Security news.
Today's security landscape highlights critical vulnerabilities under active exploitation and significant law enforcement actions. Russian intelligence services are linked to Signal phishing attacks, while multiple critical flaws in popular software are being weaponized rapidly after disclosure, demanding immediate patching.
FBI Links Signal Phishing to Russian Intelligence
The FBI warns that Russian intelligence-linked actors are actively targeting encrypted messaging app users, including Signal and WhatsApp, in phishing campaigns that have already compromised thousands of accounts.
Critical Langflow Flaw Exploited Within 20 Hours
A critical Langflow vulnerability, CVE-2026-33017, allowing unauthenticated remote code execution, saw active exploitation within 20 hours of public disclosure.
Trivy GitHub Actions Breached, CI/CD Secrets Stolen
The popular Trivy open-source vulnerability scanner's GitHub Actions were compromised for a second time, with 75 tags hijacked to deliver malware and steal sensitive CI/CD secrets.
Oracle Pushes Emergency Fix for Critical Identity Manager RCE
Oracle released an out-of-band update to address CVE-2026-21992, a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager.
CISA Adds Five New Exploited Vulnerabilities to KEV Catalog
CISA has added five new vulnerabilities, including Apple buffer overflows and a Craft CMS code injection, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
CISA Orders Feds to Patch Max-Severity Cisco Flaw
CISA has mandated federal agencies patch CVE-2026-20131, a maximum-severity vulnerability in Cisco Secure Firewall Management Center (FMC), by Sunday, March 22.
Police Take Down 373,000 Fake CSAM Sites in Operation Alice
An international law enforcement effort, Operation Alice, has successfully shut down over 373,000 dark web sites distributing fake CSAM packages.
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
U.S. Justice Department, alongside Canadian and German authorities, dismantled the infrastructure of four botnets (Aisuru, Kimwolf, JackSkid, Mossad) that compromised over three million IoT devices for DDoS attacks.