Tag: vulnerability-management

March Security Roundup: Microsoft Patches Zero-Days, Cloud Configs Under Fire, and Geopolitical Threats Escalate

Microsoft's March Patch Tuesday addressed 83 vulnerabilities including two publicly disclosed zero-days, while security researchers highlighted critical gaps in cloud configurations and identity recovery practices. Meanwhile, geopolitical tensions are driving both kinetic and cyber attacks against critical infrastructure.

Mar 11, 2026Dark Reading, Infosecurity Magazine

patch-tuesdaycloud-securityzero-day

🇷🇺APT28

🇺🇸Google

criticalVulnerabilities & Exploits

CISA KEV Updates, APT28 Campaign, and Agentic AI Security Challenges

CISA flagged three actively exploited vulnerabilities for immediate patching while APT28 continues surveillance operations against Ukrainian forces. Meanwhile, the cybersecurity community grapples with new attack vectors in AI agents and supply chain compromises.

Mar 10, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

cisa-kevapt28agentic-ai

🇷🇺APT28

mediumApplication Security

OpenClaw's Security Posture Under Fire: 160+ Advisories Signal Systemic Issues

OpenClaw faces criticism for weak security practices including 160+ advisories in one year and exclusion of key attack vectors from their threat model. The company lacks a bug bounty program despite the high volume of discovered vulnerabilities.

Mar 4, 2026Sam Bent

openclawsecurity-advisoriesvulnerability-management

highIndustry & Policy

Critical AI Tool Flaws and Supply Chain Exposure Highlight Security Challenges

A critical vulnerability in the popular OpenClaw AI tool joins a growing list of AI security issues, while research reveals 26,000 organizations were impacted by supply chain attacks. Meanwhile, law enforcement scored a major win with 30 arrests from 'The Com' cybercriminal collective.

Mar 3, 2026Dark Reading, Infosecurity Magazine

ai-securitysupply-chainvulnerability-management

criticalIndustry & Policy

Industry Roundup: Three-Year Cisco Zero-Day, Law Enforcement Wins, and UK Policy Shifts

A critical Cisco SD-WAN vulnerability was exploited undetected for three years while law enforcement scored wins against cybercrime groups. Meanwhile, UK policy shifts and new threat intelligence reveal the evolving landscape of enterprise security challenges.

Feb 27, 2026Dark Reading, Infosecurity Magazine

ciscozero-daylaw-enforcement

criticalNation-State & APT

Nation-State Roundup: China-Linked Espionage Campaign Hits 42 Countries, CISA Adds Critical Cisco Flaws to KEV

CISA added critical Cisco SD-WAN vulnerabilities to its Known Exploited Vulnerabilities catalog while Google disrupted a China-linked espionage campaign spanning 53 organizations across 42 countries. Meanwhile, a former U.S. Air Force officer was arrested for allegedly providing combat training to Chinese military pilots.

Feb 27, 2026Security Affairs, The Record

china-aptcisco-sd-wancve-kev

🇬🇷Intellexa🇺🇸Google

mediumData Breaches & Incidents

Weekly Roundup: Ad Cloaking Platform Exposed, OAuth Risks, and SOC Efficiency Insights

Security researchers revealed multiple active threat campaigns this week, including a sophisticated ad cloaking platform that bypasses Google's security measures and OAuth consent mechanisms that can grant persistent email access. Meanwhile, new research confirms that the vast majority of discovered vulnerabilities never see real-world exploitation.

Feb 27, 2026Hackread

phishingoauthvulnerability-management

🇺🇸Google