Fixed Intel

Latest Cybersecurity News

Stay informed with real-time threat intelligence, vulnerability disclosures, and expert analysis from the cybersecurity community.

AllMalware & Threats468Vulnerabilities240Data Breaches20Ransomware0APT & Threat Actors0Cloud Security0MENA Cybersecurity0Compliance & Frameworks0Tools & Tutorials0Industry News1127
Critical Quest KACE Vulnerability Potentially Exploited in Attacks
SecurityWeek
Industry News

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector.

SecurityWeekMar 21, 20262m5
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
The Hacker News
Industry News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.

The Hacker NewsMar 21, 20262m5
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
The Hacker News
Industry News

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

CISA adds 5 exploited flaws (CVSS up to 10.0) to KEV, mandates April 3, 2026 patching to prevent malware and espionage attacks.

The Hacker NewsMar 21, 20264m5
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
The Hacker News
Industry News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.

The Hacker NewsMar 21, 20265m5
Industry News

Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw

Dark Reading
Industry News

Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw

Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.

Dark ReadingMar 20, 20261m5
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
The Hacker News
Industry News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

The Hacker NewsMar 20, 20265m5
Industry News

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

Dark Reading
Industry News

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.

Dark ReadingMar 20, 20261m5
In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
SecurityWeek
Industry News

In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting

Other noteworthy stories that might have slipped under the radar: vulnerabilities found in KVM devices, Claudy Day Claude vulnerabilities, The Gentlemen ransomware group.

SecurityWeekMar 20, 20265m5
Denver’s crosswalks hacked to broadcast anti-Trump messages
Graham Cluley
Industry News

Denver’s crosswalks hacked to broadcast anti-Trump messages

Pedestrians crossing a street in Denver, Colorado, got rather more than they bargained for last weekend, when the audio signals at two crosswalks began broadcasting a political message alongside their usual walking instructions.

Graham CluleyMar 20, 20262m5
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
The Hacker News
Industry News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

The Hacker NewsMar 20, 20265m5
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
SecurityWeek
Industry News

3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China

The men violated U.S. export controls laws by scheming to divert massive quantities of the high-performance servers assembled in the United States to China.

SecurityWeekMar 20, 20264m5
Eclypsium Raises $25 Million for Device Supply Chain Security
SecurityWeek
Industry News

Eclypsium Raises $25 Million for Device Supply Chain Security

The company will use the investment to expand its platform’s capabilities and grow channel partnerships.

SecurityWeekMar 20, 20262m5