Collaborate Disseminate
CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to… Continue reading CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)
Salesforce customers have, once again, been targeted by the ShinyHunters group – or, at least, it’s what the group claims. Attackers modified and abused benign tool On Saturday, Saleforce confirmed that its security team has identified an a… Continue reading ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites
A vishing-as-a-service platform that helps scammers carry out so-called “press 1” scams is misusing text-to-speech (TTS) capabilities provided by AI voice technology company ElevenLabs, Mirage Security researchers claim. How “press 1&… Continue reading Researchers uncover AI-powered vishing platform
On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed fl… Continue reading Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited
An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint d… Continue reading HR, recruiters targeted in year-long malware campaign
Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Securit… Continue reading Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic&#… Continue reading Fake Claude Code install pages highlight rise of “InstallFix” attacks
An Iran-linked hacking group has been active inside the networks of several US organizations since early February, raising concerns that the activity could precede broader cyber operations connected to escalating geopolitical tensions in the Middle Eas… Continue reading Iran-linked APT targets US critical sectors with new backdoors
Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is a … Continue reading Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout i… Continue reading FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)