers disclosed three vulnerabilities dubbed 'Claudy Day' affecting Anthropic's Claude AI assistant, including a prompt injection flaw that can be chained with other exploits to steal enterprise data. The attack vector leverages Google search results to create a complete attack chain targeting business users.