Indicators of Compromise

ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)

SANS ISC →

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

View CSAF Summary Successful exploitation of this vulnerability may risk a Cross-site Scripting or an open redirect attack which could result in an account t...

CISA Advisories →

Schneider Electric Modicon M241, M251, and M262

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the product. The following ...

CISA Advisories →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20131 Cisco Sec...

CISA Advisories →

New Ubuntu Snap Bug Opens Door to Delayed Root Compromise

A newly disclosed flaw in Ubuntu’s Snap ecosystem is raising fresh concerns about local privilege escalation risks in default Linux environments. Researchers...

Information Security Buzz →

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

The U.S.

The Hacker News →

ZDI-26-221: GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

Zero Day Initiative →

ZDI-26-220: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

Zero Day Initiative →

ZDI-26-219: GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

Zero Day Initiative →

ZDI-26-218: GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

Zero Day Initiative →

ZDI-26-217: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

Zero Day Initiative →

ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)

SANS ISC →

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secur...

The Hacker News →

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls

Amazon threat intelligence has identified an active Interlock ransomware campaign exploiting CVE-2026-20131, a critical vulnerability in Cisco Secure Firewal...

AWS Security Blog →

New Ubuntu Flaw Enables Local Attackers to Gain Root Access

CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit

Infosecurity Magazine →

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthent...

The Hacker News →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-66376 Synacor Z...

CISA Advisories →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20963 Microsoft...

CISA Advisories →

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the roo...

The Hacker News →

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The v...

The Hacker News →