(Credit: MysteryShot – stock.adobe.com)

(Credit: MysteryShot – stock.adobe.com)

3 Apple flaws from Coruna exploit kit added to CISA vulnerability list

Laura FrenchMarch 6, 2026

The exploit kit affects versions of iOS between 13.0 and 17.2.1.

RESOURCES

Identity
Identity security as app growth accelerates: Why automation is becoming essential
Zero Trust World
Prompt engineering malware with ThreatLocker’s Kieran Human
Zero Trust World
Unmasking the dark web with ThreatLocker’s Collin Ellis
Zero Trust World
Use of the MITRE Attack framework in threat detection with ThreatLocker’s John Lilliston
Zero Trust World
Defense against configurations with ThreatLocker’s Bruce Mines

PODCASTS

Threat Intelligence
Iran vs Everyone: 2FA-Bypass Phish, APT41 Drive, iOS 0days, Josh Marpet, and More – SWN #561
IoT
Airsnitch, Claude, Hacking Firewalls – PSW #916
Leadership
Building Trusted Automation as Leaders Struggle with AI Adoption and CISOs Hire – Tim Morris – BSW #437
Threat Intelligence
North Korea, DOJ, APT 28, Anthropic, OpenClaw, Supply Chain, Josh Marpet, and More – SWN #560
Application security
Modern AppSec that keeps pace with AI development – James Wickett – ASW #372

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Flag of Iran on binary code

Threat Management

Iranian APT group MuddyWater targets multiple US companies

Steve ZurierMarch 6, 2026

Recent Iranian campaign picked up after the Feb. 28 U.S.-Israel attack.

Vulnerability Management

‘Mail2Shell’ FreeScout patch bypass exploit leads to RCE

Laura FrenchMarch 6, 2026

Researchers say an attacker could achieve unauthenticated RCE by sending a crafted email.

Network Security

Cisco patches 48 bugs across firewall products; notes two more SD-WAN flaws exploited

Steve ZurierMarch 5, 2026

Internet-facing edge devices are now major targets for attackers as the war in the Middle East unfolds.

Security Staff Acquisition & Development

Cybersecurity leaders working 10-plus extra hours per week on average

Laura FrenchMarch 5, 2026

Leaders say AI has expanded their role to focus more on business strategy.

Threat Management

VMware Aria Operations flaw added to list of exploited vulnerabilities

Steve ZurierMarch 4, 2026

Broadcom patched the flaw on Feb. 24, but CISA added VMware vulnerability after exploitation.

Microsoft flags phishing campaign abusing Entra ID, Google OAuth links

Laura FrenchMarch 4, 2026

The OAuth URLs intentionally include an invalid scope, forcing redirection to malicious sites.

Alert message of virus detected. Ransomware attack, identifying computer virus inside binary code of matrix. Template for concept of security, programming and hacking, decryption and encryption.

Ransomware attack exposes 1.2 million University of Hawaii Cancer Center records

Steve ZurierMarch 3, 2026

Information included Social Security, driver's license and voter records dating to the 1990s.

(Credit: IB Photography – stock.adobe.com)

Application security

Google Chrome vulnerability risked hijacking Gemini panel by rogue extension

Laura FrenchMarch 3, 2026

A malicious extension could have injected code into the panel to escalate its privileges.

EVENTS