Aftershock Index1d ago

πŸ“Š MORNING BRIEFING (AI-FREE EDITION)

Last 24h: 257 stories detected (GrayZone: 191, Russia: 27, China: 16, FiveEyes: 15, Local: 8). 40 critical incidents flagged.

⏰ MISSING IN CZ:
β€’ North Korea’s Lazarus Group Behind the Axios npm Supply Chain Attack... (22.6h lag)
β€’ #Cybersecurity #ITSecurity #InfoSec #CyberNews #Hacking #EthicalHackingNews Axio... (19.7h lag)
β€’ New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation β€” Patch Released...

Read more: https://index.deceiver.io/story/106130

Yazoul - Cybersecurity Alerts3d ago

πŸ”΅ THREAT INTELLIGENCE

Critical Citrix NetScaler memory flaw actively exploited in attacks

Vulnerability | CRITICAL
CVEs: CVE-2026-3055

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to...

Full analysis:
https://www.yazoul.net/news/news/critical-citrix-netscaler-memory-flaw-actively-exploited-in-attacks

#CyberSecurity #APT #CyberNews

Critical Citrix NetScaler Memory Flaw Actively Exploited - Patch Urgently

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data. [...]

Yazoul Security
Yazoul - Cybersecurity AlertsMar 27

πŸ”΅ THREAT INTELLIGENCE

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Vulnerability | CRITICAL
CVEs: CVE-2026-33017

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as...

Full analysis:
https://www.yazoul.net/news/news/langchain-langgraph-flaws-expose-files-secrets-databases-in-widely-used-ai-frame

#InfoSec #Ransomware #CyberNews

LangChain, LangGraph Flaws Expose AI Systems - CISA Warns of Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework

Yazoul Security
Yazoul - Cybersecurity AlertsMar 26

⚑ THREAT INTELLIGENCE

PolyShell attacks target 56% of all vulnerable Magento stores

Vulnerability | MEDIUM

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more...

Full analysis:
https://www.yazoul.net/news/news/polyshell-attacks-target-56-of-all-vulnerable-magento-stores

#InfoSec #Ransomware #CyberNews

PolyShell Attacks Hit 56% of Vulnerable Magento Stores - AI Threat Looms

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. [...]

Yazoul Security
Yazoul - Cybersecurity AlertsMar 21

πŸ’  THREAT INTELLIGENCE

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

Vulnerability | MEDIUM

Geopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and...

Full analysis:
https://www.yazoul.net/news/news/the-importance-of-behavioral-analytics-in-ai-enabled-cyber-attacks

#ThreatIntel #SecurityNews #CyberNews

AI-Powered Cyber Attacks Evolve - Why Behavioral Analytics is Now Critical

Geopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and contain breaches to reduce the impact of wiper campa

Yazoul Security
Yazoul - Cybersecurity AlertsMar 19

πŸ”΅ THREAT INTELLIGENCE

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Vulnerability | CRITICAL
CVEs: CVE-2025-66376

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security...

Full analysis:
https://www.yazoul.net/news/news/cisa-warns-of-zimbra-sharepoint-flaw-exploits-cisco-zero-day-hit-in-ransomware-a

#CyberSecurity #APT #CyberNews

CISA Warns of Active SharePoint, Zimbra Flaw Exploits; Cisco Zero-Day in Ransomware Attacks

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]

Yazoul Security
Yazoul - Cybersecurity AlertsMar 18

⚑ THREAT INTELLIGENCE

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Vulnerability | MEDIUM
CVEs: CVE-2026-20643

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs...

Full analysis:
https://www.yazoul.net/news/news/apple-fixes-webkit-vulnerability-enabling-same-origin-policy-bypass-on-ios-and-m

#CyberSecurity #APT #CyberNews

Apple Patches WebKit Same-Origin Policy Bypass in New Background Updates

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade. [...]

Yazoul Security
Outpost24Mar 17

Outpost24 in the News:

Our Principal Threat Intel Researcher, Lydia Atienza, shared insights with Forbes on warnings about ongoing global attacks targeting Signal and WhatsApp users.

πŸ”΅ Read the article here: https://www.forbes.com/sites/daveywinder/2026/03/10/new-signal-and-whatsapp-hack-attacks-confirmed-security-agency-warns/

#ThreatIntelligence #IntheNews #Cybersecurity #CyberNews

Yazoul - Cybersecurity AlertsMar 15

🟑 THREAT INTELLIGENCE

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Vulnerability | MEDIUM

Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in...

Full analysis:
https://www.yazoul.net/news/news/storm-2561-spreads-trojan-vpn-clients-via-seo-poisoning-to-steal-credentials

#InfoSec #Ransomware #CyberNews

Storm-2561 Deploys Trojan VPN Clients via SEO Poisoning Campaign

Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C: drive and are

Yazoul Security
Yazoul - Cybersecurity AlertsMar 14

⚑ THREAT INTELLIGENCE

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Vulnerability | MEDIUM
CVEs: CVE-2026-3909

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks. [...]

Full analysis:
https://www.yazoul.net/news/news/google-fixes-two-chrome-zero-days-exploited-in-the-wild-affecting-skia-and-v8

#InfoSec #Ransomware #CyberNews

Google Patches Two Chrome Zero-Days Exploited in Attacks - Update Now

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks. [...]

Yazoul Security