B
Ransomware Attack Disrupts Digital Operations at Spain's Port of Vigo
The Port of Vigo in Spain suffered a ransomware attack on March 24, 2026, forcing the isolation of its digital infrastructure and a transition to manual cargo management processes.
****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/ransomware-attack-disrupts-digital-operations-at-spain-s-port-of-vigo-b-j-v-k-8/gD2P6Ple2L
Stockton Cardiology Medical Group Reports Data Breach Following Phishing Incident
Stockton Cardiology Medical Group reports a data breach after a phishing attack led to unauthorized access and the public disclosure of patient medical and billing records. The organization responded by disabling legacy remote access services and implementing multi-factor authentication to secure its network.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/stockton-cardiology-medical-group-reports-data-breach-following-phishing-incident-l-a-n-r-s/gD2P6Ple2L
French Ministry of Education Data Breach Exposes 243,000 Staff Records
The French Ministry of National Education reports a data breach affecting 243,000 individuals after an attacker stole personal records from the COMPAS HR system. The stolen data, including names and addresses, has been partially leaked online, prompting the ministry to suspend the system and involve national cybersecurity authorities.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/french-ministry-of-education-data-breach-exposes-243000-staff-records-h-f-c-t-6/gD2P6Ple2L
Critical Memory Leak and Session Hijacking Vulnerabilities Patched in Citrix NetScaler
Citrix patched a critical memory overread (CVE-2026-3055) and a high-severity session-swapping race condition (CVE-2026-4368) in NetScaler ADC and Gateway. These vulnerabilities allow unauthenticated attackers to leak sensitive memory data or hijack user sessions in environments configured for SAML or VPN services.
**If possible, make sure your NetScaler ADC and Gateway appliances are isolated from the internet and accessible from trusted networks only. Them plan a quick update. If you can't isolate from the internet, this is urgent. Update the firmware to the fixed versions (14.1-66.59, 13.1-62.23, or 13.1-37.262 for FIPS/NDcPP). Attackers have previously exploited similar flaws via the CitrixBleed exploit.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-memory-leak-and-session-hijacking-vulnerabilities-patched-in-citrix-netscaler-s-x-0-i-0/gD2P6Ple2L
Critical Langflow RCE Vulnerability CVE-2026-33017 Exploited Within Hours
Researchers report active exploitation of a critical RCE vulnerability (CVE-2026-33017) in Langflow that allows unauthenticated attackers to execute arbitrary Python code and steal sensitive API keys. The flaw was weaponized within 20 hours of disclosure, targeting exposed AI orchestration pipelines to harvest credentials and environment variables.
**If you're running Langflow, this is urgent. Update immediately to version 1.9.0.dev8 or later to patch CVE-2026-33017, and disable the AUTO_LOGIN=true default setting. Until you can update, restrict network access to the vulnerable endpoint, place Langflow behind a reverse proxy with authentication. Regardless if you patch or isolate, make sure to rotate all API keys and credentials the platform uses after isolating.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/critical-langflow-rce-vulnerability-cve-2026-33017-exploited-within-hours-q-n-c-a-6/gD2P6Ple2L
@fbinin Ray's Requests!
Absolutely fake, but still so very believable as an internal conversation 
Critical Microsoft SharePoint RCE Vulnerability CVE-2026-20963 Under Active Exploitation
Microsoft SharePoint is under active exploitation of a critical RCE vulnerability (CVE-2026-20963) that allows unauthenticated attackers to take over servers via a deserialization flaw.
**Your SharePoint servers are under attack. Ideally, isolate them from the internet and make them accessible only from internal networks. Them apply the January 2026 patch ASAP. If you are still using SharePoint 2013 or older, isolate them and upgrade to a newer version. Those old systems are permanently vulnerable.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/critical-microsoft-sharepoint-rce-vulnerability-cve-2026-20963-under-active-exploitation-l-r-5-d-h/gD2P6Ple2L
Critical RCE Vulnerability Patched in Delta Electronics COMMGR 2
Delta Electronics patched a critical stack-based buffer overflow (CVE-2026-3630) and an out-of-bounds read (CVE-2026-3631) in its COMMGR 2 software that could allow unauthenticated attackers to execute remote code or leak sensitive data.
**Make sure all industrial devices are isolated from the internet and accessible from trusted networks only. Update Delta Electronics COMMGR 2 software to version 2.11.1 as soon as possible. In the meantime make sure they are isolated from the internet.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-rce-vulnerability-patched-in-delta-electronics-commgr-2-l-p-i-8-y/gD2P6Ple2L
Exclusive must read.
My favorite:
Q: What informs your personal sense of morality?
A: Previous things I’ve gotten away with.
While leading OpenAI, Sam Altman has weathered leaked internal memos, an attempt to oust him as CEO, and widespread skepticism about artificial intelligence’s role in society. The Onion sat down with the entrepreneur to hear his vision for the technology’s future. The Onion: Good morning, Sam. How are you doing today?Altman: Certainly! Here are some […]
The Onion (theonion.com)
Aura Data Breach: Vishing Attack Exposes 900,000 Marketing Records
Aura confirmed a data breach affecting 900,000 email records after a vishing attack on an employee allowed the ShinyHunters group to access a legacy marketing tool inherited from a 2021 acquisition.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/aura-data-breach-vishing-attack-exposes-900000-marketing-records-2-5-2-8-a/gD2P6Ple2L
Which is it:
1. Dire Straits video from 1985?
2. Computer game from 1991?
3. Metaverse from 2022?
Critical Unpatched Telnetd Flaw Enables Unauthenticated Root Remote Code Execution
GNU InetUtils telnetd contains a critical unpatched buffer overflow (CVE-2026-32746) that allow unauthenticated remote code execution.
**Another critical and trivial flaw in Telnet. Check if you are using Telnet anywhere in your network. It's urgent. Stop using Telnet and switch to SSH. Naturally, as a first step make sure to isolate the Telnet interface to trusted networks. But that's not a good long term approach, Telnet is inherently a lot less secure than SSH.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-unpatched-telnetd-flaw-enables-unauthenticated-root-remote-code-execution-1-g-5-5-g/gD2P6Ple2L
Let's see if anyone remembers...
State of (in)security - Week 11, 2026
During the week of March 9–16, 2026, the cybersecurity landscape saw 22 advisories and 16 incidents including ransomware, data breaches, and actively exploited vulnerabilities in products like SolarWinds, Ivanti, and Salesforce. Over 3.3 million individuals impacted, largely by a single Cal AI breach exposing 3 million records. Malware/ransomware and software vulnerability exploits were the leading causes, hitting sectors from healthcare and finance to consulting and food & beverage.
**If you use AI platforms and chatbots, remember that they are just web applications and have a bunch of other possible flaws. Make sure databases, API endpoints, and system prompts are locked down with proper authentication, access controls, and integrity monitoring, not left exposed as an afterthought. Regularly audit your AI infrastructure for basic web application flaws like exposed APIs, SQL injection, and missing authentication, because even the most advanced AI tools can be undone by classic, well-known security mistakes.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-11-2026-m-2-h-j-4/gD2P6Ple2L
Veeam Patches Critical RCE Vulnerabilities in Backup & Replication Software
Veeam patched critical RCE vulnerabilities (CVSS 9.9) in its Backup & Replication software that allow authenticated users to take full control of backup servers.
**If you are using Veeam Software, make sure it's isolated both from the internet and from your main domain so a single stolen password doesn't lead to total data loss. Then plan a quick patch cycle, since any isolation will be breached given enough time.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/veeam-patches-critical-rce-vulnerabilities-in-backup-replication-software-o-1-9-7-u/gD2P6Ple2L
Lloyds Banking Group Technical Glitch Exposes Private Customer Transactions
Lloyds Banking Group suffered a two-hour technical glitch that allowed customers to view strangers' private banking transactions, balances, and National Insurance numbers through its mobile apps. The incident affected Lloyds, Halifax, and Bank of Scotland users.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/lloyds-banking-group-technical-glitch-exposes-private-customer-transactions-w-u-8-8-g/gD2P6Ple2L
DragonForce Ransomware Group Leaks 79GB of Data from Australian Poultry Giant Hazeldenes
Australian poultry producer Hazeldenes suffered a ransomware attack by the DragonForce group, resulting in the theft and publication of 79GB of corporate and personal data. The incident disrupted regional food supplies.
****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/dragonforce-ransomware-group-leaks-79gb-of-data-from-australian-poultry-giant-hazeldenes-x-e-8-s-w/gD2P6Ple2L
