EPISODE · Mar 25, 2026 · 4 MIN
Mar 25, 2026 · #6
from Security Brief Daily · host Security Brief Daily
Episode 6 — 25 Mar 2026 1. PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug Source: Bleeping Computer PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution. The security issue, identified as CVE-2026-4681, could be leveraged through the deserialization of... 2. Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Source: The Hacker News Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) -... 3. FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns Source: The Hacker News The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing "unacceptable" risks to cyber and national security. The action was designed to safeguard Americans and the underlying communications... 4. Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner Source: The Hacker News An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. "The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered... 5. Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR Source: The Hacker News A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the... 6. Extortion Group Claims It Hacked AstraZeneca Source: Security Week The Lapsus$ hackers allegedly compromised internal code repositories, credentials, and employee data. The post Extortion Group Claims It Hacked AstraZeneca 7. Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool Source: Security Week The role of Israel’s hijacking of Iran’s street cameras in the killing of the country’s supreme leader underscores how surveillance systems are increasingly being targeted by adversaries in wartime. The post Iran Built a Vast Camera Network to Control Dissent. Israel Turned... 8. U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage Source: The Hacker News A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations....
What this episode covers
Episode 6 — 25 Mar 2026 1. PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug Source: Bleeping Computer PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution. The security issue, identified as CVE-2026-4681, could be leveraged through the deserialization of... 2. Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Source: The Hacker News Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) -... 3. FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns Source: The Hacker News The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing "unacceptable" risks to cyber and national security. The action was designed to safeguard Americans and the underlying communications... 4. Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner Source: The Hacker News An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. "The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered... 5. Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR Source: The Hacker News A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the... 6. Extortion Group Claims It Hacked AstraZeneca Source: Security Week The Lapsus$ hackers allegedly compromised internal code repositories, credentials, and employee data. The post Extortion Group Claims It Hacked AstraZeneca 7. Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool Source: Security Week The role of Israel’s hijacking of Iran’s street cameras in the killing of the country’s supreme leader underscores how surveillance systems are increasingly being targeted by adversaries in wartime. The post Iran Built a Vast Camera Network to Control Dissent. Israel Turned... 8. U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage Source: The Hacker News A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations....
NOW PLAYING
Mar 25, 2026 · #6
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.