A week in security (March 16 – March 22)
Last week on Malwarebytes Labs: Stay safe! We don’t just report on threats—we help safeguard your entire digital identity Cybersecurity risks should never spread beyond…
Author: Cybernoz
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Ravie LakshmananMar 23, 2026Vulnerability / Endpoint Security Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA),…
Foster City Cyberattack Disrupts Bay Area City Services
A ransomware attack has disrupted municipal operations in Foster City, California, as officials continue to respond. The Bay Area city, home to roughly 34,000 residents, was…
Why Cyber Risk Is A Business Issue
In this Sofia Scozzari interview with TCE, the Hackmanac CEO offers a grounded look at how today’s cyber threat landscape is evolving, and where organisations…
Pentagon to adopt Palantir AI as core US military system
Palantir’s Maven artificial intelligence system will become an official program of record, US deputy secretary of Defense Steve Feinberg said in a letter to Pentagon…
Exploring Package Tracking Smishing Scams
Have you recently received a text message urging you to take action to avoid a negative outcome? Maybe you’ve just been informed you have an…
Crunchyroll Data Breach — Threat Actor Claims Exfiltration of 100 GB of User Data
A threat actor has allegedly exfiltrated approximately 100 GB of personally identifiable information (PII) from Crunchyroll, the Sony-owned anime streaming giant, after gaining access through…
How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations –…
Yarra Valley Water betting on AI to predict asset failures
Yarra Valley Water is planning to use generative AI to predict failures across its water supply infrastructure in a bid to drive cost out of…
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 22, 2026 U.S. Cybersecurity and Infrastructure…
Cleo Software Actively Being Exploited in the Wild CVE-2024-55956
CVE-2024-55956 Summary On December 3, Huntress identified an emerging threat involving Cleo’s LexiCom, VLTransfer, and Harmony software, commonly used to manage file transfers. We’ve directly…
This is all it takes to stop a train (Lock and Code S07E06)
This week on the Lock and Code podcast… Forget the runaway train thrillingly shot in Buster Keaton’s 1926 film “The General,” and never mind the…