Fortinet Zero-Day Exploited, Medusa Ransomware Weaponizes Flaws in Hours, and AI Phishing Bypasses MFA

Critical Cisco IMC Flaw (CVE-2026-20093) Allows Full Server Takeover

Cisco has patched a critical authentication bypass vulnerability, CVE-2026-20093, in its Integrated Management Controller (IMC) firmware. The flaw, rated 9.8 on the CVSS scale, allows an unauthenticated, remote attacker to reset any user's password, including...

Qilin Ransomware Attacks German Party Die Linke, Threatens Data Leak

The Russia-speaking Qilin ransomware group has claimed responsibility for a cyberattack against the German political party Die Linke. The attack, detected on March 26, prompted the party to shut down parts of its IT infrastructure. Qilin is now threatening to...

North Korean Hackers Abuse GitHub for C2 in Campaign Targeting South Korea

A sophisticated, multi-stage phishing campaign attributed to North Korean state-sponsored actors is targeting organizations in South Korea. The attackers use malicious Windows shortcut (LNK) files disguised as business documents to deliver a PowerShell-based p...

Critical RCE Chain in Progress ShareFile Allows Unauthenticated Takeover

Security researchers have publicly disclosed a critical vulnerability chain in the on-premise version of Progress ShareFile Storage Zones Controller. The chain combines an authentication bypass (CVE-2026-2699, CVSS 9.8) and a file upload flaw (CVE-2026-2701, C...

AI-Powered Attacks Now a Top Concern for 79% of IT Leaders, Armis Report Finds

Update:Microsoft research details Storm-1175, a Medusa ransomware group, capable of exploiting newly disclosed N-day and zero-day vulnerabilities to achieve full ransomware deployment in 24-48 hours. This high-velocity operation targets web-facing assets across healt...

Cybercriminals Exploit Tax Season with Over 100 Unique Phishing and Malware Campaigns

Update:New analysis of tax season phishing campaigns reveals specific Remote Monitoring and Management (RMM) tools, such as N-able and Datto, are being leveraged as Remote Access Trojans (RATs). The update also provides a more detailed breakdown of W-2 Business Email...

F5 BIG-IP Flaw Escalated to Critical 9.8 RCE, Now Under Active Attack

Update:F5 has released additional Indicators of Compromise (IOCs) for the actively exploited BIG-IP RCE (CVE-2025-53521). New detection methods include monitoring `/var/log/apm` for SELinux disable entries, `/var/log/auditd` for process ID 0, and `/tmp/` for suspicio...

Toy Giant Hasbro Hit by Cyberattack, Recovery to Take Weeks

Update:New reports confirm that Hasbro's consumer-facing digital platforms, including D&D Beyond and Hasbro Pulse, were not impacted by the recent cyberattack. This clarification indicates that while internal systems are disrupted, direct customer interaction points...

Unpatched Windows Zero-Day 'BlueHammer' Exploit Leaked, Allows SYSTEM-Level Access

Update:Further analysis of the 'BlueHammer' Windows zero-day exploit reveals it's a logical flaw, not memory corruption. It chains the Windows Defender update process, Volume Shadow Copy Service (VSS), and file system junctions to gain access to locked system files,...

Fortinet Scrambles to Patch Actively Exploited FortiClient EMS Zero-Day (CVE-2026-35616)

Update:The CVSS score for CVE-2026-35616 has been updated from 9.1 to 9.8, reflecting a higher critical impact. Analysis reveals nearly 2,000 FortiClient EMS instances are exposed online, with initial exploitation detected around March 31, 2026. Security researchers...