Daily Digest

CISA Flags Actively Exploited Flaws in Wing FTP & Fortinet; Poland Thwarts Nuclear Site Attack

CISA Flags Actively Exploited Flaws in Wing FTP & Fortinet; Poland Thwarts Nuclear Site Attack

March 17, 2026
9 articles (6 new, 3 updated)
27 min read

Summary

A critical day in cybersecurity for March 17, 2026, saw CISA add an actively exploited Wing FTP Server flaw (CVE-2025-47813) to its KEV catalog, while Fortinet rushed patches for three critical, exploited firewall vulnerabilities. Geopolitical tensions flared as Poland thwarted a cyberattack on its national nuclear research center, with officials suspecting a potential false flag operation. Meanwhile, the EU sanctioned Chinese and Iranian firms for cyberattacks, and the Medusa ransomware gang claimed responsibility for crippling attacks on a major U.S. hospital and a New Jersey county.

Filter by Category

New Articles (6)

Poland Blocks Cyberattack on Nuclear Research Centre; Suspects Iran-Linked False Flag

HIGH

Poland's National Centre for Nuclear Research (NCBJ) Thwarts Cyberattack, Cites Possible Iranian False Flag Operation

Poland's National Centre for Nuclear Research (NCBJ) successfully detected and blocked a cyberattack targeting its internal IT infrastructure. Officials confirmed that no systems were compromised and the 'MARIA' research reactor remained safe. While preliminary analysis of the attack vectors points towards Iran, Polish authorities, including the Minister for Digital Affairs, have cautioned that this could be a 'false flag' operation designed to misdirect attribution, especially given the history of cyberattacks against Poland attributed to Russian-linked groups like APT44 (Sandworm).

March 17, 2026
4 min read
Nuclear SecurityICSSCADAFalse FlagGeopolitics +3 more
Poland Blocks Cyberattack on Nuclear Research Centre; Suspects Iran-Linked False Flag
Cyberattack
Industrial Control Systems
Threat Actor

EU Sanctions Chinese and Iranian Hack-for-Hire Firms for Cyberattacks

MEDIUM

EU Imposes Sanctions on iSoon, Integrity Technology Group, and Emennet Pasargad for Cyber Espionage and Attacks

The European Union has imposed sanctions on three companies and two individuals from China and Iran for their involvement in cyberattacks against EU interests. The sanctioned entities include Iranian firm Emennet Pasargad, linked to the Charlie Hebdo data leak and election interference, and two Chinese companies: Anxun Information Technology (iSoon), a hack-for-hire group targeting critical infrastructure, and Integrity Technology Group, which supported operations linked to the state-backed APT group Flax Typhoon. The measures include asset freezes and travel bans.

March 17, 2026
4 min read
SanctionsEuropean UnionHack-for-HireiSoonEmennet Pasargad +4 more
EU Sanctions Chinese and Iranian Hack-for-Hire Firms for Cyberattacks
Policy and Compliance
Threat Actor
Regulatory

Fortinet Patches Three Critical FortiGate Flaws Used in Active Attacks to Steal Credentials

CRITICAL

Fortinet Patches Critical Flaws in FortiGate Firewalls Under Active Attack

Fortinet has released patches for three critical vulnerabilities in its FortiGate Next-Generation Firewalls (NGFWs), which were actively exploited by attackers between December 2025 and February 2026. Two of the flaws, CVE-2025-59718 and CVE-2025-59719 (CVSS 9.8), allowed remote authentication bypass via crafted SAML tokens. A third zero-day, CVE-2026-24858 (CVSS 9.8), was also abused. Attackers leveraged these flaws to gain administrative access, download the full device configuration, and steal service account credentials for lateral movement. CISA has added CVE-2025-59718 to its KEV catalog.

March 17, 2026
5 min read
FortinetFortiGateZero-DayVulnerabilityKEV +3 more
Fortinet Patches Three Critical FortiGate Flaws Used in Active Attacks to Steal Credentials
Vulnerability
Patch Management
Cyberattack

Atlassian Bulletin Details 21 High-Severity Flaws, Including Critical RCEs in Bamboo

HIGH

Atlassian's March Security Bulletin Fixes 21 High-Severity Flaws, Including RCEs in Bamboo

Atlassian has published its March 2026 Security Bulletin, addressing numerous vulnerabilities across its product suite, 21 of which are rated high-severity. Among the most critical fixes is for a Remote Code Execution (RCE) vulnerability in Bamboo Data Center and Server (CVE-2026-21570, CVSS 8.6). Other significant flaws in Bamboo, stemming from an Apache Struts dependency, were also patched. The company urges customers to upgrade their instances to a fixed version to mitigate the risks posed by these vulnerabilities.

March 17, 2026
4 min read
AtlassianBambooBitbucketVulnerabilityRCE +2 more
Atlassian Bulletin Details 21 High-Severity Flaws, Including Critical RCEs in Bamboo
Vulnerability
Patch Management
Supply Chain Attack

Google Finalizes Acquisition of Cloud Security Firm Wiz to Bolster Multicloud Security

INFORMATIONAL

Google Completes Acquisition of Cloud and AI Security Platform Wiz

Google has officially completed its acquisition of Wiz, a leading cloud-native security platform. This major strategic investment is aimed at enhancing Google Cloud's security offerings, particularly for customers operating in multicloud environments. Wiz will join the Google Cloud division but will continue to operate under its own brand, maintaining its commitment to securing customer environments across all major cloud providers, including AWS and Microsoft Azure. The move is expected to help organizations better secure their cloud and AI deployments.

March 17, 2026
3 min read
GoogleWizAcquisitionCloud SecurityCNAPP +2 more
Google Finalizes Acquisition of Cloud Security Firm Wiz to Bolster Multicloud Security
Cloud Security
Policy and Compliance
Other

Zapier Pledges Free AI Education for One Million People to Lower Skills Barrier

INFORMATIONAL

Zapier Launches "1 Million AIs" Initiative to Provide Free AI Training

Workflow automation company Zapier has launched the "1 Million AIs" initiative, a public pledge to provide free AI education and training to one million people. The program aims to democratize AI skills, making them accessible to non-technical users and driving broader adoption of AI-powered automation. The initiative will include live workshops, bootcamps, and self-paced courses, with a public counter tracking progress towards the goal. The first virtual workshop is scheduled for April 7, 2026.

March 17, 2026
3 min read
ZapierArtificial IntelligenceAI TrainingEducationAutomation +1 more
Zapier Pledges Free AI Education for One Million People to Lower Skills Barrier
Other
Policy and Compliance

Updated Articles (3)

WEF Report: AI Supercharges Cyber Arms Race, Widens Global 'Cyber Equity' Gap

INFORMATIONAL

World Economic Forum's Global Cybersecurity Outlook 2026 Highlights AI Risks and 'Security Poverty Line'

Update:

A new Armis report reinforces warnings about AI's role in cyberwarfare, stating it has reached a 'boiling point.' The study reveals 79% of IT leaders are concerned about nation-state AI attacks. Critically, 54% of organizations have already been hit by AI-led attacks, with 50% unable to fully secure their environments afterward. This highlights a dangerous disconnect and the challenge of 'machine speed' attacks, where adversaries operate faster than human defenders. The report also notes 52% of organizations face ransomware payouts exceeding their annual cybersecurity budget, indicating increased financial strain.

February 19, 2026
Updated: March 17, 2026
4 min read
World Economic ForumWEFAIcybersecurity outlookcyber equity +2 more
WEF Report: AI Supercharges Cyber Arms Race, Widens Global 'Cyber Equity' Gap
Policy and Compliance
Regulatory
Threat Intelligence

Cisco Scrambles to Patch Critical SD-WAN Zero-Day Exploited for Months

CRITICAL

Cisco Patches Critical Authentication Bypass Flaw (CVE-2026-20127) in Catalyst SD-WAN After Months of Active Exploitation

Update:

Security firm VulnCheck reports that a high-severity vulnerability, CVE-2026-20133 (insufficient file system access restrictions), is being overlooked due to misattribution of a PoC exploit. While a PoC was widely believed to target the previously reported zero-day CVE-2026-20127, it actually exploits CVE-2026-20133 and other flaws. This creates a dangerous blind spot, as organizations may believe they are secure after patching only CVE-2026-20127, leaving them vulnerable to CVE-2026-20133, which is also targeted by UAT-8616. Defenders must apply all relevant patches and verify detection rules for both CVEs.

February 27, 2026
Updated: March 17, 2026
5 min read
CVE-2026-20127Zero-DayCiscoSD-WANAuthentication Bypass +2 more
Cisco Scrambles to Patch Critical SD-WAN Zero-Day Exploited for Months
Vulnerability
Patch Management
Threat Actor

Ransomware Splinters as Attacks Surge 59% in Asia-Pacific, S-RM Report Finds

INFORMATIONAL

S-RM Report: Ransomware Ecosystem Fragments into 67 Groups as Attacks on APAC Region Skyrocket

Update:

Gartner forecasts that by 2028, half of all enterprise cybersecurity incident response efforts will be dedicated to incidents involving custom-built AI applications. This is due to their inherent complexity, dynamic nature, and deployment without adequate security testing, creating a new class of incidents for which most security teams are unprepared. This prediction significantly escalates the previously identified risk of insecure AI adoption, warning of substantial strain on resources, a skills gap, and the need for specialized AI security platforms.

March 16, 2026
Updated: March 17, 2026
5 min read
RansomwareThreat IntelligenceS-RMAPACRaaS +1 more
Ransomware Splinters as Attacks Surge 59% in Asia-Pacific, S-RM Report Finds
Threat Intelligence
Ransomware
Cyberattack

📢 Share This Publication

Help others stay informed about cybersecurity threats