Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

/in

Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer environments.
The last known clean release of Trivy on Docker Hub is 0.69.3. The malicious versions 0.69.4, 0.69.5, and 0.69.6 have since been removed from the container image library.
“New image tags 0.69.5 and

The Hacker News – ​Read More

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

/in

CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. 

The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

/in

Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf.
The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments that’s consistent with the exploitation of CVE-2025-32975 on unpatched SMA systems exposed to the internet. It’s

The Hacker News – ​Read More

How to share your location on Android: 5 quick and easy ways – including by text

/in

Share your current or live location from your Android phone in seconds, using the apps you already have installed.

Latest news – ​Read More

A $30 router with a built-in VPN? I had to try it – and haven’t had any regrets

/in

The GL.iNet Mango mini smart router gives me total control of how I access the internet when I travel.

Latest news – ​Read More

Samsung confirms latest Galaxy phones will support AirDrop compatibility – and I’m thrilled

/in

A global rollout will allow the latest Samsung phones to Quick Share with various Apple devices.

Latest news – ​Read More

How to AirDrop on an Android phone (and the few models that can actually do it)

/in

Google has found a way for Quick Share to play nicely with AirDrop, paving the way for the new sharing method.

Latest news – ​Read More

How to build better AI agents for your business – without creating trust issues

/in

Agents are coming. Here are four ways to prepare for the AI-powered workplace revolution.

Latest news – ​Read More

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

/in

The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector.

The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Delve accused of misleading customers with ‘fake compliance’

/in

An anonymous Substack post accuses compliance startup Delve of “falsely” convincing “hundreds of customers they were compliant” with privacy and security regulations.

Security News | TechCrunch – ​Read More