Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Critical Quest KACE SMA RCE (CVE-2025-32975) Under Attack
Threat actors are actively exploiting CVE-2025-32975, a critical path traversal vulnerability in Quest KACE Systems Management Appliance (SMA) with a CVSS score of 10.0, to achieve unauthenticated remote code execution. Patches were released on March 18, 2026.
-
Trivy Supply Chain Attack Spreads Infostealer, Worm, and Kubernetes Wiper via Docker Hub
A supply chain attack targeting Aqua Security’s Trivy vulnerability scanner led to the distribution of malicious artifacts via Docker Hub, deploying TeamPCP infostealer, a worm, and a Kubernetes wiper.
-
Hong Kong Police Can Demand Phone Passwords Under New Security Law
Hong Kong police can now legally demand phone and computer passwords from individuals suspected of breaching the National Security Law (NSL), with refusal leading to up to one year in jail and hefty fines.
-
North Korean Hackers Deploy StoatWaffle Malware via VS Code Projects
A North Korean threat actor, tracked as WaterPlum, is using malicious Visual Studio Code projects to distribute a new malware family called StoatWaffle. The campaign leverages a feature in VS Code to automatically execute code when a project is opened.
-
CISA Warns on Microsoft Intune After Stryker Cyberattack
CISA said on March 19 it is aware of malicious activity targeting endpoint management systems and urged organizations to harden Microsoft Intune configurations after the March 11 cyberattack on Michigan-based medical technology company Stryker.
-
CISA adds two actively exploited vulnerabilities to KEV catalog
CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog in a March 13 alert, requiring federal agencies to remediate the flaws by a set deadline under Binding Operational Directive 22-01.
-
CISA adds five actively exploited vulnerabilities to KEV catalog
CISA has added five vulnerabilities affecting Advantive VeraCore, Ivanti EPM, Microsoft .NET Framework, and D-Link DIR-859 routers to its Known Exploited Vulnerabilities catalog, ordering federal agencies to remediate them by set deadlines.
-
Apple updates older iPhones and iPads for WebKit flaw exploited in Coruna spyware attacks
Apple has released security updates for older iPhone and iPad models to fix a WebKit vulnerability that was exploited in the wild and linked to Coruna spyware attacks.
-
Veeam patches critical Backup & Replication flaws that allow remote code execution
Veeam has released security updates for Backup & Replication to fix multiple vulnerabilities, including critical flaws that could let authenticated domain users execute code remotely on affected servers.
-
Qualys details nine CrackArmor flaws in AppArmor that enable root escalation
Qualys says nine vulnerabilities in Linux AppArmor, collectively named CrackArmor, let unprivileged local users bypass protections, escalate to root, and break container isolation on affected systems.