SecurityWeek Briefing

"Critical Quest KACE vulnerability potentially exploited in attacks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.   Accessed on 23 March 2026, 0024 UTC.

Content and Source provided by email subscription from https://feedly.com.

 https://feedly.com/i/subscription/content/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecuritiyjournal.net).

SecurityWeek

96K followers46 articles per week

#security#tech

201

Yesterday

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

CVE-2025-32975

•

by Eduard Kovacs / 1d

The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector. The post appeared first on SecurityWeek .

Mar 20, 2026

In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting

by SecurityWeek News / 2d

Other noteworthy stories that might have slipped under the radar: vulnerabilities found in KVM devices, Claudy Day Claude vulnerabilities, The Gentlemen ransomware group. The post appeared first on SecurityWeek .

3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China

Supermicro co-founder arrested for smuggling

•

by Associated Press / 2d

The men violated U.S. export controls laws by scheming to divert massive quantities of the high-performance servers assembled in the United States to China. The post appeared first on SecurityWeek .

Eclypsium Raises $25 Million for Device Supply Chain Security

Eclypsium raises 25M for security

•

by Ionut Arghire / 2d

The company will use the investment to expand its platform’s capabilities and grow channel partnerships. The post appeared first on SecurityWeek .

US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites

US links Handala hackers to Iran

•

by Eduard Kovacs / 2d

The US has seized several domains used by Handala in cyber-enabled psychological operations. The post appeared first on SecurityWeek .

Cape Raises $100 Million for Protection Against Cellular Security Threats

by SecurityWeek News / 2d

Cape offers a privacy-focused mobile virtual network operator (MVNO) service for consumers, enterprises, and governments. The post appeared first on SecurityWeek .

Navia Data Breach Impacts 2.7 Million

Data breaches at multiple companies

•

by Ionut Arghire / 2d

Between late December 2025 and mid-January 2026, hackers stole personal and health plan information from Navia’s environment. The post appeared first on SecurityWeek .

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

by Ionut Arghire / 2d

The attacks started on February 27 and have targeted e-commerce platforms, global brands, and government services. The post appeared first on SecurityWeek .

Mar 19, 2026

Allure Security Raises $17 Million for Online Brand Protection

by Ionut Arghire / 2d

The company will invest in expanding its digital brand protection platform and in scaling its go-to-market efforts. The post appeared first on SecurityWeek .

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

by Ionut Arghire / 2d

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution. The post appeared first on SecurityWeek .

Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

by Eduard Kovacs / 2d

The lesser-known JackSkid and Mossad botnets have also been targeted in the operation. The post appeared first on SecurityWeek .

Oasis Security Raises $120 Million for Agentic Access Management

Oasis Security raises 120M$ Series B

•

by Ionut Arghire / 3d

The company will invest in R&D, product expansion across AI frameworks, and in scaling go-to-market and sales efforts. The post appeared first on SecurityWeek .

1stProtect Emerges From Stealth With $20 Million in Funding

by Ionut Arghire / 3d

The company’s endpoint security platform monitors behavior and verifies user intent to stop cyberattacks in real time. The post appeared first on SecurityWeek .

Critical ScreenConnect Vulnerability Exposes Machine Keys

by Ionut Arghire / 3d

Latest ScreenConnect version adds encrypted storage and management to prevent unauthorized access to machine keys. The post appeared first on SecurityWeek .

Privacy Platform Cloaked Raises $375M to Expand Enterprise Reach

Cloaked raises 375M for expansion

•

by SecurityWeek News / 3d

Cloaked plans to introduce AI agents designed to act on behalf of users to monitor, manage, and enforce privacy preferences and security postures. The post appeared first on SecurityWeek .

Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury

by Kevin Townsend / 3d

Analysis reveals a six-month buildup of Iran-linked cyber infrastructure, including US-based shell companies, designed to weather kinetic strikes and ensure the resilience of its global hacking operations. The post appeared first on SecurityWeek .

Marquis Data Breach Affects 672,000 Individuals

Marquis data breach affects 672K

•

by Eduard Kovacs / 3d

It was previously estimated that more than 1.6 million people may be affected by the Marquis data breach. The post appeared first on SecurityWeek .

Security Firm Aura Discloses Data Breach Impacting 900,000 Records

2 TTPs

•

by Ionut Arghire / 3d

•

Aura data breach exposes 900k accounts

The information was stolen from a marketing tool after an employee fell victim to a targeted phone phishing attack. The post appeared first on SecurityWeek .

Hacker Conversations: Ben Harris, From Unintentional Young Hacker to Intentional Adult CEO

by Kevin Townsend / 3d

Harris is a hacker with a rebellious spirit and a willingness to break rules in the pursuit of his purpose – but without causing harm or damage. The post appeared first on SecurityWeek .

Russian APT Exploits Zimbra Vulnerability Against Ukraine

by Ionut Arghire / 3d

Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post appeared first on SecurityWeek .

Raven Emerges From Stealth With $20 Million in Funding

by Ionut Arghire / 3d

Raven’s platform observes applications at runtime to detect anomalous behavior and prevent cyberattacks. The post appeared first on SecurityWeek .

Mar 18, 2026

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

2 TTPs

•

by Eduard Kovacs / 3d

The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post appeared first on SecurityWeek .

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Interlock ransomware exploits Cisco vulnerability

•

by Eduard Kovacs / 3d

Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post appeared first on SecurityWeek .

The Collapse of Predictive Security in the Age of Machine-Speed Attacks

by Kevin Townsend / 4d

With exploitation of vulnerabilities taking just days, preemptive security must be the new model for defenders. The post appeared first on SecurityWeek .

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation

by SecurityWeek News / 4d

The company has developed an AI-powered platform that autonomously discovers and validates software vulnerabilities. The post appeared first on SecurityWeek .

Cloud Security Startup Native Exits Stealth With $42 Million in Funding

Native secures 42M for cloud security

•

by SecurityWeek News / 4d

Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors. The post appeared first on SecurityWeek .

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

DarkSword iOS exploit kit targets vulnerabilities

•

by Ionut Arghire / 4d

Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance. The post appeared first on SecurityWeek .

Virtual Summit Today: Supply Chain & Third-Party Risk Summit

by SecurityWeek News / 4d

Cyber risk doesn’t stop at your perimeter. Today’s most dangerous threats could be hiding in your software supply chain. The post appeared first on SecurityWeek .

EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations

EU sanctions Chinese Iranian firms

•

by Ionut Arghire / 4d

The sanctions target two Chinese individuals, two Chinese companies, and one Iranian firm involved in hacking EU member states. The post appeared first on SecurityWeek .

Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches

by Kevin Townsend / 4d

From Chaos to Control examines the chaos that often comes from shadow AI hidden in SaaS apps and urges better visibility and control over agentic AI. The post appeared first on SecurityWeek .

Manifold Raises $8 Million for AI Detection and Response

by Ionut Arghire / 4d

Focused on securing autonomous AI on endpoints, the startup will invest in product development. The post appeared first on SecurityWeek .

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

Valid Accounts (Enterprise T1078)

•

by Eduard Kovacs / 4d

•

Iran-linked hackers disrupt Stryker systems

The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers. The post appeared first on SecurityWeek .

Apple Debuts Background Security Improvements With Fresh WebKit Patches

by Ionut Arghire / 4d

The lightweight updates are meant to deliver security protections between security updates. The post appeared first on SecurityWeek .

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

by Eduard Kovacs / 4d

Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post appeared first on SecurityWeek .