Overview
- NetScaler
- ADC
Description
Statistics
- 12 Posts
- 12 Interactions
Fediverse
🚨 CVE-2026-3055 (CVSS 9.3), a unauth memory overread vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway appliances that could see active exploitation itw
Vulnerability detection script available here:
https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-3055.yaml
Patches are available as per Citrix's advisory:
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300
➡️ CVE-2026-3055 👀
👇
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300
CVE-2026-3055 - Out-of-Bounds Read vulnerability - CVSSv4 base score: 9.3
Note: Citrix NetScaler ADC or Citrix Gateway must be configured as SAML IDP to be vulnerable to CVE-2026-3055.- CVE-2026-4368 - Race Condition vulnerability - CVSSv4 base score: 7.7Note: Affected appliances must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP proxy) or AAA virtual server to be vulnerable CVE-2026-4368.
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368
#citrix #vulnerabilitymanagement #vulnerability
https://vulnerability.circl.lu/bundle/1ae9c3df-c65f-4755-b3a9-4d76f8c0e772
#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!
Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html
Bluesky
Overview
- Oracle Corporation
- Oracle Identity Manager
Description
Statistics
- 8 Posts
- 1 Interaction
Fediverse
📰 URGENT: Oracle Patches Critical 9.8 CVSS Unauthenticated RCE Flaw
📢 URGENT PATCH: Oracle has issued an emergency fix for CVE-2026-21992, a critical 9.8 CVSS unauthenticated RCE flaw in Identity Manager. Unpatched systems can be fully compromised. Patch immediately! 🚨 #Oracle #CyberSecurity #RCE #PatchNow
CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. https://www.securityweek.com/oracle-releases-emergency-patch-for-critical-identity-manager-vulnerability/
Bluesky
Overview
Description
Statistics
- 3 Posts
- 2 Interactions
Fediverse
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
https://thehackernews.com/2026/03/hackers-exploit-cve-2025-32975-cvss-100.html
Short summary: https://hackerworkspace.com/article/hackers-exploit-cve-2025-32975-cvss-10-0-to-hijack-unpatched-quest-kace-sma-systems
📰 Warning: Critical 10.0 CVSS Quest KACE Flaw from 2025 Now Actively Exploited
🔥 ACTIVE EXPLOITATION: A year-old, 10.0 CVSS flaw in Quest KACE SMA (CVE-2025-32975) is now being actively exploited. Attackers are gaining full admin control, deploying Mimikatz, and moving laterally. Patch and isolate from the internet NOW! #CVE
Overview
Description
Statistics
- 7 Posts
- 7 Interactions
Fediverse
➡️ CVE-2026-3055 👀
👇
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300
CVE-2026-3055 - Out-of-Bounds Read vulnerability - CVSSv4 base score: 9.3
Note: Citrix NetScaler ADC or Citrix Gateway must be configured as SAML IDP to be vulnerable to CVE-2026-3055.- CVE-2026-4368 - Race Condition vulnerability - CVSSv4 base score: 7.7Note: Affected appliances must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP proxy) or AAA virtual server to be vulnerable CVE-2026-4368.
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368
#citrix #vulnerabilitymanagement #vulnerability
https://vulnerability.circl.lu/bundle/1ae9c3df-c65f-4755-b3a9-4d76f8c0e772
#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!
Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html
Bluesky
Description
Statistics
- 9 Posts
- 5 Interactions
Fediverse
There has been a lot of sloppy reporting regarding DarkSword, with basically every news outlet saying that iOS 18 is vulnerable. It’s not, if you have the latest 18.7.3.
Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.
TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
@peternlewis sloppy reporting, as usual.
Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.
TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
Unfortunately it looks like CVE-2025-43520 was patched in iOS 26.1b4, the exact build I happened to leave my test device on...
I might play around with it on my Mac or in one of the new iOS pccvre VMs though.
Overview
Description
Statistics
- 2 Posts
Fediverse
Critical patch alert: The US government has ordered a maximum severity patch for a Cisco vulnerability (CVE-2026-20131) that's being exploited in ransomware campaigns.
Read more: https://steelefortress.com/86cy1e
#Encryption #ThreatIntel #Security #DataPrivacy #CyberDefense
Overview
Description
Statistics
- 2 Posts
- 2 Interactions
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
Global cybersecurity alerts include active exploitation of Chrome Zero-Days (CVE-2026-3909/3910) and a Quest KACE SMA flaw for credential harvesting. Advanced threats like Android haptic keyloggers and deepfake identity fraud are emerging. Geopolitically, Persian Gulf tensions remain high, while the US announced a new cyber strategy to defend companies from foreign adversaries. In tech, NVIDIA Nemotron 3 Super is now on Amazon Bedrock.
Overview
- djangoproject
- Django
- django
Description
Statistics
- 2 Posts
- 2 Interactions
Fediverse
🚨 In this week’s threat alert, CrowdSec reports on CVE-2026-1207, a critical Django SQL injection vulnerability now actively exploited in the wild. Attackers are targeting GeoDjango setups using PostGIS with focused reconnaissance. Notably, this vulnerability hasn’t yet been added to the CISA KEV catalog.
Learn how the vulnerability works and how to secure your systems in our latest article: https://www.crowdsec.net/vulntracking-report/cve-2026-1207
Overview
- mpetroff
- pannellum
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
Dios mio! While researching a particular type of Colombian folk music, we stumbled across a .edu domain selling... accordions? Our first thought was potentially domain hijacking, but it appears to be more likely an exploitation of CVE-2026-27210 (TLDR; cross-site scripting). While the vulnerability has been patched in the plugin itself, not all pages have updated their plugins, and search engines have already indexed the poisoned pages! Pivoting led to 50+ additional domains found spread across three risky TLDs: .sbs, .pics, and .shop. The domains on .sbs and .pics appear to be config servers to exploit the vulnerability; the domains on .shop are the landing pages where victims can be scammed.
IOCs:
000o[.]sbs,0pen[.]sbs,123buys[.]shop,123me[.]shop,1bg[.]pics,1ki[.]pics,1mage[.]sbs,1ql[.]pics,1ty[.]pics,1vi[.]pics,1wr[.]pics,2ty[.]pics,569oagri[.]shop,66buys[.]shop,6ip[.]pics,6ym[.]pics,7rt[.]pics,8pi[.]pics,99buys[.]shop,99i[.]pics,9gwe[.]shop,a25n[.]shop,bk2[.]pics,bk59t[.]shop,buysok[.]shop,c68k[.]shop,cc1[.]pics,doo[.]pics,ep7[.]pics,estore-1[.]com,g9gvv[.]sbs,gaer896[.]shop,gm5[.]pics,gosok[.]shop,gt3[.]pics,h66p[.]shop,hh6[.]pics,iilvw[.]sbs,im9[.]pics,img1[.]sbs,in6[.]pics,jj3[.]pics,kk9[.]pics,lilil[.]sbs,llvvw[.]sbs,m66p6[.]shop,mebuys[.]shop,mg6[.]pics,mh8f6k[.]shop,mkk[.]pics,ms1[.]pics,nn6[.]pics,onsgs[.]com,p6[.]pics,p888p[.]shop,pan1[.]top,pic1[.]sbs,pic2[.]sbs,pt11[.]sbs,py3y[.]com,qq1[.]pics,rey89p[.]shop,shop56[.]shop,t88t8[.]shop,tp1[.]pics,tp9[.]pics,trues[.]sbs,up9[.]pics,upimg[.]sbs,uu2[.]pics,vt5[.]pics,vteyu[.]shop,vvf1[.]sbs,vvp1[.]sbs,w2w[.]pics,w88p[.]shop,wp59q[.]shop,wvlll[.]sbs,wvv1[.]sbs,wvvvv[.]sbs,x2p[.]pics,xyaer548[.]shop,yi1[.]pics
#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #seo_poisoning #seopoisoning