vulnerability-management

High-severity WordPress plugin flaw poses data compromise risk

• patchconfiguration-management
• vulnerability-management

High-severity WordPress plugin flaw poses data compromise risk

SC Staff March 12, 2026

Widely used WordPress plugin Ally, which focuses on website usability and accessibility, has been impacted by a...

Read More Read more about High-severity WordPress plugin flaw poses data compromise risk

Oracle EBS hack disclosed by Michelin

• ransomware
• supply-chain
• vulnerability-management

Oracle EBS hack disclosed by Michelin

SC Staff March 12, 2026

SecurityWeek reports that major tire manufacturer Michelin has disclosed having some of its files compromised following the...

Read More Read more about Oracle EBS hack disclosed by Michelin

Dozens of Microsoft flaws patched in latest Patch Tuesday

• patchconfiguration-management
• vulnerability-management

Dozens of Microsoft flaws patched in latest Patch Tuesday

SC Staff March 11, 2026

Updates have been issued by Microsoft to address 83 vulnerabilities across its products, including a critical remote...

Read More Read more about Dozens of Microsoft flaws patched in latest Patch Tuesday

Max severity pac4j flaw easily exploitable, researchers warn

• patchconfiguration-management
• vulnerability-management

Max severity pac4j flaw easily exploitable, researchers warn

SC Staff March 11, 2026

CyberScoop reports that widely used Java security library pac4j was noted by CodeAnt AI co-founder and CEO...

Read More Read more about Max severity pac4j flaw easily exploitable, researchers warn

Remediation deadlines for SolarWinds, Ivanti bugs expedited by CISA

• patchconfiguration-management
• vulnerability-management

Remediation deadlines for SolarWinds, Ivanti bugs expedited by CISA

SC Staff March 11, 2026

The Cybersecurity and Infrastructure Security Agency has set shortened deadlines for remediating a trio of security flaws...

Read More Read more about Remediation deadlines for SolarWinds, Ivanti bugs expedited by CISA

Development of Coruna iOS exploit kit pinned on US military contractor

• threat-intelligence
• vulnerability-management

Development of Coruna iOS exploit kit pinned on US military contractor

SC Staff March 11, 2026

TechCrunch reports U.S. military contractor L3Harris' surveillance tech division Trenchant was disclosed by a pair of former...

Read More Read more about Development of Coruna iOS exploit kit pinned on US military contractor

How to build a breach-ready security posture without the enterprise price tag

• network-security
• penetration-testing
• threat-intelligence
• threat-management
• vulnerability-management

How to build a breach-ready security posture without the enterprise price tag

Adriel Desautels March 11, 2026

Build a breach-ready security posture with threat-informed defenses — not costly tools.

Read More Read more about How to build a breach-ready security posture without the enterprise price tag

Third-party software exploits increasingly harnessed in accelerated cloud breaches

• supply-chain
• vulnerability-management

Third-party software exploits increasingly harnessed in accelerated cloud breaches

SC Staff March 10, 2026

BleepingComputer reports that new third-party software vulnerabilities have been exploited in 44.5% of cloud environment breaches during...

Read More Read more about Third-party software exploits increasingly harnessed in accelerated cloud breaches

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland – SWN #562

• Privacy
• vulnerability-management

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland – SWN #562

Doug White March 10, 2026

Read More Read more about Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland – SWN #562

Salesforce confirms ShinyHunters exploited Experience Cloud sites

• patchconfiguration-management
• vulnerability-management

Salesforce confirms ShinyHunters exploited Experience Cloud sites

Steve Zurier March 10, 2026

The ShinyHunters cybercrime group has systematically targeted Salesforce instances since mid-2025.

Read More Read more about Salesforce confirms ShinyHunters exploited Experience Cloud sites