security

soc

CVE-2026-20643: Vulnerability in WebKit Navigation API May Bypass Same Origin Policy

von SOC Prime • 18.03.2026

Just a little over a month after fixing the actively exploited CVE-2026-20700 zero-day, Apple has now issued its first Background Security Improvements release to address CVE-2026-20643, a WebKit vuln

Mehr lesen →

security

Researchers: Meta, TikTok Steal Personal & Financial Info When Users Click Ads

von Darkreading • 18.03.2026

Tracking pixels let social media companies spy on their users even after they click over to advertiser sites, gleaning credit card info, geolocations, and more, according to an analysis.

Mehr lesen →

security

SideWinder Espionage Campaign Expands Across Southeast Asia

von Darkreading • 18.03.2026

The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent

Mehr lesen →

soc

CISA Adds One Known Exploited Vulnerability to Catalog

von CISA Current Activity • 18.03.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CVE-2026-20963 Microsoft SharePoint Deserialization of Untrusted D

Mehr lesen →

soc

CISA Adds One Known Exploited Vulnerability to Catalog

von CISA Current Activity • 18.03.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CVE-2025-66376 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site

Mehr lesen →

soc

CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization

von CISA Current Activity • 18.03.2026

CISA is aware of malicious cyber activity targeting endpoint management systems of U.S. organizations based on the March 11, 2026 cyberattack against U.S.-based medical technology firm Stryker Corpora

Mehr lesen →

soc

Observability Pipeline: Managing Telemetry at Scale

von SOC Prime • 18.03.2026

Observability began as a visibility problem. Yet, today it is framed just as much as a control challenge because teams have to manage the floods of telemetry moving daily through the business environm

Mehr lesen →

security

More Attackers Are Logging In, Not Breaking In

von Darkreading • 17.03.2026

Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.

Mehr lesen →

security

Clear Communication: The Missing Link in Cybersecurity Success

von Darkreading • 17.03.2026

When technical expertise meets clear communication, cybersecurity teams thrive. Learn how to foster trust and collaboration across diverse working groups.

Mehr lesen →

security

Less Lucrative Ransomware Market Makes Attackers Alter Methods

von Darkreading • 17.03.2026

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

Mehr lesen →

📅 Kalender