Recon

[DRAGNET]225IN STACK · 2026-03-18 07:00

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access The Hacker News

Infosecurity203IN STACK · 2026-03-18 14:15

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data

Red Canary47 · 2026-03-18 15:05

AI and browser threats stand out in the 2026 Threat Detection Report

Our annual analysis brings you a year’s worth of security operations insights, including how adversaries are both leveraging and targeting AI

Huntress Blog34 · 2026-03-18 14:00

Something Phishy in the /tmp Folder

Huntress’ AI-Centric SOC recently stopped a MacSync infostealer attack on a macOS device. The malware attempted to scrape credentials, browser cookies, and crypto wallets, but Huntress contained the threat before any data was sent to the attacker. Learn how we did it.

Insinuator.net20 · 2026-03-18 15:28

Vulnerabilities in Broadcom VMware Aria Operations: Privilege Escalation (CVE-2025-41245 / CVE-2026-22721)

During a customer project, we identified privilege escalation vulnerabilities in Broadcom VMware Aria Operations. It is possible to escalate the privileges of an administrative vCenter user to an Aria administrator and take over systems integrated in Aria. Meaning, the vCenter user can gain privileged access to systems they have no access to. While both users […]

Infosecurity14 · 2026-03-18 11:15

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

The Vidar 2.0 infostealers is deployed through fake free game cheats on GitHub and Reddit

Bitdefender Labs12 · 2026-03-18 13:03

Windsurf IDE Extension Drops Malware via Solana Blockchain

Bitdefender researchers have discovered a malicious Windsurf IDE (integrated development environment) extension that deploys a multi-stage NodeJS stealer by using the Solana blockchain as the payload infrastructure.

Infosecurity11 · 2026-03-18 13:00

AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure

Rapid7 says median time from publication to CISA KEV inclusion dropped to five days

[DRAGNET]10 · 2026-03-18 07:00

Ransomware gang exploits Cisco flaw in zero-day attacks since January

Ransomware gang exploits Cisco flaw in zero-day attacks since January BleepingComputer

Trend Micro Simply Security10 · 2026-03-18 00:00

From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Infosecurity6 · 2026-03-18 15:45

New Ubuntu Flaw Enables Local Attackers to Gain Root Access

CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit

Kotlin6 · 2026-03-18 13:11

Google Summer of Code 2026 Is Here: Contribute to Kotlin

The Kotlin Foundation is joining Google Summer of Code (GSoC) 2026! If you are a student or an eligible contributor looking to spend your summer working on a real-world open-source project, this is your chance to make a meaningful impact on the Kotlin ecosystem while also benefiting from the mentorship of experienced engineers. Take part […]

[DRAGNET]5 · 2026-03-18 07:00

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls Amazon Web Services