The Hacker News

⚡ Apple backports CVE-2023-43010 fix after the WebKit flaw was used in the Coruna #iPhone exploit kit. It allows memory corruption via malicious web content. Fix now covers iOS 15.8.7 & 16.7.15 devices, including iPhone 6s, 7, 8 & X. 🔗 Read → https://thehackernews.com/2026/03/apple-issues-security-updates-for-older.html

⚠️ CISA confirms active exploitation of CVE-2025-68613 in the #n8n automation platform. The expression-injection flaw allows authenticated attackers to run code with n8n process privileges—exposing data, altering workflows, or taking full control of the instance. 🔗 Read → https://thehackernews.com/2026/03/cisa-flags-actively-exploited-n8n-rce.html

A new Wi-Fi attack called AirSnitch shows client isolation may not protect users on shared networks. Researchers found every tested router vulnerable to at least one technique that lets attackers intercept traffic from nearby devices connected to the same Wi-Fi. 🔗 Read → https://thehackernews.com/2026/03/weekly-recap-qualcomm-0-day-ios-exploit.html#:~:text=New%20AirSnitch%20Attack%20Shows%20Wi%2DFi%20Client%20Isolation%20May%20Not%20Be%20Enough

🤖🎣 Researchers show AI web agents can be trained to fall for phishing. Exploiting Agentic Blabbering, attackers observe the browser’s reasoning and refine scam pages until the AI stops flagging them. 🔗 Read → https://thehackernews.com/2026/03/researchers-trick-perplexitys-comet-ai.html

🛑 Two critical flaws in #n8n enable remote code execution. One bug lets attackers inject shell commands via public form inputs. Another escapes the expression sandbox. Chained together, attackers could decrypt stored credentials including API keys, tokens, and passwords. 🔗 Details → https://thehackernews.com/2026/03/critical-n8n-flaws-allow-remote-code.html

Meta disabled 150,000+ scam accounts tied to fraud compounds across Southeast Asia. The coordinated action with authorities in 11 countries led to 21 arrests by Thai police. Meta also added scam warnings on Facebook and AI chat-review tools on Messenger and WhatsApp. 🔗 Read → https://thehackernews.com/2026/03/meta-disables-150k-accounts-linked-to.html

Transform risk into opportunity! Big news from AuditBoard - they're now Optro. A name change that signals something real — a connected view across audit, risk, and compliance that helps organizations get ahead of risk, not just respond to it. Learn why over 50% of the Fortune 500 trust Optro to transform risk into opportunity. We are looking forward to watching the next chapter → https://thn.news/compliance-ai

⚠️ Security patches rolled out across 50+ vendors this cycle. SAP fixed critical Log4j and NetWeaver flaws. Microsoft patched 84 bugs. Adobe resolved 80. HPE closed a CVSS 9.8 Aruba authentication bypass. Cisco, GitLab, Linux distros, and many others also issued fixes. 🔗 Read → https://thehackernews.com/2026/03/dozens-of-vendors-patch-security-flaws.html

⚠️ Most companies still carry thousands of open CVEs. AI now automates recon, vuln discovery, and exploit development. What once looked like technical debt is quickly becoming an attack surface. Backlogs aren’t passive risk anymore. They’re weapons. 🔗 Why AI is changing vulnerability risk → https://thehackernews.com/2026/03/what-boards-must-demand-in-age-of-ai.html

⚡ Microsoft patched 84 vulnerabilities in March Patch Tuesday, including 8 critical flaws and two publicly known zero-days in .NET and SQL Server. Researchers say 55% are privilege-escalation bugs. Fixes also address Azure MCP token-theft risk and an Excel flaw that could enable data exfiltration. 🔗 Key CVEs and risks explained → https://thehackernews.com/2026/03/microsoft-patches-84-flaws-in-march.html

🛑 Attackers turned the nx npm supply-chain compromise into full AWS admin access in under 72 hours. Google says UNC6426 stole a developer’s GitHub token via QUIETVAULT, abused GitHub-to-AWS OIDC trust, created a new admin role, then accessed S3 data and destroyed production systems. 🔗 Read → https://thehackernews.com/2026/03/unc6426-exploits-nx-npm-supply-chain.html

⚠️ Five Rust crates on crates-io posed as time tools but secretly stole dev secrets. They targeted .env files, siphoning API keys and tokens from developer machines and CI pipelines. Removed now, but stolen credentials may still be active. 🔗 Read → https://thehackernews.com/2026/03/five-malicious-rust-crates-and-ai-bot.html