Chainguard has rebuilt nearly one million unique versions of Java dependencies, including enterprise essentials such as Spring Boot, Jackson, Apache Commons, and Log4j, using the Chainguard Factory, an automated platform for creating software builds based on code originally found in open source software repositories.
A malicious unauthenticated actor may exploit this issue to execute arbitrary commands, which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. The shortcoming was addressed, along with CVE-2026-22720, a stored cross-site scripting vulnerability, and CVE-2026-22721, a privilege escalation vulnerability that could result in administrative access.
A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. CISA added CVE-2026-22719 to its Known Exploited Vulnerabilities (KEV) catalog on Tuesday, instructing federal agencies to address it by March 24.
Google security researchers released a report detailing Coruna as a highly sophisticated iPhone hacking toolkit that reportedly exploits multiple distinct vulnerabilities in iOS and includes several complete attack chains capable of bypassing iPhone security defenses. The toolkit can silently install malware when users simply visit compromised websites - no clicks, no downloads, no user interaction required.
These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage. AWS said in an update on its online dashboard regarding the Iranian drone strikes on its Middle East facilities.
It launches a headless Chrome instance - a browser that operates without a visible window - inside a Docker container, loads the brand's real website, and acts as a reverse proxy between the target and the legitimate site. Recipients are served genuine page content directly through the attacker's infrastructure, ensuring the phishing page is never out of date.
AI is directly impacting blue team (defender) and red team (attacker) strategies, operations and tactics. Federal cybersecurity teams are increasingly relying on AI for anomaly detection, predictive threat intelligence and faster incident response. AI can flag suspicious behavior, such as access to sensitive systems from unusual locations, without depending on static rules.
CISA's guidance is intended to assist critical infrastructure stakeholders, which includes private sector entities across various sectors, with implementing an insider threat mitigation program that combines physical security, cybersecurity, personnel awareness, and community partnerships. Although framed for critical infrastructure, CISA's guidance is relevant to a broader range of organizations, including those outside of critical infrastructure sectors.
A reported "cyber incident" left the Denmark School District in the Village of Denmark, Wisconsin, without internet access for five school days, forcing teachers and students to rely on paper-based workarounds, according to a local news report.
Thinking back to Ben Franklin, we saw society moving in the right direction for the last 500 years because of our commitment to science, human rights, etc., and that seems to be at the very least slowing down, if not reversing. Braun said he blames government for this state of affairs - pointedly 'the inability of government to continue to make the progress we saw from the enlightenment.'
According to CISA, Gardyn products were affected by two critical and two high-severity vulnerabilities. One of the critical flaws, tracked as CVE-2025-29631, is a command injection issue that can be exploited to execute arbitrary OS commands on the targeted device. The second critical vulnerability, CVE-2025-1242, is related to the exposure of hardcoded admin credentials that can be used to gain full control of the Gardyn IoT Hub.
The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device.
Cisco confirmed that attackers exploited the bug, tracked as CVE-2026-20127, to bypass authentication, gain privileged access, and quietly steal data. The discovery prompted a rare joint warning from authorities in the US, UK, Australia, Canada, and New Zealand.
The bug, which has a maximum-rated vulnerability severity score of 10.0, allows hackers to remotely break into networks running its Catalyst SD-WAN products, which allow large companies and government agencies with multiple offices to connect their private networks over long distances.
Despite the relative stability in total payments, ransomware attacks surged across multiple vectors in 2025, with eCrime.ch data showing a 50 percent YoY increase in claimed ransomware victims, marking the most active year on record.
