Cyber Threat Brief

By Carolina Clear Tech, LLC

Your daily cybersecurity briefing. Vulnerabilities, ransomware, threat actors, and patches that matter, explained for IT professionals and business leaders protecting small and mid-sized organizations... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.

Cyber Threat Brief episodes:

April 04, 20262026-04-04: TeamPCP supply chain campaign hits European Commission AWS infrastructure with 340GB data theft via
Show Notes - 2026-04-04
Stories Covered
Today:
TeamPCP Supply Chain Campaign: European Commission Cloud Breach (CVE-2026-33634) [Critical Alerts]
SentinelOne Blocks LiteLLM Supply Chain Attack (CVE-2026-5281) [Critical Alerts]
Axios npm Supply Chain Attack via Social Engineering [Critical Alerts]
Die Linke German Political Party Confirms Qilin Data Theft [Ransomware & Extortion]
University of Mississippi Medical Center Ransomware Impact [Ransomware & Extortion]
Apex, NC Data Recovery via Court Order [Ransomware & Extortion]
BakerHostetler 2026 Data Breach Report Findings [Ransomware & Extortion]
Hasbro Confirms Cyberattack, Weeks to Recover [Ransomware & Extortion]
Axios npm Supply Chain Attack [IOCs & Detection]
TeamPCP Supply Chain [IOCs & Detection]
TeamPCP Campaign: Sportradar AG Breach Confirmed [Business & Infrastructure Threats]
Supply Chain Attacks: 25% of Top 100 Vulnerabilities [Business & Infrastructure Threats]
Third-Party Risk: 30% of Breaches [Business & Infrastructure Threats]
Cookie-Controlled PHP Web Shells Persist via Cron [Business & Infrastructure Threats]
LinkedIn Scans for 6,000+ Chrome Extensions [Business & Infrastructure Threats]
Hims & Hers Zendesk Data Breach [Business & Infrastructure Threats]
TA416 Targets European Governments with PlugX and OAuth-Based Phishing [Windows / AD Security]
TrueConf Zero-Day Exploited in Asian Government Attacks [Windows / AD Security]
CISA Budget Cut: Trump Proposes $707M Reduction [General Security News]
Infiniti Stealer Targets macOS via ClickFix [General Security News]
Drift Protocol $285M Exploit Shows North Korea Indicators [General Security News]
Amazon Bedrock Multi-Agent Applications Prompt Injection Risk [General Security News]
Critical ShareFile Flaws Lead to Unauthenticated RCE [Vulnerability Disclosures]
Apple Patches DarkSword for iOS 18 [Vulnerability Disclosures]
Nacogdoches Memorial Hospital Data Breach [Healthcare Breaches]
bqtlock Threatens Metro Hospital USA [Healthcare Breaches]
CVEs Referenced
CVE-2026-33634, CVE-2026-5281
Indicators of Compromise
Domains:
sfrclak[.]com., sfrclak[.]com
Hashes:
e10b1fa84f1d6481625f741b69892780140d4e0e7769e7491e5f4d894c2e0e09, fcb81618bb15edfdedfb638b4c08a2af9cac9ecfa551af135a8402bf980375cf, 617b67a8e1210e4fc87c92d1d1da45a2f311c08d26e89b12307cf583c900d101, 92ff08773995ebc8d55ec4b8e1a225d0d1e51efa4ef88b8849d0071230c9645a, ed8560c1ac7ceb6983ba995124d5917dc1a00288912387a6389296637d5f815c
IP Addresses:
142.11.206.73
Read the full brief
...more
18min
April 03, 20262026-04-03: Akira ransomware reaches encryption in under an hour
Show Notes - 2026-04-03
Stories Covered
Today:
CVE-2026-3502 TrueConf Client Code Download Without Integrity Check [Critical Alerts]
CVE-2025-55182 React2Shell Mass Credential Theft Campaign [Critical Alerts]
Axios Supply Chain Attack Deploys Cross-Platform RAT [Critical Alerts]
Akira Ransomware Achieves Encryption in Under One Hour [Ransomware & Extortion]
Qilin EDR Killer Disables 300+ Security Products [Ransomware & Extortion]
AI-Enabled BEC Fraud Reaches 54% Click-Through Rate [Ransomware & Extortion]
Insider Extortion Attempt Locks 254 Servers [Ransomware & Extortion]
NEXUS Listener Framework (CVE-2025-55182 Campaign) [IOCs & Detection]
Axios Supply Chain Attack (WAVESHAPER.V2 RAT) [IOCs & Detection]
Qilin Ransomware EDR Killer [IOCs & Detection]
vSphere BRICKSTORM Malware Targets Virtualization Layer [Business & Infrastructure Threats]
Cisco Source Code Theft via Malicious GitHub Action [Business & Infrastructure Threats]
Cookie-Controlled PHP Webshells in Linux Hosting [Business & Infrastructure Threats]
Mercor Hit by LiteLLM Supply Chain Attack [Business & Infrastructure Threats]
Hasbro Attack Remediation May Take Weeks [Business & Infrastructure Threats]
Microsoft Force-Upgrades Windows 11 24H2 to 25H2 [Windows / AD Security]
Identity-Based Attacks Dominate Threat Landscape [Windows / AD Security]
Azure Vulnerabilities Allow Privilege Escalation and Information Disclosure [Windows / AD Security]
US Bans All Foreign-Made Consumer Routers [General Security News]
Russia Tightening ISP Requirements to Force Small Providers Off Market [General Security News]
Newspaper Archive Service Disrupted by Cyberattack [General Security News]
Python and PostgreSQL Growth Reflects AI-Driven Development [General Security News]
CVE-2026-20093 and CVE-2026-20160 Cisco Critical Authentication Bypass and RCE [Vulnerability Disclosures]
CVE-2025-30208 Vite File System Access Bypass [Vulnerability Disclosures]
CVE-2025-10492 Hitachi Energy Ellipse Jasper Report RCE [Vulnerability Disclosures]
CVE-2026-27663 and CVE-2026-27664 Siemens SICAM 8 Denial of Service [Vulnerability Disclosures]
CVE-2025-7741 Yokogawa CENTUM VP Hardcoded Password [Vulnerability Disclosures]
CVE-2026-34073 Cryptography Library DNS Name Constraint Enforcement [Vulnerability Disclosures]
Chromium Vulnerabilities in Microsoft Edge [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-10492, CVE-2025-30208, CVE-2025-55182, CVE-2025-7741, CVE-2026-20093, CVE-2026-20160, CVE-2026-26135, CVE-2026-27663, CVE-2026-27664, CVE-2026-32173, CVE-2026-32213, CVE-2026-34073, CVE-2026-3502, CVE-2026-5276, CVE-2026-5277, CVE-2026-5279, CVE-2026-5283, CVE-2026-5289
Indicators of Compromise
Domains:
sfrclak[.]com, 206[.]73
Read the full brief
...more
24min
April 02, 20262026-04-02: Google patches the fourth Chrome zero-day of 2026 (CVE-2026-5281, CISA KEV deadline April 15)
Show Notes - 2026-04-02
Stories Covered
Today:
Chrome Zero-Day CVE-2026-5281 Under Active Exploitation [Critical Alerts]
F5 BIG-IP APM RCE Attacks Ongoing (CVE-2025-53521) [Critical Alerts]
Axios npm Supply Chain Attack Attributed to North Korean Sapphire Sleet [Critical Alerts]
TrueConf Zero-Day CVE-2026-3502 Exploited in Southeast Asia Government Attacks [Critical Alerts]
Apple iOS 18 DarkSword Exploit Kit Protection Expanded [Critical Alerts]
Qilin Ransomware Dominates Japan in 2025, Targets Healthcare and Manufacturing [Ransomware & Extortion]
TeamPCP Supply Chain Campaign: Mercor AI First Confirmed Victim, AWS Enumeration Documented [Business & Infrastructure Threats]
EvilTokens PhaaS Fuels Microsoft Device Code Phishing at Scale [Business & Infrastructure Threats]
CERT-UA Impersonation Campaign Distributes AGEWHEEZE RAT to 1 Million Emails [Business & Infrastructure Threats]
Classic Outlook Email Delivery Failures Linked to Permission Errors [Windows / AD Security]
CVE-2026-5281 Google Chrome Dawn Use-After-Free (High Severity) [Vulnerability Disclosures]
CVE-2025-53521 F5 BIG-IP APM Remote Code Execution (Critical Severity) [Vulnerability Disclosures]
CVE-2026-3502 TrueConf Zero-Day Update Mechanism Bypass (Medium Severity) [Vulnerability Disclosures]
CVE-2025-43529, CVE-2025-43520, CVE-2025-14174, CVE-2025-31277, CVE-2025-43510, CVE-2026-20700 iOS DarkSword Exploit Kit [Vulnerability Disclosures]
Microsoft Security Update Guide CVEs [Vulnerability Disclosures]
Casbaneiro Banking Trojan Targets Latin America and Europe via Dynamic PDF Lures [General Security News]
Malicious Script Removes Alternate Data Streams to Evade Detection [General Security News]
CrowdStrike Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management [General Security News]
CVEs Referenced
CVE-2025-14174, CVE-2025-31277, CVE-2025-43510, CVE-2025-43520, CVE-2025-43529, CVE-2025-53521, CVE-2026-20700, CVE-2026-2436, CVE-2026-2441, CVE-2026-33216, CVE-2026-3502, CVE-2026-3909, CVE-2026-3910, CVE-2026-4897, CVE-2026-5119, CVE-2026-5121, CVE-2026-5281
Indicators of Compromise
Domains:
sfrclak[.]com, cert-ua[.]tech, 237[.]92., ukr[.]net, cert-ua[.]tech.
Read the full brief
...more
19min
April 01, 20262026-04-01: TeamPCP's multi-stage supply chain attack on Trivy, LiteLLM
Show Notes - 2026-04-01
Stories Covered
Today:
TeamPCP Supply Chain Attack: Trivy, LiteLLM, KICS Compromised (CVE-2025-55182) [Critical Alerts]
Cisco Source Code Stolen via Trivy Supply Chain Attack [Critical Alerts]
Axios npm Package Compromised by North Korean Threat Actor UNC1069 [Critical Alerts]
Kerberos Relay Attack via DNS CNAME Abuse (CVE-2026-20929) [Critical Alerts]
TrueConf Zero-Day Exploited Against Southeast Asian Government Networks (CVE-2026-3502) [Critical Alerts]
Iranian Pseudo-Ransomware and Pay2Key Revival [Ransomware & Extortion]
Iranian Password Spraying Campaign Targets Middle Eastern Municipalities [Business & Infrastructure Threats]
UK Manufacturers Report 80% Cyberattack Rate [Business & Infrastructure Threats]
Google Drive Ransomware Detection Now Default for Paying Users [Business & Infrastructure Threats]
WhatsApp Malware Campaign Delivers VBScript and MSI Backdoors [Business & Infrastructure Threats]
Venom Stealer: Continuous Credential Harvesting [Business & Infrastructure Threats]
Stolen Logins Fuel Ransomware and Nation-State Attacks [Business & Infrastructure Threats]
Windows 11 Emergency Update Fixes Preview Update Install Issues (KB5086672) [Windows / AD Security]
Microsoft Outlook Classic Crashes Fixed (Teams Meeting Add-in) [Windows / AD Security]
Claude AI Finds RCE Bugs in Vim and Emacs [General Security News]
Microsoft CISO Advice: Applying Security Fundamentals to AI [General Security News]
Unified Exposure Management Becoming Boardroom Priority [General Security News]
Microsoft: Critical Infrastructure Threat Landscape Changed [General Security News]
Proton Launches Privacy-Focused Meet Conferencing Platform [General Security News]
Anritsu Remote Spectrum Monitor Authentication Bypass (CVE-2026-3356) [Vulnerability Disclosures]
PX4 Autopilot MAVLink Authentication Bypass (CVE-2026-1579) [Vulnerability Disclosures]
Microsoft Security Update Guide CVE Disclosures [Vulnerability Disclosures]
CVEs Referenced
CVE-2023-52676, CVE-2024-35839, CVE-2024-41013, CVE-2025-49010, CVE-2025-55182, CVE-2025-66037, CVE-2025-66038, CVE-2026-1579, CVE-2026-20929, CVE-2026-3356, CVE-2026-34043, CVE-2026-34714, CVE-2026-3502, CVE-2026-4176
Indicators of Compromise
IP Addresses:
142.11.206.73, 47.237.15.197
Read the full brief
...more
21min
March 31, 20262026-03-31: CISA orders federal agencies to patch actively exploited Citrix NetScaler CVE-2026-3055 by Thursday
Show Notes - 2026-03-31
Stories Covered
Today:
Citrix NetScaler CVE-2026-3055 Under Active Exploitation (CISA KEV) [Critical Alerts]
F5 BIG-IP CVE-2025-53521 Reclassified as RCE After Webshell Deployment [Critical Alerts]
TeamPCP Supply Chain Campaign Escalates to Dual Ransomware Operations [Ransomware & Extortion]
Talos 2025 Ransomware Trends: Qilin Tops List After LockBit Takedown [Ransomware & Extortion]
XP95 Group Hits South African Government, Spanish Healthcare Provider [Ransomware & Extortion]
China-Linked Red Menshen Deploys BPFDoor as Telecom Sleeper Cells [IOCs & Detection]
Axios npm Supply Chain Attack Delivers Cross-Platform RAT [Business & Infrastructure Threats]
Telnyx Targeted in Growing TeamPCP Supply Chain Attack [Business & Infrastructure Threats]
Palo Alto App-ID Bypass Allows Data Exfiltration [Business & Infrastructure Threats]
DeepLoad Malware Uses ClickFix, WMI Persistence, and Browser Credential Theft [Business & Infrastructure Threats]
GitGuardian: 29 Million Secrets Leaked in 2025, 64% from 2022 Still Valid [Business & Infrastructure Threats]
Microsoft Pulls Windows 11 KB5079391 Preview Update After Install Failures [Windows / AD Security]
OpenAI Patches ChatGPT DNS Data Exfiltration Flaw [General Security News]
FBI Director Kash Patel's Personal Email Hacked by Iran-Linked Handala [General Security News]
Australian Regulator Moves to Enforcement After Social Media Age Ban Failures [General Security News]
Multiple Microsoft Security Update Guide CVEs Published [Vulnerability Disclosures]
Estonian Hospital USB Drive Contains Other Patients' Health Data [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-53521, CVE-2026-0964, CVE-2026-0965, CVE-2026-0966, CVE-2026-0967, CVE-2026-3055, CVE-2026-33542, CVE-2026-33750, CVE-2026-33891, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33938, CVE-2026-33939, CVE-2026-33941, CVE-2026-4676
Read the full brief
...more
22min
March 30, 20262026-03-30: Fortinet FortiClient EMS is under active attack through CVE-2026-21643
Show Notes - 2026-03-30
Stories Covered
Today:
Fortinet FortiClient EMS SQL Injection Under Active Exploitation (CVE-2026-21643) [Critical Alerts]
F5 BIG-IP Flaw Upgraded to Critical RCE, Now Exploited in Wild [Critical Alerts]
Citrix NetScaler Vulnerability Under Exploitation [Critical Alerts]
ShinyHunters Claims European Commission Breach [Ransomware & Extortion]
Jackson County Sheriff's Department Hit by Ransomware [Ransomware & Extortion]
CareCloud EHR Breach [Ransomware & Extortion]
Apple Adds ClickFix Warning to macOS Terminal [Business & Infrastructure Threats]
Iranian Hackers Breach FBI Director's Personal Email (CVE Not Applicable) [Business & Infrastructure Threats]
Tax-Themed Phishing Campaigns Deliver RMM Tools [Business & Infrastructure Threats]
BreachForums v5 Hacked Days After Revival [Business & Infrastructure Threats]
Microsoft Pulls KB5079391 Windows Update Over Install Issues [Windows / AD Security]
White House Mobile App Contains Multiple Critical Security Flaws [General Security News]
FCC Foreign Router Ban Criticized as Industrial Policy [General Security News]
AI-Assisted Malware Development Reaches Operational Maturity [General Security News]
China-Linked Clusters Target Southeast Asian Government [General Security News]
Smart Slider 3 WordPress Plugin File Read Vulnerability (CVE-2026-3098) [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-21643, CVE-2026-3098
Indicators of Compromise
IP Addresses:
3.5.1.34
Read the full brief
...more
15min
March 29, 20262026-03-29: Citrix NetScaler CVE-2026-3055 seeing active reconnaissance with CVSS 9.3 memory overread requiring
Show Notes - 2026-03-29
Stories Covered
Today:
Citrix NetScaler CVE-2026-3055 (CVSS 9.3) Under Active Reconnaissance [Critical Alerts]
TeamPCP Supply Chain Campaign Pauses After 48 Hours Without New Compromise [Critical Alerts]
Iran-Linked Handala Breaches FBI Director Email, Wipes Stryker in First Fortune 500 Destructive Attack [Critical Alerts]
Woodfords Family Services Notifying Patients of 2024 Ransomware Attack [Ransomware & Extortion]
Infinite Campus Data Breach Exposed Limited Non-Directory Student Information [Ransomware & Extortion]
Corewell Health Vendor Breach Affects 19,000 Patients [Ransomware & Extortion]
New Infinity Stealer Targets macOS via ClickFix Technique [Business & Infrastructure Threats]
Anthropic Claude Mythos Model Leaked via Public Data Lake [General Security News]
CVE-2026-32241 - Flannel Remote Code Execution via BackendData Injection [Vulnerability Disclosures]
CVE-2026-3104 - BIND Memory Leak in DNSSEC Proof Preparation [Vulnerability Disclosures]
CVE-2026-3591 - BIND Stack Use-After-Return in SIG(0) Handling [Vulnerability Disclosures]
CVE-2026-33636 - LIBPNG Out-of-Bounds Read on AArch64 [Vulnerability Disclosures]
CVE-2026-23399 - nf_tables Memory Leak in Error Path [Vulnerability Disclosures]
CVE-2025-67030 - Microsoft Security Update [Vulnerability Disclosures]
CVE-2026-1519 - BIND NSEC3 CPU Load DoS [Vulnerability Disclosures]
CVE-2026-33936 - python-ecdsa Denial of Service [Vulnerability Disclosures]
CVE-2026-3119 - BIND TKEY Record DoS [Vulnerability Disclosures]
CVE-2026-33416 - LIBPNG Use-After-Free [Vulnerability Disclosures]
CVE-2026-25645 - Python Requests Insecure Temp File Reuse [Vulnerability Disclosures]
CVE-2026-33671 - Picomatch ReDoS via Extglob Quantifiers [Vulnerability Disclosures]
CVE-2026-33672 - Picomatch Method Injection in POSIX Character Classes [Vulnerability Disclosures]
CVE-2026-4833 - Orc Discount Markdown Recursion Vulnerability [Vulnerability Disclosures]
CVEs Referenced
CVE-2023-4966, CVE-2025-5777, CVE-2025-6543, CVE-2025-67030, CVE-2025-7775, CVE-2026-1519, CVE-2026-23399, CVE-2026-25645, CVE-2026-3055, CVE-2026-3104, CVE-2026-3119, CVE-2026-32241, CVE-2026-33416, CVE-2026-33634, CVE-2026-33636, CVE-2026-33671, CVE-2026-33672, CVE-2026-33936, CVE-2026-3591, CVE-2026-4833
Indicators of Compromise
Domains:
update-check[.]com, update-check[.]com.
Read the full brief
...more
17min
March 28, 20262026-03-28: F5 BIG-IP vulnerability CVE-2025-53521 added to CISA KEV after active exploitation
Show Notes - 2026-03-28
Stories Covered
March 28, 2026
Today:
F5 BIG-IP APM Remote Code Execution (CVE-2025-53521) [Critical Alerts]
TeamPCP Supply Chain Attack Escalates: Telnyx PyPI Compromise, Vect Ransomware Partnership, and AstraZeneca Breach Claim [Ransomware & Extortion]
Jackson County Sheriff's Office Crippled by Ransomware Attack [Ransomware & Extortion]
Bearlyfy Pro-Ukrainian Group Evolves with GenieLocker Ransomware [Ransomware & Extortion]
TeamPCP Wiper Campaign Targets Iran [Ransomware & Extortion]
Russian Ransomware Operators Sentenced, RedLine Admin Extradited [Ransomware & Extortion]
LeakBase Administrator "Chucky" Detained in Russia [Ransomware & Extortion]
TeamPCP Telnyx Compromise Indicators [IOCs & Detection]
F5 BIG-IP CVE-2025-53521 Exploitation Indicators [IOCs & Detection]
Fake VS Code Security Alerts on GitHub Spread Malware to Developers [Business & Infrastructure Threats]
Open VSX Pre-Publish Scanning Bypass (Open Sesame) [Business & Infrastructure Threats]
European Commission Investigating Breach After Amazon Cloud Account Hack [Business & Infrastructure Threats]
Microsoft Defender High-Value Asset Protection [Windows / AD Security]
Microsoft Removes Trust for Non-WHCP Kernel Drivers [Windows / AD Security]
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign [General Security News]
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits [General Security News]
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion [General Security News]
FAUX#ELEVATE Malware Targets French-Speaking Professionals via Phishing Résumés [General Security News]
etcd Authorization Bypass Vulnerabilities [Vulnerability Disclosures]
Microsoft Edge Chromium-Based Vulnerabilities [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-53521, CVE-2026-32187, CVE-2026-33343, CVE-2026-33413, CVE-2026-4673, CVE-2026-4677, CVE-2026-4680
Indicators of Compromise
Domains:
drnatashachinn[.]com, escofiringbijou[.]com, careerscrews[.]com, careerstaffer[.]com, careersworkflow[.]com, mail[.]ru.
IP Addresses:
17.5.1.3, 16.1.6.1, 15.1.10.8, 83.142.209.203
Read the full brief
...more
20min
March 27, 20262026-03-27: CISA adds actively exploited Langflow and Trivy vulnerabilities to KEV catalog with April deadlines
Show Notes - 2026-03-27
Stories Covered
Today: [March 27, 2026]
Langflow AI Framework Actively Exploited (CVE-2026-33017) [Critical Alerts]
Trivy Supply Chain Compromise (CVE-2026-33634) [Critical Alerts]
TeamPCP Supply Chain Campaign Update: All 91 Checkmarx GitHub Action Tags Compromised [Critical Alerts]
PTC Windchill Critical RCE Vulnerability (CVE-2026-4681) [Vulnerability Disclosures]
Coruna iOS Exploit Framework Linked to Operation Triangulation [Vulnerability Disclosures]
WAGO Industrial Switches CLI Escape Vulnerability (CVE-2026-3587) [Vulnerability Disclosures]
OpenCode Systems SMS Gateway Access Control Flaw (CVE-2025-70614) [Vulnerability Disclosures]
Cisco IOS Software Multiple Vulnerabilities [Vulnerability Disclosures]
Windows 11 KB5079391 Smart App Control Improvements [Windows / AD Security]
TikTok for Business Phishing Campaign [Business & Infrastructure Threats]
Dutch National Police Phishing Attack [Business & Infrastructure Threats]
Ajax Football Club System Breach [Business & Infrastructure Threats]
UK Sanctions Xinbi Marketplace and Scam Centers [Ransomware & Extortion]
Russia Arrests Suspected LeakBase Forum Owner [Ransomware & Extortion]
RedLine Infostealer Admin Extradited to US [Ransomware & Extortion]
Linux Kernel AI Bug Reports Shift from Junk to Legitimate Overnight [General Security News]
Unit 42 Uncovers Converging China-Aligned Espionage Campaigns [General Security News]
CVEs Referenced
CVE-2023-32434, CVE-2023-38606, CVE-2025-3248, CVE-2025-70614, CVE-2026-33017, CVE-2026-33634, CVE-2026-3587, CVE-2026-4681
Indicators of Compromise
Domains:
careerscrews[.]com, careersstaffgrid[.]com., careerstaffer[.]com, careersworkflow[.]com, careerstransform[.]com, careersupskill[.]com, careerssuccess[.]com, careersstaffgrid[.]com, careersprogress[.]com, careersgrower[.]com, careersengage[.]com
IP Addresses:
13.1.3.0, 13.0.3.0
Read the full brief
...more
17min
March 26, 20262026-03-26: Citrix warns of a critical NetScaler vulnerability similar to CitrixBleed with 30,000+ instances
Show Notes - 2026-03-26
Stories Covered
Today:
Citrix NetScaler Memory Overread (CVE-2026-3055) [Critical Alerts]
Langflow Code Injection (CVE-2026-33017) [Critical Alerts]
Russian TA551 Botnet Operator Sentenced [Ransomware & Extortion]
Blackbaud Breach Subrogation Case Reversal [Ransomware & Extortion]
TeamPCP Supply Chain Attack Hits Trivy, Checkmarx, and LiteLLM [Business & Infrastructure Threats]
AI Context Hub Documentation Poisoning Vulnerability [Business & Infrastructure Threats]
Device Code Phishing Campaign Hits 340+ Microsoft 365 Organizations [Business & Infrastructure Threats]
Coruna Framework Linked to Operation Triangulation [Business & Infrastructure Threats]
Git for Windows NTLM Hash Leak (CVE-2025-66413) [Windows / AD Security]
Microsoft Identity Security Architecture Shift [Windows / AD Security]
Underground Market for Premium AI Account Access [General Security News]
Linux Kernel CVEs (MSRC) [Vulnerability Disclosures]
Citrix NetScaler CVE-2026-4368 [Vulnerability Disclosures]
CVEs Referenced
CVE-2023-32434, CVE-2023-38606, CVE-2023-4966, CVE-2025-66413, CVE-2025-68357, CVE-2026-2297, CVE-2026-23298, CVE-2026-23303, CVE-2026-23306, CVE-2026-23307, CVE-2026-23313, CVE-2026-23319, CVE-2026-23325, CVE-2026-23340, CVE-2026-23348, CVE-2026-23351, CVE-2026-23352, CVE-2026-23359, CVE-2026-23364, CVE-2026-23370, CVE-2026-23371, CVE-2026-23377, CVE-2026-23378, CVE-2026-23382, CVE-2026-23383, CVE-2026-23391, CVE-2026-29111, CVE-2026-3055, CVE-2026-33017, CVE-2026-4368
Indicators of Compromise
IP Addresses:
162.220.234.41, 162.220.234.66, 162.220.232.57
Read the full brief
...more
18min

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.