Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208)

https://isc.sans.edu/diary/Attempts%20to%20Exploit%20Exposed%20%22Vite%22%20Installs%20%28CVE-2025-30208%29/32860

OpenSSH 10.3 Release

https://seclists.org/oss-sec/2026/q2/7

Claude Code Vulnerability

https://adversa.ai/claude-code-security-bypass-deny-rules-disabled/

Malicious Script That Gets Rid of ADS

https://isc.sans.edu/diary/Malicious%20Script%20That%20Gets%20Rid%20of%20ADS/32854

Google Chrome Update fixes 21 Vulnerabilities and 0-Day

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html

Apple Addresses Darksword Vulnerabilities for older devices

https://support.apple.com/en-us/126793

Application Control Bypass for Data Exfiltration

https://isc.sans.edu/diary/Application%20Control%20Bypass%20for%20Data%20Exfiltration/32850

Axios NPM Module Supply Chain Compromise

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

https://www.linkedin.com/events/7444763050819092480/

TeamPCP vs. Cloud Resources

https://www.wiz.io/blog/tracking-teampcp-investigating-post-compromise-attacks-seen-in-the-wild

Honeypot Session Lifetime

https://isc.sans.edu/diary/DShield%20%28Cowrie%29%20Honeypot%20Stats%20and%20When%20Sessions%20Disconnect/32840

Let s Encrypt Tests Mass Revocation

https://community.letsencrypt.org/t/lets-encrypt-2026-mass-revocation-simulation/245960

https://www.certkit.io/blog/ari-solves-mass-certificate-revocation

https://www.certkit.io/blog/lets-encrypt-mass-revocation-simulation

F5 Vulnerability Re-Classified (and already exploited) as RCE

https://my.f5.com/manage/s/article/K000156741

TeamPCP Update #2: Telnyx PyPi Compromise

https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20002%20-%20Telnyx%20PyPI%20Compromise%2C%20Vect%20Ransomware%20Mass%20Affiliate%20Program%2C%20and%20First%20Named%20Victim%20Claim/32838

Citrix Netscaler Vulnerability Details

https://labs.watchtowr.com/the-sequels-are-never-as-good-but-were-still-in-pain-citrix-netscaler-cve-2026-3055-memory-overread/

macOS Clickfix Warning

https://x.com/ClassicII_MrMac/status/2036797948911141129

Windows Smart Install

https://textslashplain.com/2026/03/24/windows-choose-where-to-get-apps/

TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available

https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20001%20-%20Checkmarx%20Scope%20Wider%20Than%20Reported%2C%20CISA%20KEV%20Entry%2C%20and%20Detection%20Tools%20Available/32834

DarkSword and This Weeks iOS Updates

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

LangFlow Exploited

https://www.cisa.gov/news-events/alerts/2026/03/25/cisa-adds-one-known-exploited-vulnerability-catalog

Apple Patches (almost) everything again. March 2026 edition.

https://isc.sans.edu/diary/Apple%20Patches%20%28almost%29%20everything%20again.%20March%202026%20edition./32830

SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2)

https://isc.sans.edu/diary/SmartApeSG%20campaign%20pushes%20Remcos%20RAT%2C%20NetSupport%20RAT%2C%20StealC%2C%20and%20Sectop%20RAT%20%28ArechClient2%29/32826

Trivy/LiteLLM/TeamPCP Updates

https://www.sans.org/webcasts/when-security-scanner-became-weapon

https://rosesecurity.dev/2026/03/24/sha-pinning-is-not-enough.html

Google Moves Up Quantum Crypto Deadline

https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

---

Special Webcast about Trivy Supply Chain Attacks

https://www.sans.org/webcasts/when-security-scanner-became-weapon

---

Detecting IP KVM Usage

https://isc.sans.edu/diary/Detecting%20IP%20KVMs/32824

TeamPCP, Trivy, liteLLM, Iran and more

https://www.aikido.dev/blog/teampcp-stage-payload-canisterworm-iran

https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/

https://blog.gitguardian.com/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most/

https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions

From W-2 to BYOVD: How a Tax Search Leads to Kernel-Mode AV/EDR Kill

https://www.huntress.com/blog/w2-malvertising-to-kernel-mode-edr-kill

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300

gRPC-Go Authorization bypass via missing leading slash in :path CVE-2026-33186

https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3

GSocket Backdoor Delivered Through Bash Script

https://isc.sans.edu/diary/GSocket+Backdoor+Delivered+Through+Bash+Script/32816/#comments

Oracle Security Alert CVE-2026-21992 Released

https://blogs.oracle.com/security/alert-cve-2026-21992

Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet and Harden PLCs to Protect from Cyber Threats

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html