U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five security problems affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) list on Friday. They are telling federal agencies to fix these issues by April 3, 2026. The vulnerabilities that have come under exploitation are listed below:Â …
Read More »
ALERT
Oracle released emergency fix for critical Identity Manager RCE flaw
Oracle has put out a special security update to fix a serious flaw. This flaw allows anyone to run harmful code without needing an account. It affects Identity Manager and Web Services Manager, and it is known as CVE-2026-21992. Oracle Identity Manager helps manage identities and access in a business, …
Read More »
CVE-2026-20131
Interlock Ransomware gang exploits Cisco FMC zero-day since January
The Interlock ransomware group has been exploiting a remote code execution (RCE) flaw in Cisco’s Secure Firewall Management Center (FMC) software in zero-day attacks since late January. Cisco fixed the security issue (CVE-2026-20131) on March 4. They warned that this flaw could let attackers run any Java code as root …
Read More »Bishop Fox Unveils Critical Pre-Auth SQL Injection in FortiClient EMS
Cybersecurity experts at Bishop Fox have unveiled an in-depth look at a critical vulnerability in FortiClient EMS, which is Fortinet’s central tool for managing endpoint security. This issue lets an attacker who is not logged in run any SQL commands, which could completely take over the management server and its …
Read More »
ALERT
BGD CIRT warn of Botnet, APT, RAT and Malware attack during holidays
Bangladesh is preparing for a nationwide Eid holiday; on the contrary a different kind of “celebration” is occurring in the dark corners of the web. While most professionals are logging off for a well-deserved break, automated scripts are just getting started, scanning for “digital silence.” According to cyber security alert …
Read More »Google Alert Zero-Day For 3.5 billion Chrome Users: Forbes
Google has released a second Chrome security update just 48 hours after the first, confirming two zero-day vulnerabilities that are being actively exploited. Google has issued an urgent security update for two zero-day vulnerabilities, CVE-2026-3909 and CVE-2026-3910. Google Confirms CVE-2026-3909 And CVE-2026-3910 are already being exploited. Although full access to the …
Read More »
ALERT
Apple Unveils Emergency Updates For iOS 15.8.7 to Block ‘Coruna’ Exploit Kit
Apple released an urgent security update, iOS 15.8.7 and iPadOS 15.8.7, to safeguard older devices from the serious ‘Coruna’ exploit kit threat. On March 11, 2026, a critical patch was released that brings fixes from newer iOS versions to protect users of older devices from cyberattacks. The Coruna exploit kit targets …
Read More »
ALERT
Palo Alto Cortex XDR broker flaw allows systems to Information theft and modification
Palo Alto Networks released a security advisory about a new vulnerability in its Cortex XDR Broker Virtual Machine (VM). CVE-2026-0231 is a medium-severity flaw that could let an attacker access and change sensitive system information. Because the Broker VM acts as a critical bridge between on-premises network assets and the …
Read More »
ALERT
Chrome fix 29 vulnerabilities, must update immediately
Google has released Chrome version 146 with important security updates for Windows, Mac, and Linux users. If the flaw remains unpatched, attackers run arbitrary code, compromise systems, or cause denial-of-service issues. The critical vulnerability in this release is CVE-2026-3913, which is a severe heap buffer overflow in the WebML component. …
Read More »
ALERT
Zoom Windows Workplace Vulnerabilities Allow Privilege Escalation
Zoom has issued four security bulletins detailing several vulnerabilities in its windows client suite. The critical vulnerability CVE-2026-30903 (ZSB-26005) affects the Mail feature in Zoom Workplace for Windows. The issue arises from External Control of File Name or Path, which allows attackers to manipulate file references and carry out unauthorized …
Read More »
InfoSecBulletin Cybersecurity for mankind