Little fires everywhere for March Patch Tuesday

Blog

Byadmblake March 12, 2025

Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild

Blog

Abu Dhabi Guidelines Offer Blueprint for Cybersecurity in Health

Following increasing attacks on healthcare organizations, the United Arab Emirates has refined its regulatory strategy for improving cybersecurity in healthcare.

Read More Abu Dhabi Guidelines Offer Blueprint for Cybersecurity in Health
Blog

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote

Read More Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
Blog

AI-Generated Linux Miner ‘Koske’ Beats Human Malware

AI malware is becoming less of a gimmick, with features that meet or exceed what traditional human-developed malware typically can do.

Read More AI-Generated Linux Miner ‘Koske’ Beats Human Malware
Blog

Red Canary Expands AI Innovations to Cut Alert Overload

Post Content

Read More Red Canary Expands AI Innovations to Cut Alert Overload
Blog

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

A security weakness has been disclosed in the artificial intelligence (AI)-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an out-of-the-box security setting is disabled by default, opening the door for attackers to run arbitrary code on users’…

Read More Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories
Blog

Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions

A never-before-seen threat activity cluster codenamed UNK_SmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. “UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the

Read More Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions

Related