3709 matches found
CVE-2022-47392
creationtimestamp| type| source ---|---|--- 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...
CVE-2021-30187
creationtimestamp| type| source ---|---|--- 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...
CVE-2026-26133
creationtimestamp| type| source ---|---|--- 2026-03-13 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0293/ 2026-03-13 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0294/ 2026-03-13 00:00:00+00:00| seen|...
CVE-2025-27769
creationtimestamp| type| source ---|---|--- 2026-03-12 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-05...
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall NGFW appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials...
900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks
A joint study by Google and GitGuardian reveals that over 2,600 valid TLS certificates, protecting Fortune 500 companies and government agencies, were compromised due to private key leaks on GitHub and DockerHub...
Claude Used to Hack Mexican Government
An unknown hacker used Anthropic's LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite hacker, finding vulnerabilities in government networks, writing computer scripts to exploit them and determining ways to automate data...
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the...
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
Wired has the story: Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not from the government advising caution, but from an apparently hacked prayer-timing app called BadeSaba Calendar that has been downloaded more than 5 million time...
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. "The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, drivi...
Does the UK really want to ban VPNs? And can it be done?
The idea of a "Great British Firewall" makes for a catchy headline, but it would be riddled with holes and cause huge problems. The Guardian reports that the GCHQ Government Communications Headquarters, a UK intelligence, security, and cyber agency, is exploring the idea of a British firewall...
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat APT group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. "Silver Dragon gains its initial access by exploiting public-facing...
A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals
A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government...
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with the end goal of...
CVE-2026-20425
creationtimestamp| type| source ---|---|--- 2026-03-03 09:08:54+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-prodotti-mediatek-6...
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of...
OAuth redirection abuse enables phishing and malware delivery
Microsoft observed phishing-led exploitation of OAuth’s by-design redirection mechanisms. The activity targets government and public-sector organizations and uses silent OAuth authentication flows and intentionally invalid scopes to redirect victims to attacker-controlled infrastructure without...
OAuth redirection abuse enables phishing and malware delivery
Microsoft observed phishing-led exploitation of OAuth’s by-design redirection mechanisms. The activity targets government and public-sector organizations and uses silent OAuth authentication flows and intentionally invalid scopes to redirect victims to attacker-controlled infrastructure without...
Security Is Not Enough: Privacy in Encryption Regulation and Lawful-Surveillance Protocols
This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data. A conception of privacy as security has little to say about "lawful-surveillance protocols'' -- an active research agenda in cryptography that aims to enable...
CVE-2026-27494
creationtimestamp| type| source ---|---|--- 2026-02-26 11:50:14+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-n8n-2...