Cisco Secure FMC's unauthenticated RCE flaw CVE-2026-20131 (CVSS 10.0) was added to CISA's KEV catalog after Interlock ransomware had been abusing it for 36 days before Cisco's public disclosure. Amazon Threat Intelligence later dissected the toolkit in detail.
Google released an emergency update for Chrome 146.0.7680.75 on March 13 to fix two CVSS 8.8 zero-days, both confirmed exploited in the wild. It was Chrome's third emergency patch of 2026.
Multiple severe RCE vulnerabilities were found in n8n's workflow expression evaluation. CVE-2025-68613 (CVSS 9.9) was added to CISA's KEV catalog and is confirmed to be actively exploited. Another unauthenticated issue, CVE-2026-27493 (CVSS 9.5), also requires immediate patching.
Four infrastructure-security stories from early March 2026: AI attack tool CyberStrikeAI compromising 600 FortiGates, Cloudflare's split detection/blocking WAF architecture, standardization of TLS Encrypted Client Hello, and CISA's KEV addition for VMware Aria Operations.
Russian APT28 started exploiting URL validation flaw in ieframe.dll (CVE-2026-21513, CVSS 8.8) in January 2026. We have laid out the technical mechanics of an attack chain that bypasses Mark-of-the-Web via LNK files and executes code outside the browser sandbox.
Covers Cisco SD-WAN authentication bypass and UAT-8616's three-year campaign, NuGet/npm supply chain attacks, and Claude Code/Desktop Extensions/Mexico government breach.
An unsafe deserialization vulnerability was found in PHPUnit's PHPT test runner. This article summarizes the risk to CI/CD pipelines and how to mitigate it.
