← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is marked by critical vulnerabilities under active exploitation, with CISA adding two new flaws to its KEV catalog. Additionally, significant patches have been released for major platforms, and new malware campaigns are leveraging social engineering tactics.

BLEEPINGEXPLOIT
Mar 30READ

Critical Citrix NetScaler Flaw Actively Exploited

A critical memory vulnerability, CVE-2026-3055, in Citrix NetScaler ADC and Gateway appliances is being actively exploited to steal sensitive data. CISA has added this to its Known Exploited Vulnerabilities Catalog.

BLEEPINGVULN
Mar 30READ

Hackers Exploiting Critical F5 BIG-IP Flaw

F5 has reclassified a BIG-IP APM vulnerability as a critical remote code execution (RCE) flaw, CVE-2025-53521, with active exploitation deploying webshells on unpatched devices. CISA has also added this to its KEV catalog.

THNPATCH
Mar 30READ

OpenAI Patches ChatGPT Data Exfiltration Flaw

OpenAI has fixed a vulnerability in ChatGPT that allowed sensitive conversation data to be exfiltrated through a single malicious prompt, along with a Codex GitHub token vulnerability.

THNBREACH
Mar 30READ

DeepLoad Malware Uses ClickFix for Credential Theft

A new campaign is distributing the DeepLoad malware loader via the ClickFix social engineering tactic, using AI-assisted obfuscation and process injection to steal browser credentials.

BLEEPINGPATCH
Mar 30READ

Apple Adds macOS Terminal Warning for ClickFix Attacks

Apple has introduced a security feature in macOS Tahoe 26.4 to block pasting and executing potentially harmful commands in Terminal, alerting users to risks from ClickFix attacks.

SECURITYWEEKBREACH
Mar 30READ

CareCloud Probing Potential Data Breach

Healthcare IT platform CareCloud is investigating a cybersecurity incident involving one of its electronic health record environments.

SECURITYWEEKBREACH
Mar 30READ

European Commission Reports Cyber Intrusion and Data Theft

The European Commission has reported a cyber intrusion and data theft, with the ShinyHunters hacker group claiming to have stolen over 350GB of information from their cloud systems.

THNBREACH
Mar 30READ

Russian CTRL Toolkit Hijacks RDP via FRP Tunnels

A Russian-origin remote access toolkit, CTRL, is being distributed via malicious LNK files and used for credential phishing, keylogging, RDP hijacking, and reverse tunneling.

Generated twice daily from public security RSS feeds. Informational only.