Little fires everywhere for March Patch Tuesday
Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild
-
-
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days
Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Twenty-three of the addressed vulnerabilities are remote…
-
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in “extremely sophisticated” attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker…
-
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. “The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis. “More than 1,600 victims were affected…
-
Sophos Recognized as Top Employer in British Columbia, Canada
Sophos has been named as one of the top employers in British Columbia, Canada for the ninth year running.
-
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. “The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a…
-
Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real Threats
In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security, believing that patched vulnerabilities, up-to-date tools, polished dashboards, and glowing risk scores guarantee safety. The reality is a bit of a different story. In the real world, checking the right boxes doesn’t equal being secure. As Sun Tzu warned,…
-
Computers containing thousands of patients’ records stolen from Belfast hospital
Deborah McAleese reports: Twenty-eight computers containing the records of thousands of patients have been stolen from a Belfast Hospital, UTV can reveal. The computers were being used to train staff on the new encompass system, a digital healthcare record that is being rolled out across all health trusts. Belfast Health Trust said the missing appliances…
-
Steganography Explained: How XWorm Hides Inside Images
Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike. No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and take over your system without a trace. This is steganography,…
-
Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida
Sunflower Medical Group has notified 220,968 people of a December attack by Rhysida. According to their submission to the Maine Attorney General’s Office and their notification letter to those affected, the Kansas-based group of independent physicians detected the attack on January 7, 2025. Investigation revealed that it had occurred on December 15, 2024. The day…