Cyber Threat Brief

By Carolina Clear Tech, LLC

Your daily cybersecurity briefing. Vulnerabilities, ransomware, threat actors, and patches that matter, explained for IT professionals and business leaders protecting small and mid-sized organizations... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.

Cyber Threat Brief episodes:

March 15, 20262026-03-15: Microsoft released an out-of-band hotpatch fixing three RCE vulnerabilities in Windows 11 RRAS
Show Notes - 2026-03-15
Stories Covered
Today:
Microsoft Windows 11 RRAS Remote Code Execution (CVE-2026-26111, CVE-2026-25173, CVE-2026-25172) [Critical Alerts]
Critical HPE AOS-CX Authentication Bypass [Critical Alerts]
AppsFlyer Web SDK Supply-Chain Attack (March 9-11) [Business & Infrastructure Threats]
GlassWorm Supply-Chain Campaign Targets Developers (72+ Malicious VS Code Extensions) [Business & Infrastructure Threats]
OpenClaw AI Agent Security Risks (Prompt Injection, Data Exfiltration) [Business & Infrastructure Threats]
Loblaw Data Breach Exposes Customer Information [General Security News]
Microsoft Windows 11 RRAS Remote Code Execution [Vulnerability Disclosures]
HPE AOS-CX Unauthenticated Admin Password Reset [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-25172, CVE-2026-25173, CVE-2026-26111
Read the full brief
...more
13min
March 14, 20262026-03-14: Threat actors are mass-distributing fake VPN clients via SEO poisoning to steal credentials
Show Notes - 2026-03-14
Stories Covered
Today:
Google Chrome Vulnerabilities Added to CISA KEV (CVE-2026-3909, CVE-2026-3910) [Critical Alerts]
Microsoft Patch Tuesday (79 Vulnerabilities, 2 Zero-Days) [Critical Alerts]
FortiGate Next-Gen Firewalls Exploited for Network Access [Critical Alerts]
Storm-2561 Campaign: Fake VPN Clients Steal Credentials [Business & Infrastructure Threats]
New ClickFix Variant Uses WebDAV Mapping [Business & Infrastructure Threats]
INTERPOL Operation Synergia III: 45,000 Malicious IPs Sinkholed [Business & Infrastructure Threats]
SmartApeSG Campaign Pushes Remcos RAT via ClickFix [Business & Infrastructure Threats]
FBI Investigation: Malicious Steam Games Spread Cryptodrainas and Infostealers [Business & Infrastructure Threats]
Windows 11 February 2026 Updates Cause C:\ Drive Access Denial on Samsung PCs [Windows / AD Security]
BlackCat Insider Charged: Former DigitalMint Employee Conspired with Ransomware Group [Windows / AD Security]
SocksEscort Cybercrime Proxy Network Dismantled [Windows / AD Security]
Classic Outlook Bugs: Sync Issues, Connection Errors, Disappearing Mouse Pointer [General Security News]
Poland's Nuclear Research Centre Targeted by Cyberattack [General Security News]
Meta to Discontinue Instagram End-to-End Encryption After May 2026 [General Security News]
GitHub Removes Premium Models from Free Copilot Student Plan [General Security News]
CVE-2026-27171 (zlib CPU Consumption) [Vulnerability Disclosures]
CVE-2026-31802 (node-tar Symlink Path Traversal) [Vulnerability Disclosures]
CVE-2026-3381 (Perl Compress::Raw::Zlib) [Vulnerability Disclosures]
CVE-2026-0385 (Microsoft Edge for Android Spoofing) [Vulnerability Disclosures]
Multiple Chromium Vulnerabilities (Microsoft Edge) [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-59718, CVE-2025-59719, CVE-2026-0385, CVE-2026-21262, CVE-2026-24858, CVE-2026-26127, CVE-2026-26144, CVE-2026-27171, CVE-2026-31802, CVE-2026-3381, CVE-2026-3909, CVE-2026-3910, CVE-2026-3926, CVE-2026-3929, CVE-2026-3930, CVE-2026-3931, CVE-2026-3939, CVE-2026-3941, CVE-2026-3942
Indicators of Compromise
Domains:
170[.]255, 170[.]155, 170[.]155.
Read the full brief
...more
23min
March 13, 20262026-03-13: Google patches two Chrome zero-days actively exploited in the wild
Show Notes - 2026-03-13
Stories Covered
March 13, 2026
Today:
Google Chrome Zero-Days (CVE-2026-3909, CVE-2026-3910) [Critical Alerts]
CISA KEV: n8n Workflow Platform (CVE-2025-68613) [Critical Alerts]
Fortinet Vulnerabilities in Siemens RUGGEDCOM (CVE-2026-24858) [Critical Alerts]
AI-Generated Slopoly Malware in Interlock Attacks [Ransomware & Extortion]
England Hockey Data Breach (AiLock Ransomware) [Ransomware & Extortion]
US Charges Third DigitalMint Ransomware Negotiator [Ransomware & Extortion]
Telus Digital Breach (ShinyHunters, 1 Petabyte Claimed) [Ransomware & Extortion]
Veeam Backup & Replication Critical RCE Flaws (7 CVEs) [Business & Infrastructure Threats]
SocksEscort Residential Proxy Botnet Takedown [Business & Infrastructure Threats]
Iranian Wiper Attacks Targeting Intune (Handala Hack) [Business & Infrastructure Threats]
SEO Poisoning Distributes Fake VPN Clients (Storm-2561) [Business & Infrastructure Threats]
SMB Use-After-Free Vulnerability (CVE-2026-3805) [Windows / AD Security]
Microsoft Defender Email Security Benchmarking [Windows / AD Security]
Phishing Campaigns Weaponize SOC Workload (IDoS) [General Security News]
React-Based Phishing via EmailJS [General Security News]
OAuth Consent Abuse and Signal/WhatsApp Account Takeovers [General Security News]
Trane HVAC Controllers (CVE-2026-28252, CVE-2026-28253, CVE-2026-28254, CVE-2026-28255, CVE-2026-28256) [Vulnerability Disclosures]
Inductive Automation Ignition (CVE-2025-13913) [Vulnerability Disclosures]
Siemens Heliox EV Chargers (CVE-2025-27769) [Vulnerability Disclosures]
Siemens SIMATIC S7-1500 (CVE-2025-40943) [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-13913, CVE-2025-27769, CVE-2025-40943, CVE-2025-55018, CVE-2025-62439, CVE-2025-62522, CVE-2025-64157, CVE-2025-68613, CVE-2026-21666, CVE-2026-21667, CVE-2026-21669, CVE-2026-21708, CVE-2026-21858, CVE-2026-2441, CVE-2026-24858, CVE-2026-25049, CVE-2026-28252, CVE-2026-28253, CVE-2026-28254, CVE-2026-28255, CVE-2026-28256, CVE-2026-3805, CVE-2026-3909, CVE-2026-3910
Indicators of Compromise
Domains:
vpn-fortinet[.]com, ivanti-vpn[.]org.
Read the full brief
...more
29min
March 12, 20262026-03-12: CISA adds actively exploited n8n RCE flaw to KEV catalog with 24,700+ instances still exposed online
Show Notes - 2026-03-12
Stories Covered
Today:
CISA Adds n8n RCE Vulnerability to KEV Catalog (CVE-2025-68613) [Critical Alerts]
Additional n8n Critical Vulnerabilities Allow Credential Theft [Critical Alerts]
INC Ransomware Targets Healthcare in Oceania [Ransomware & Extortion]
Handala Claims Destructive Attack on Medical Device Maker Stryker [Ransomware & Extortion]
52% of U.S. School Districts Hit by Cybersecurity Incidents in 2025 [Ransomware & Extortion]
Contagious Interview Campaign Targets Developers with Malware [Business & Infrastructure Threats]
PhantomRaven NPM Supply Chain Campaign Resurges with 88 Malicious Packages [Business & Infrastructure Threats]
Polyfill Supply Chain Attack Linked to North Korea [Business & Infrastructure Threats]
CVE-2026-23240: TLS Race Condition in Windows [Windows / AD Security]
Multiple Microsoft CVE Disclosures (CVE-2026-25679, CVE-2026-23868, CVE-2026-3783, CVE-2026-23239, CVE-2026-1965, CVE-2026-3784) [Windows / AD Security]
FBI Epstein Files Compromised by Foreign Hacker in 2023 [General Security News]
Atlassian Lays Off 10% of Workforce, Cites AI Skill Mix Changes [General Security News]
Microsoft Adds Xbox Mode to Windows 11 [General Security News]
UK Launches Online Crime Centre to Combat Fraud [General Security News]
SQL Injection in Elementor Ally WordPress Plugin [Vulnerability Disclosures]
Chromium CVE-2026-3537: Object Lifecycle Issue in PowerVR [Vulnerability Disclosures]
Six Android Malware Families Target Pix Payments and Banking Apps [Vulnerability Disclosures]
AI Browser Phishing: Perplexity's Comet Tricked in Under Four Minutes [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-68613, CVE-2026-1965, CVE-2026-23239, CVE-2026-23240, CVE-2026-23868, CVE-2026-25679, CVE-2026-27493, CVE-2026-27495, CVE-2026-27497, CVE-2026-27577, CVE-2026-3537, CVE-2026-3783, CVE-2026-3784
Read the full brief
...more
23min
March 11, 20262026-03-11: Microsoft patches 79 flaws including Excel bug that weaponizes Copilot for zero-click data theft
Show Notes - 2026-03-11
Stories Covered
Today:
CISA: Ivanti EPM Authentication Bypass (CVE-2026-1603) Actively Exploited [Critical Alerts]
Microsoft Excel Zero-Click Copilot Data Exfiltration (CVE-2026-26144) [Critical Alerts]
HPE Aruba AOS-CX Critical Authentication Bypass (CVE-2026-23813) [Critical Alerts]
Microsoft March 2026 Patch Tuesday: 79 Vulnerabilities, No Active Exploits [Windows / AD Security]
Microsoft Office Preview Pane RCE Vulnerabilities (CVE-2026-26110, CVE-2026-26113) [Windows / AD Security]
Windows Autopatch Enables Hotpatching by Default in May 2026 [Windows / AD Security]
Azure AD SSH Login Extension Privilege Escalation (CVE-2026-26148) [Windows / AD Security]
Windows Kerberos Security Feature Bypass (CVE-2026-24297) [Windows / AD Security]
SharePoint Server Spoofing Vulnerability (CVE-2026-26105) [Windows / AD Security]
Windows Print Spooler RCE (CVE-2026-23669) [Windows / AD Security]
Windows System Image Manager ADK RCE (CVE-2026-25166) [Windows / AD Security]
Windows RRAS RCE (CVE-2026-25172) [Windows / AD Security]
BlackSanta EDR Killer Targets HR Departments with Fake Resumes [Ransomware & Extortion]
Zombie ZIP Technique Evades 50 of 51 Antivirus Engines [Business & Infrastructure Threats]
SAP Critical Code Injection and Deserialization Flaws [Business & Infrastructure Threats]
Adobe Patches 80 Vulnerabilities Across Product Portfolio [Business & Infrastructure Threats]
ICS Vendors Release March Patch Tuesday Updates [Business & Infrastructure Threats]
Microsoft Semantic Kernel Python SDK RCE (CVE-2026-26030) [Business & Infrastructure Threats]
Iran-Linked Threat Actors Use Cybercrime Malware for Espionage and Obfuscation [General Security News]
Proofpoint: Iran Conflict Drives Espionage Activity Targeting Middle East [General Security News]
Microsoft March 2026 Patch Tuesday Highlights [Vulnerability Disclosures]
Dozens of Vendors Release March 2026 Security Updates [Vulnerability Disclosures]
CVEs Referenced
CVE-2004-0935, CVE-2019-17571, CVE-2024-13159, CVE-2024-13160, CVE-2024-13161, CVE-2024-29824, CVE-2026-0866, CVE-2026-1603, CVE-2026-21262, CVE-2026-23668, CVE-2026-23669, CVE-2026-23813, CVE-2026-24289, CVE-2026-24291, CVE-2026-24294, CVE-2026-24297, CVE-2026-25166, CVE-2026-25172, CVE-2026-25187, CVE-2026-26030, CVE-2026-26105, CVE-2026-26106, CVE-2026-26110, CVE-2026-26113, CVE-2026-26114, CVE-2026-26118, CVE-2026-26127, CVE-2026-26128, CVE-2026-26132, CVE-2026-26144, CVE-2026-26148, CVE-2026-27685, CVE-2026-3611
Read the full brief
...more
37min
March 10, 20262026-03-10: CISA adds three actively exploited vulnerabilities (SolarWinds, Ivanti, VMware)
Show Notes - 2026-03-10
Stories Covered
Today:
CISA Adds SolarWinds Web Help Desk, Ivanti EPM, and VMware Workspace One to KEV Catalog [Critical Alerts]
Qualcomm Zero-Day Under Active Exploitation (CVE-2026-21385) [Critical Alerts]
AkzoNobel Paint Manufacturer Hit by Anubis Ransomware [Ransomware & Extortion]
LexisNexis Breach Exposes 3.9 Million Records [Ransomware & Extortion]
EV Charger Company ELECQ Hit by Ransomware [Ransomware & Extortion]
BlackBasta Evolution: A0Backdoor Malware Campaign [Ransomware & Extortion]
ShinyHunters Claims Mass Salesforce Experience Cloud Data Theft [Business & Infrastructure Threats]
Google: Cloud Attacks Exploit Flaws More Than Weak Credentials [Business & Infrastructure Threats]
Ericsson US Discloses Data Breach After Service Provider Hack [Business & Infrastructure Threats]
TriZetto Provider Solutions Healthcare Breach Affects 3.4 Million [Business & Infrastructure Threats]
Malicious npm Package Posing as OpenClaw Installer [Business & Infrastructure Threats]
FBI Warns of Phishing Attacks Impersonating US City Officials [Business & Infrastructure Threats]
Microsoft Agent 365 Launches Control Plane for AI Agents [Windows / AD Security]
Microsoft Teams Will Tag Third-Party Bots in Lobbies [Windows / AD Security]
Russian State Hackers Hijack Signal and WhatsApp Accounts [General Security News]
Anthropic Finds 22 Vulnerabilities in Firefox Using Claude Opus [General Security News]
Wikipedia Hit by Self-Propagating JavaScript Worm [General Security News]
AI-Themed Browser Extensions Harvest LLM Chat Histories [General Security News]
Pakistan APT36 Uses AI Coding Tools to Generate Malware [General Security News]
VMware Aria Operations Command Injection (CVE-2026-22719) [Vulnerability Disclosures]
WordPress User Registration Plugin RCE (CVE-2026-1492) [Vulnerability Disclosures]
Google Chrome Gemini AI Panel Vulnerability (CVE-2026-0628) [Vulnerability Disclosures]
CVEs Referenced
CVE-2021-22054, CVE-2025-24893, CVE-2025-26399, CVE-2025-55182, CVE-2026-0628, CVE-2026-1492, CVE-2026-1603, CVE-2026-21385, CVE-2026-22719
Indicators of Compromise
Domains:
trackpipe[.]dev
Read the full brief
...more
23min
March 09, 20262026-03-09: FBI wiretapping systems breached in suspected China-linked intrusion
Show Notes - 2026-03-09
Stories Covered
Today:
Cisco Catalyst SD-WAN Vulnerability Under Widespread Exploitation (CVE-2026-20127) [Critical Alerts]
FBI Investigating Breach of Wiretapping Systems [Business & Infrastructure Threats]
Chrome Extensions Turn Malicious After Ownership Transfer [Business & Infrastructure Threats]
Chinese Threat Actor Targets Asian Critical Infrastructure (CL-UNK-1068) [Business & Infrastructure Threats]
AI Assistants Expose Organizations to New Insider Threats (OpenClaw) [Business & Infrastructure Threats]
Europol Dismantles Tycoon2FA Phishing Platform and LeakBase [Ransomware & Extortion]
White House Executive Order Prioritizes Cybercrime and Signals Hack-Back Operations [Ransomware & Extortion]
Russian Campaign Targets Signal and WhatsApp Accounts [General Security News]
Threat Actors Abuse .arpa DNS and IPv6 for Phishing [General Security News]
ClickFix Attacks Evolve to Use Windows Terminal [General Security News]
AI-Powered Vulnerability Discovery Finds Decades-Old Bugs [General Security News]
New Wi-Fi Attack Enables Full Machine-in-the-Middle (AirSnitch) [General Security News]
EU Court Adviser: Banks Must Immediately Refund Phishing Victims [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-20127
Read the full brief
...more
20min
March 08, 20262026-03-08: Velvet Tempest is linking ClickFix social engineering to Termite ransomware deployments through
Show Notes - 2026-03-08
Stories Covered
Today:
Termite Ransomware Linked to ClickFix CastleRAT Campaigns [Ransomware & Extortion]
Microsoft: AI Being Weaponized Across Entire Attack Chain [General Security News]
US Cyber Strategy Targets Adversaries and Emerging Technologies [General Security News]
OpenAI Codex Security Uncovers 10,561 High-Severity Issues Across Open-Source Projects [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-32988, CVE-2025-32989, CVE-2025-35430, CVE-2025-35431, CVE-2025-35432, CVE-2025-35433, CVE-2025-35434, CVE-2025-35435, CVE-2025-35436, CVE-2025-64175, CVE-2026-24881, CVE-2026-24882, CVE-2026-25242
Read the full brief
...more
10min
March 07, 20262026-03-07: Cisco confirms active exploitation of two more SD-WAN flaws while federal agencies face a March 26
Show Notes - 2026-03-07
Stories Covered
Today:
Cisco SD-WAN Vulnerabilities Under Active Attack (CVE-2026-20122, CVE-2026-20128) [Critical Alerts]
iOS Exploits Used in Coruna Surveillance and Crypto-Theft Campaign [Critical Alerts]
Global Law Enforcement Disrupts Tycoon2FA, LeakBase, and Phobos [Ransomware & Extortion]
InstallFix Social Engineering Delivers Amatera Stealer via Fake Claude Code Install Guides [Business & Infrastructure Threats]
Multi-Stage VOID#GEIST Malware Campaign Delivers XWorm, AsyncRAT, and Xeno RAT [Business & Infrastructure Threats]
Transparent Tribe Uses AI-Generated Malware to Target India [Business & Infrastructure Threats]
Cognizant TriZetto Breach Exposes 3.4 Million Patient Records [Business & Infrastructure Threats]
North Korean IT Workers Scale AI-Powered Identity Fraud [Business & Infrastructure Threats]
Hamas-Linked Spyware Disguised as Emergency Alert App Targets Israeli Smartphones [Business & Infrastructure Threats]
Iran and Ukraine Weaponize Hacked Security Cameras for Military Targeting [Business & Infrastructure Threats]
FBI Investigating Suspicious Activity on System Holding Surveillance Information [Business & Infrastructure Threats]
CVE-2025-68146: Filelock TOCTOU Race Condition Allows Symlink Attacks [Windows / AD Security]
Anthropic AI Discovers 22 Firefox Vulnerabilities [General Security News]
Microsoft 365 Backup Adds File-Level Restore [General Security News]
Anthropic Sues US Government After National Security Designation [General Security News]
Trump Administration Releases Cybersecurity Strategy [General Security News]
Firefox 148 Security Updates (22 CVEs) [Vulnerability Disclosures]
YARA-X 1.14.0 Release [Vulnerability Disclosures]
CVEs Referenced
CVE-2022-20775, CVE-2025-68146, CVE-2026-20122, CVE-2026-20127, CVE-2026-20128, CVE-2026-2796
Read the full brief
...more
26min
March 06, 20262026-03-06: CISA adds five actively exploited vulnerabilities to the KEV catalog with a March 26 remediation
Show Notes - 2026-03-06
Stories Covered
Today:
CISA Adds Five Known Exploited Vulnerabilities to Catalog [Critical Alerts]
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities [Critical Alerts]
Cisco Secure Firewall Management Center - Two Max-Severity Vulnerabilities [Critical Alerts]
Phobos ransomware leader pleads guilty, faces up to 20 years in prison [Ransomware & Extortion]
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor [Business & Infrastructure Threats]
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal [Business & Infrastructure Threats]
CL-UNK-1068: Years of Undetected Operations Targeting High-Value Sectors [Business & Infrastructure Threats]
Son of government contractor arrested after alleged $46M crypto heist from US Marshals [Business & Infrastructure Threats]
Ghanaian man pleads guilty to role in $100 million fraud ring [Business & Infrastructure Threats]
Google says 90 zero-days were exploited in attacks last year [General Security News]
2026 Browser Data Reveals Major Enterprise Security Blind Spots [General Security News]
Where Multi-Factor Authentication Stops and Credential Abuse Starts [General Security News]
Microsoft kicks new Outlook opt-out deadline down the road to 2027 [General Security News]
Microsoft finally fixes Windows 10 Recovery Environment after breaking it in October [General Security News]
Chrome Moves to Two-Week Release Cycle [General Security News]
Phishing Campaign Deploys Multiple Malware Strains [General Security News]
Fake RMM Service Spreads RAT via Phishing [General Security News]
Delta Electronics CNCSoft-G2 (CVE-2026-3094) [Vulnerability Disclosures]
Microsoft CVE Disclosures [Vulnerability Disclosures]
CVEs Referenced
CVE-2017-7921, CVE-2021-22681, CVE-2021-30952, CVE-2021-33044, CVE-2021-36260, CVE-2023-41974, CVE-2023-43000, CVE-2023-6895, CVE-2024-53219, CVE-2025-34067, CVE-2025-68121, CVE-2026-20079, CVE-2026-20122, CVE-2026-20127, CVE-2026-20128, CVE-2026-20131, CVE-2026-21536, CVE-2026-23651, CVE-2026-24821, CVE-2026-26125, CVE-2026-27141, CVE-2026-3094
Indicators of Compromise
IP Addresses:
20.9.8.2, 20.12.5.3, 20.15.4.2, 20.18.2.1, 2.1.0.39
Read the full brief
...more
28min

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.