Vulnerability Disclosure

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Ca...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 25

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site ...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their priv...

T1548 T1598

Cisco Advisories →

Infosecurity Magazine Vulnerability Disclosure SentinelOne Mar 25

Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

Infosecurity Magazine →

SC Media Vulnerability Disclosure Mar 25

2026 SC Award winner Nucleus Security — Best Vulnerability Management Solution

Nucleus awarded for AI-driven vulnerability management that prioritizes real risk.

SC Media →

The Hacker News Vulnerability Disclosure Mar 25

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against ...

T1021 T1592

The Hacker News →

GBHackers Vulnerability Disclosure Adobe Mar 25

Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access

A critical vulnerability dubbed “PolyShell” is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team ...

T1598

GBHackers →

GBHackers Vulnerability Disclosure Mar 25

ClawHub Vulnerability Lets Attackers Manipulate Rankings to Become Top Skill

Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability ...

T1598

GBHackers →

Help Net Security Vulnerability Disclosure Tenable Intel Mar 25

Tenable Hexa AI automates exposure management and security workflows

Tenable has revealed Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform that automates security workflows and transforms ...

Help Net Security →

Recorded Future Vulnerability Disclosure Microsoft Apple Mar 25

ClickFix Campaigns Targeting Windows and macOS

Insikt Group reveals five ClickFix social engineering clusters (QuickBooks, Booking.com, Birdeye) targeting Windows and macOS.

T1204 1 IOC

Recorded Future →

BleepingComputer Vulnerability Disclosure Mar 24

PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug

PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote c...

T1190

BleepingComputer →

Rapid7 Blog Vulnerability Disclosure Rapid7 Mar 24

New Whitepaper: Exploiting Cellular-based IoT Devices

Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7...

T1041

Rapid7 Blog →

Infosecurity Magazine Vulnerability Disclosure Citrix Mar 24

Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities

A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory

Infosecurity Magazine →

Qualys Blog Vulnerability Disclosure Qualys Mar 24

The Rise of Managed Risk Operations: How the New Qualys mROC Portal Helps Partners Scale the Risk Operations Center

Key Takeaways For years, vulnerability management meant scanning, prioritizing by CVSS score, and handing a spreadsheet to IT. Attack surfaces now span cloud...

Qualys Blog →

CISA Advisories Vulnerability Disclosure Mar 24

Schneider Electric EcoStruxure Foxboro DCS

View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure Foxboro DCS Control Software on Foxboro DCS workstations and servers. Con...

2 IOCs

CISA Advisories →