enjoyed this telnetd analysis. (if you can’t believe anyone has a legitimate operational reason to run telnet, you live in a cozy world indeed) https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/

Yes, the vulnerability is so old, it dates from a time when networks charged on a ‘per-packet basis’.

https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/

📰 Citrix Scrambles to Patch Critical 'CitrixBleed'-like Flaw in NetScaler Products

⚠️ Critical Citrix NetScaler flaw CVE-2026-3055 (CVSS 9.3) allows data theft, drawing comparisons to CitrixBleed. Unauthenticated attackers can read sensitive memory. Patch immediately! #Citrix #NetScaler #CyberSecurity #CVE

🔗 https://cyber.netsecops.io/articles/critical-citrix-netscaler-flaw-cve-2026-3055-exposes-sensitive-data/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!

Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html

CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. https://www.securityweek.com/oracle-releases-emergency-patch-for-critical-identity-manager-vulnerability/

🔒 CVE-2026-28864 (HIGH): Local attackers can access Apple Keychain items on iOS, iPadOS, macOS, visionOS, watchOS. Patch to latest OS releases now to protect credentials. No known exploits yet. https://radar.offseq.com/threat/cve-2026-28864-a-local-attacker-may-gain-access-to-881070fb #OffSeq #Apple #Security #Keychain

【セキュリティ ニュース】「iOS 26.4」公開、脆弱性38件を修正 – 旧端末向け「iOS 18.7.7」も（1ページ目 / 全1ページ）：Security NEXT https://www.yayafa.com/2759965/ #Apple #CVE202628864 #IOS264セキュリティアップデート #IPadOS264 #SCIENCE #Science&Technology #SECURITY #Technology #WebKit脆弱性 #カーネル脆弱性 #キーチェーンアクセス問題 #セキュリティ #テクノロジー #ニュース #対策 #旧端末向けiOS1877 #科学 #科学＆テクノロジー

Turning an encrypted backup into Remote Code Execution in Stackfield’s desktop app (CVE-2026-28373).

#security

https://www.rcesecurity.com/2026/03/stackfield-desktop-app-rce-via-path-traversal-and-arbitrary-file-write-cve-2026-28373/

ISC is pleased to announce the releases of Kea 2.6.5 and 3.0.3 (stable) and 3.1.7 (development).

Both stable versions address a vulnerability in Kea DHCP; see our published advisory at https://kb.isc.org/docs/cve-2026-3608 . Kea 3.1.7 is not susceptible to this CVE, but development versions are not suitable for production use.

The releases are available from the ISC download page at https://www.isc.org/download/#Kea.

Thank you for using ISC’s software!

🚨 CVE-2026-3608: HIGH-severity vuln in ISC Kea DHCP (2.6.0 – 2.6.4, 3.0.0 – 3.0.2). Remote attackers can crash daemons, causing DoS. Restrict API/HA access, monitor traffic, and prep failover. Details: https://radar.offseq.com/threat/cve-2026-3608-cwe-617-reachable-assertion-in-isc-k-fed4f439 #OffSeq #CVE #DHCP #Infosec

#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!

Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html

A new Ubuntu vulnerability (CVE-2026-3888) allows local users to escalate privileges to root via a timing-based exploit in Ubuntu Desktop 24.04 and newer. ⏱️
The flaw affects systems using older versions of snapd and requires immediate patching. 🔐

🔗 https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/

#TechNews #Ubuntu #Linux #SecurityFlaw #CVE #PrivilegeEscalation #RootAccess #Cybersecurity #LinuxSecurity #PatchNow #Snap #SystemVulnerabilities #DataProtection #TechUpdates #Privacy #OpenSource #Canonical

Dios mio! While researching a particular type of Colombian folk music, we stumbled across a .edu domain selling... accordions? Our first thought was potentially domain hijacking, but it appears to be more likely an exploitation of CVE-2026-27210 (TLDR; cross-site scripting). While the vulnerability has been patched in the plugin itself, not all pages have updated their plugins, and search engines have already indexed the poisoned pages! Pivoting led to 50+ additional domains found spread across three risky TLDs: .sbs, .pics, and .shop. The domains on .sbs and .pics appear to be config servers to exploit the vulnerability; the domains on .shop are the landing pages where victims can be scammed.

IOCs:
000o[.]sbs,0pen[.]sbs,123buys[.]shop,123me[.]shop,1bg[.]pics,1ki[.]pics,1mage[.]sbs,1ql[.]pics,1ty[.]pics,1vi[.]pics,1wr[.]pics,2ty[.]pics,569oagri[.]shop,66buys[.]shop,6ip[.]pics,6ym[.]pics,7rt[.]pics,8pi[.]pics,99buys[.]shop,99i[.]pics,9gwe[.]shop,a25n[.]shop,bk2[.]pics,bk59t[.]shop,buysok[.]shop,c68k[.]shop,cc1[.]pics,doo[.]pics,ep7[.]pics,estore-1[.]com,g9gvv[.]sbs,gaer896[.]shop,gm5[.]pics,gosok[.]shop,gt3[.]pics,h66p[.]shop,hh6[.]pics,iilvw[.]sbs,im9[.]pics,img1[.]sbs,in6[.]pics,jj3[.]pics,kk9[.]pics,lilil[.]sbs,llvvw[.]sbs,m66p6[.]shop,mebuys[.]shop,mg6[.]pics,mh8f6k[.]shop,mkk[.]pics,ms1[.]pics,nn6[.]pics,onsgs[.]com,p6[.]pics,p888p[.]shop,pan1[.]top,pic1[.]sbs,pic2[.]sbs,pt11[.]sbs,py3y[.]com,qq1[.]pics,rey89p[.]shop,shop56[.]shop,t88t8[.]shop,tp1[.]pics,tp9[.]pics,trues[.]sbs,up9[.]pics,upimg[.]sbs,uu2[.]pics,vt5[.]pics,vteyu[.]shop,vvf1[.]sbs,vvp1[.]sbs,w2w[.]pics,w88p[.]shop,wp59q[.]shop,wvlll[.]sbs,wvv1[.]sbs,wvvvv[.]sbs,x2p[.]pics,xyaer548[.]shop,yi1[.]pics

#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #seo_poisoning #seopoisoning