Tag: phishing-campaigns

Critical n8n RCE Hits KEV Catalog While Attackers Weaponize SOC Fatigue and Target Developers

CISA added a critical n8n workflow automation RCE vulnerability to the KEV catalog following active exploitation, while researchers reveal how attackers deliberately overwhelm SOC analysts and target developers through fake job interviews.

Mar 12, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

cisa-kevremote-code-executionandroid-malware

🏴Royal

🇺🇸Apple🇺🇸Meta Platforms

criticalMalware & Threats

Active Exploitation Surge: Cisco SD-WAN Flaws, iOS Exploit Kit, and Law Enforcement Disruptions

Security teams face multiple actively exploited vulnerabilities in Cisco SD-WAN and Android devices, while a sophisticated iOS exploit kit targets crypto theft. Law enforcement scored wins against ransomware operations and phishing platforms.

Mar 5, 2026BleepingComputer, Graham Cluley, Cisco Talos, Malwarebytes Labs, Fortinet

cisco-vulnerabilitiesios-exploitsransomware

🏴Phobos

🇺🇸Google🇺🇸Near Intelligence

highNation-State & APT

Nation-State Roundup: Lazarus Deploys Medusa Ransomware, VMware Vulnerabilities, and Global Cybercrime Operations

North Korea's Lazarus Group has deployed Medusa ransomware against a Middle East organization, while Broadcom patched critical VMware Aria Operations vulnerabilities enabling remote code execution. Meanwhile, the Russia-linked Diesel Vortex group compromised over 1,600 logistics credentials to divert freight shipments.

Feb 25, 2026Security Affairs, The Record, Palo Alto Unit 42

lazarus-aptmedusa-ransomwarevmware-aria

🏴Medusa🇰🇵Lazarus🇷🇺Conti

🇺🇸Reddit

mediumVulnerabilities & Exploits

Threat Roundup: AI Poisoning, Encrypted RCS, and Phishing TTPs

Microsoft exposes AI recommendation poisoning attacks, Apple tests E2EE RCS, and SANS analyzes fake incident report phishing tactics.

Feb 17, 2026The Hacker News, SANS ISC

ai-poisoningrcs-encryptionphishing-campaigns

🇺🇸Apple