Episode 2 — 21 Mar 2026
1. Oracle pushes emergency fix for critical Identity Manager RCE flaw
Source: Bleeping Computer
Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as...
2. CISA orders feds to patch max-severity Cisco flaw by Sunday
Source: Bleeping Computer
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. Cisco published a security bulletin about the flaw on...
3. Police take down 373,000 fake CSAM sites in Operation Alice
Source: Bleeping Computer
An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages. The investigation, led by Germany and supported by Europol, began in mid-2021 and focused on a platform called “Alice with Violence CP,”...
4. CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
Source: The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch them by April 3, 2026. The...
5. FBI links Signal phishing attacks to Russian intelligence services
Source: Bleeping Computer
The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts. The FBI's...
6. Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Source: The Hacker News
The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages with a previously undocumented self-propagating worm dubbed CanisterWorm....
7. Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Source: The Hacker News
Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the...
8. US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
Source: Security Week
The US has seized several domains used by Handala in cyber-enabled psychological operations. The post US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
