> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 19 Mar 18 Mar 17 Mar 16 Mar 15 Mar 14 Mar 13 Mar 12 Mar 11 Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Thursday, March 19, 2026

  1. 1
    1
    BleepingComputer general
    Ransomware gang exploits Cisco flaw in zero-day attacks since January

    The Interlock ransomware gang has been exploiting CVE-2026-20131 (CVSS 10.0) in Cisco Secure Firewall Management Center since late January, achieving unauthenticated remote code execution through insecure Java deserialization. This zero-day attack demonstrates how quickly threat actors can weaponize critical vulnerabilities in enterprise security infrastructure.

  2. 2
    1
    BleepingComputer general
    CISA orders feds to patch Zimbra XSS flaw exploited in attacks

    CISA has issued a binding operational directive ordering federal agencies to patch an actively exploited XSS vulnerability in Zimbra Collaboration Suite. The cross-site scripting flaw is being leveraged in ongoing attacks against government email systems, highlighting the continued targeting of federal communications infrastructure.

  3. 3
    0
    The Record threat-intel
    Russia-linked hackers use advanced iPhone exploit to target Ukrainians

    Russia-linked threat actors are using the DarkSword iPhone exploit kit to target users in Ukraine, Saudi Arabia, Turkey, and Malaysia with multiple zero-day vulnerabilities. The sophisticated iOS exploit chain enables complete device compromise with minimal user interaction and can extract cryptocurrency wallet data within minutes while erasing forensic traces.

  4. 4
    0
    The Hacker News general
    Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

    A critical unauthenticated remote code execution vulnerability (CVE-2026-32746, CVSS 9.8) in GNU InetUtils telnetd remains unpatched and affects telnet daemons listening on port 23. The out-of-bounds write flaw in LINEMODE Set processing allows attackers to gain root privileges without authentication.

  5. 5
    0
    The Hacker News general
    Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

    Ubuntu Desktop versions 24.04 and later contain a high-severity privilege escalation vulnerability (CVE-2026-3888, CVSS 7.8) that allows unprivileged local attackers to gain root access. The flaw exploits systemd cleanup timing issues in default Ubuntu installations.

  6. 6
    0
    The Hacker News general
    9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

    Security researchers discovered nine critical vulnerabilities across four low-cost IP KVM vendors (GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM) that enable unauthenticated root access. These devices provide keyboard, video, and mouse control over IP, making the vulnerabilities particularly dangerous for remote server management.

  7. 7
    0
    The Record threat-intel
    Bank software vendor Marquis says more than 670,000 impacted by August breach

    Marquis, a Texas financial services provider, disclosed that a ransomware attack in August 2025 compromised data of over 672,000 individuals and disrupted operations at 74 banks across the United States. The breach affected customer names, addresses, Social Security numbers, and account information at credit unions and financial institutions.

  8. 8
    0
    BleepingComputer general
    Aura confirms data breach exposing 900,000 marketing contacts

    Identity protection company Aura confirmed a data breach exposing nearly 900,000 customer records containing names and email addresses of marketing contacts. The breach affects customers who use Aura's identity theft protection and credit monitoring services.

  9. 9
    0
    BleepingComputer general
    ConnectWise patches new flaw allowing ScreenConnect hijacking

    ConnectWise has patched a cryptographic signature verification vulnerability in ScreenConnect that could allow attackers to hijack remote access sessions and escalate privileges. The flaw affects the popular remote support platform used by managed service providers and IT departments.

  10. 10
    0
    Dark Reading general
    'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

    Security researchers disclosed three vulnerabilities dubbed 'Claudy Day' affecting Anthropic's Claude AI assistant, including a prompt injection flaw that can be chained with other exploits to steal enterprise data. The attack vector leverages Google search results to create a complete attack chain targeting business users.