⚡ THREAT INTELLIGENCE
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
Vulnerability | MEDIUM
The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's Secure Firewall Management...
Full analysis:
https://www.yazoul.net/news/news/darksword-ios-exploit-kit-uses-6-flaws-3-zero-days-for-full-device-takeover
💠 THREAT INTELLIGENCE
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
Vulnerability | MEDIUM
An international law enforcement action codenamed 'Operation Synergia III' has sinkholed tens of thousands of IP addresses and seized servers linked...
Full analysis:
https://www.yazoul.net/news/news/interpol-dismantles-45-000-malicious-ips-arrests-94-in-global-cybercrime
🔵 THREAT INTELLIGENCE
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
Vulnerability | CRITICAL
CVEs: CVE-2025-68613
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited...
Full analysis:
https://www.yazoul.net/news/news/cisa-flags-actively-exploited-n8n-rce-bug-as-24-700-instances-remain-exposed
⚠️ THREAT INTELLIGENCE
New 'LeakyLooker' Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Malware | HIGH
A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as...
Full analysis:
https://www.yazoul.net/news/news/new-leakylooker-flaws-in-google-looker-studio-could-enable-cross-tenant-sql-quer
💠 THREAT INTELLIGENCE
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Vulnerability | MEDIUM
Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the...
Full analysis:
https://www.yazoul.net/news/news/malicious-npm-package-posing-as-openclaw-installer-deploys-rat-steals-macos-cred
Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.
One system says 10:02.
Another says 9:58.
The firewall says 10:05.
Welcome to incident response if your clocks aren’t synchronized.
New article: The Silent Risk of Inconsistent Time Synchronization
https://jimguckin.com/2026/03/04/the-silent-risk-of-inconsistent-time-synchronization/
🔵 THREAT INTELLIGENCE
Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
Vulnerability | CRITICAL
CVEs: CVE-2024-4040, CVE-2025-31161, CVE-2025-54309
CrushFTP is a Java-based open source file transfer system. It is offered for multiple operating systems. If you run a CrushFTP instance, you may...
Full analysis:
https://yazoul.net/news/news/bruteforce-scans-for-crushftp-tue-mar-3rd
⚠️ THREAT INTELLIGENCE
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Vulnerability | HIGH
CVEs: CVE-2026-0628, CVE-2026-21385
Google has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm...
Full analysis:
https://yazoul.net/news/news/new-chrome-vulnerability-let-malicious-extensions-escalate-privileges-via-gemini
Security is now part of MSP brand promise. Swipe for the practical shift and how to align services to it.
🔵 THREAT INTELLIGENCE
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Vulnerability | CRITICAL
CVEs: CVE-2026-1731
Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure...
Full analysis:
https://yazoul.net/news/news/beyondtrust-flaw-used-for-web-shells-backdoors-and-data-exfiltration
Yazoul - Cybersecurity Alerts
Jim Guckin
Halexo Ltd