As tensions rise due to ongoing conflicts, cybersecurity experts warn about the increased risk of Iranian cyberattacks targeting critical infrastructure. Many organizations have not yet assessed their operational technology (OT) networks for potential vulnerabilities linked to Iranian cyber activities. To mitigate these risks, teams are advised to take proactive steps, including conducting thorough security assessments, implementing robust monitoring systems, and ensuring that incident response plans are up to date. These measures are vital to safeguard essential services and prevent potential disruptions that could have significant repercussions on public safety and national security. Organizations must remain vigilant and prepared as the geopolitical landscape evolves.
Cisco has addressed several critical and high-severity vulnerabilities that could potentially allow attackers to bypass authentication, execute malicious code, escalate privileges, and access sensitive data. The company released patches for two critical vulnerabilities and six high-severity issues, including CVE-2026-20093, which has a significant CVSS score indicating its severity. These vulnerabilities affect various Cisco products, making it crucial for users and organizations to apply the patches promptly. Failure to address these flaws could lead to unauthorized access and significant security breaches. It's important for companies to stay updated with security patches to mitigate these risks effectively.
A recent report from E2e-assure reveals that around 80% of critical infrastructure providers could face significant downtime, potentially costing them up to £5 million, due to cyber-attacks targeting operational technology (OT). These attacks can disrupt essential services, affecting everything from energy supply to transportation systems. The findings underscore the urgent need for these organizations to bolster their cybersecurity measures to protect against increasing threats. As cyber incidents become more common, the financial implications could be severe, leading to not just loss of revenue but also compromised public safety. This situation calls for immediate attention as critical infrastructure remains a prime target for malicious actors.
Hackread – Cybersecurity News, Data Breaches, AI and More
The article discusses the challenges and strategies surrounding post-quantum cryptography, focusing on the potential risks posed by quantum computing to current encryption methods. As quantum computers continue to evolve, they could easily break many of the encryption techniques currently in use, putting sensitive data at risk. Organizations are urged to adapt their security measures to prepare for these quantum attacks by implementing post-quantum cryptographic algorithms. This shift is crucial for protecting data and systems, especially for sectors that handle critical information. The urgency of these preparations grows as advancements in quantum technology accelerate, making it imperative for companies and governments to secure their infrastructures against future threats.
Researchers from Defused have reported ongoing attacks exploiting a serious SQL injection vulnerability in Fortinet's FortiClient EMS, identified as CVE-2026-21643. These intrusions have been active since March 24, raising concerns for organizations using this software. SQL injection vulnerabilities allow attackers to manipulate database queries, potentially leading to unauthorized access and data breaches. Companies utilizing FortiClient EMS are urged to take immediate action to protect their systems and data from these exploits. The situation emphasizes the need for regular security updates and vigilance against emerging threats.
The shift to cloud and Software as a Service (SaaS) platforms in higher education has led to significant security challenges as traditional campus security boundaries fade away. Experts are raising concerns about the oversight of cloud security in educational institutions, emphasizing the need for better management of critical services, institutional data, and user identities that now exist in numerous cloud environments. With this transition, universities may be exposing themselves to a range of cybersecurity risks, including data breaches and unauthorized access. The article suggests that educational institutions need to reassess their security strategies to protect sensitive information effectively. This is particularly important as the reliance on cloud services continues to grow, making it vital for schools to implement strong security measures.
A serious vulnerability has been discovered in the Telegram messaging app, which can reportedly be triggered by a corrupted sticker. This flaw has been assigned a CVSS score of 9.8, indicating its severity. However, Telegram has denied the existence of this vulnerability, which raises questions about user safety. If this flaw is real, it poses a significant risk to Telegram users, as it could allow attackers to exploit the app without any user interaction, making it a no-click attack. The situation is concerning, especially for those who rely on Telegram for secure messaging.
A newly disclosed vulnerability in Telegram could allow attackers to execute code on users' devices without any interaction, making it a significant security risk. This flaw, identified by researcher Michael DePlante and tracked as ZDI-CAN-30207, has a CVSS score of 9.8, indicating its severity. Telegram has denied the existence of this issue, which raises concerns about user safety and device security. If confirmed, this vulnerability could affect millions of users who rely on Telegram for messaging. Users should remain vigilant and follow updates from Telegram regarding this potential threat.
A serious SQL injection vulnerability, tracked as CVE-2026-21643, has been discovered in Fortinet's FortiClient Endpoint Management Server (EMS), which manages FortiClient endpoint agents across multiple platforms. This vulnerability is currently being actively exploited, as reported by Defused Cyber, a firm that specializes in threat intelligence. Although it has not yet been listed on CISA’s Known Exploited Vulnerabilities (KEV) list, the ongoing attacks pose significant risks to organizations using FortiClient EMS. Companies should take immediate action to assess their systems and implement necessary security measures to safeguard against potential breaches. The situation emphasizes the need for vigilance in monitoring and securing endpoint management solutions.
Iranian hacking groups are increasingly using high-volume cyberattacks that have a low impact but can disrupt systems and services. These attacks have been enhanced by artificial intelligence, making them more effective. Affected entities include hospitals and other critical infrastructure, which are particularly vulnerable to these tactics. This trend reflects a growing integration of digital warfare in geopolitical conflicts, posing risks not only to the targeted organizations but also to public safety and national security. As these cyber threats evolve, it becomes crucial for organizations to bolster their cybersecurity measures and stay vigilant against potential attacks.
F5 Networks has escalated the severity of a vulnerability in its BIG-IP Application Policy Manager (APM) from a denial-of-service issue to a critical remote code execution flaw. This vulnerability allows attackers to exploit unpatched devices and deploy webshells, which can give them unauthorized access to systems. Organizations using affected versions of BIG-IP are urged to apply the necessary patches immediately to prevent potential breaches. The exploitation of this flaw poses a significant risk, especially for businesses relying on BIG-IP for application delivery and security. With reports of active attacks already in progress, it is crucial for users to take swift action to secure their environments.
Researchers from watchTowr and Defused have discovered that attackers are exploiting CVE-2026-3055, a serious vulnerability affecting Citrix NetScaler. This flaw allows unauthorized access to systems that utilize the NetScaler product, which is commonly used for application delivery and load balancing. Organizations using NetScaler are at risk, as the vulnerability is currently being actively targeted in the wild. Companies should be aware of this threat and take immediate action to protect their systems, as the consequences of exploitation could lead to significant data breaches and operational disruptions. It's crucial for affected users to stay informed and apply any available patches as soon as possible.
A serious vulnerability in Fortinet's FortiClient EMS platform, identified as CVE-2026-21643, is currently being exploited by attackers. This flaw, which has a CVSS score of 9.1, allows for remote code execution through SQL injection. Researchers from Defused have reported active exploitation of this vulnerability, posing significant risks to organizations using FortiClient EMS. Companies are urged to take immediate action to protect their systems, as the potential for unauthorized access and control could lead to severe consequences. It is essential for affected users to stay informed and apply any available patches promptly to mitigate the risks associated with this flaw.
A serious vulnerability in Fortinet's FortiClient EMS platform is currently being exploited by attackers, according to the threat intelligence firm Defused. This flaw poses significant risks to organizations using the affected software, as it allows unauthorized access and potential control over their systems. Companies that rely on FortiClient EMS for endpoint management and security should urgently assess their systems to mitigate the risk. The ongoing exploitation of this vulnerability underscores the need for timely updates and security patches to protect sensitive data and maintain system integrity. Users are advised to follow best practices for cybersecurity and monitor for any unusual activities.
At the BSides SF 2026 hacker conference, a researcher warned that Software as a Service (SaaS) and cloud assets are increasingly vulnerable to identity-based ransomware attacks. This type of attack exploits weaknesses in identity management systems, allowing attackers to gain unauthorized access and encrypt critical data. Organizations that rely on cloud services for their operations, especially those with inadequate security measures in place, are at significant risk. The researcher emphasized that as more businesses transition to these platforms, the need for robust identity protection becomes essential. Companies should prioritize enhancing their identity security protocols to mitigate these risks and protect sensitive customer information.