Welcome to the ONSEC Cyber Daily for March 20th, where today's cyber landscape unfolds like a high-stakes thriller. A critical flaw in Microsoft SharePoint has been thrust into the spotlight, now actively exploited by cybercriminals, while CISA sounds the alarm on a zero-day vulnerability in Cisco's Secure Firewall Management Center. As if that weren't enough, Zimbra webmail software and Apple's iOS face their own vulnerabilities, urging immediate updates to fend off sophisticated threats. Meanwhile, the DOD warns of AI-boosted cyberattack 'kill chains,' underscoring the relentless pace of cyber adversaries. Stay vigilant as we unravel these interconnected threats and arm you with the knowledge to protect your digital realm.

Exploits Alert

1. Critical Microsoft SharePoint Flaw Now Exploited in Attacks: A critical vulnerability in Microsoft SharePoint, initially patched in January, is now being actively exploited by attackers. This flaw allows unauthorized access and control over SharePoint servers, posing significant risks to organizations relying on this platform for collaboration. Immediate patching is advised to mitigate potential breaches. Source: Bleeping Computer
2. CISA Warns of Cisco Firewall 0-Day Exploited in Ransomware Attacks: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a zero-day vulnerability in Cisco Secure Firewall Management Center (FMC). This flaw is being exploited in ransomware attacks, threatening the security of networks using this firewall solution. Organizations are urged to apply available patches immediately. Source: Cyber Press
3. Malaysian Communications and Multimedia Commission Urges Immediate iOS Update: The Malaysian Communications and Multimedia Commission has highlighted critical vulnerabilities in iOS, urging users to update their devices. These vulnerabilities could allow unauthorized access to sensitive data stored on mobile devices, emphasizing the importance of timely software updates for security. Source: TechNave
4. Security Alert CVE-2026-21992 Released by Oracle: Oracle has released a security alert for CVE-2026-21992, a vulnerability that poses a significant threat to systems running Oracle software. This alert underscores the need for organizations to prioritize patch management to protect against potential exploitation. Source: Oracle Blogs
5. Hackers Target Millions of iPhones with New DarkSword Spyware: A new spyware named DarkSword is targeting millions of iPhones, exploiting vulnerabilities to gain unauthorized access and control. The lack of cleanup by attackers post-infiltration leaves devices vulnerable to further exploitation. Users are advised to update their devices and remain vigilant against suspicious activities. Source: Mashable

Vulnerabilities & Patches

1. Updated CISA Exploited Flaws List Adds SharePoint, Zimbra Bugs: The Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of exploited vulnerabilities, highlighting critical flaws in Microsoft SharePoint and Zimbra. Federal agencies are mandated to address CVE-2026-20963 and CVE-2026-20964 to prevent potential exploitation. These vulnerabilities could allow unauthorized access and remote code execution, posing significant security risks. Source: SC Media
2. Interlock Ransomware Targets Cisco FMC Zero-Day: The Interlock ransomware group has been exploiting a zero-day vulnerability in Cisco's Firepower Management Center (FMC), identified as CVE-2026-20131. This flaw, which precedes its official disclosure, allows attackers to execute arbitrary code, leading to potential system compromise. Organizations using affected Cisco products are urged to apply patches as soon as they become available. Source: SC Media
3. ConnectWise Warns of Critical ScreenConnect Vulnerability: A critical vulnerability in ConnectWise's ScreenConnect, tracked as CVE-2026-3564, could allow attackers to compromise server security by exposing machine keys. The flaw affects versions prior to 26.1, and users are advised to update to the latest version to mitigate potential risks. This vulnerability underscores the importance of timely patch management in safeguarding sensitive data. Source: SC Media
4. Telnetd Unauthenticated Remote Code Execution Vulnerability: A critical vulnerability, CVE-2026-32746, has been discovered in outdated InetUtils implementations bundled with embedded devices. This flaw allows unauthenticated remote code execution, posing a long-term exposure risk due to slow patch cycles. Organizations using affected devices should prioritize patching to prevent potential exploitation. Source: Security Boulevard
5. Apple iPhone Spyware Warning: Apple has disclosed a zero-day vulnerability, CVE-2026-20700, affecting millions of iPhones. This sophisticated flaw, which remained undetected, allows attackers to execute arbitrary code, compromising device security. Users are strongly advised to update their iOS devices immediately to protect against potential exploitation. Source: IBTimes

Podcasts

1. Security Breach: Finding the Soul of a Pirate: This podcast delves into the intriguing world of cybersecurity, exploring how making training engaging can significantly enhance learning outcomes. It also examines the unique impacts of artificial intelligence on cybersecurity, offering listeners a fresh perspective on how AI is reshaping the landscape. Source.
2. Anton’s Security Blog Quarterly Q1 2026: In this episode, Tom Hollingsworth discusses the future of cybersecurity leadership with insights from industry experts like Jen Easterly. The podcast covers key takeaways from the RSA Conference and explores emerging trends that are set to redefine the cybersecurity landscape. Source.
3. Operation Winter SHIELD: FBI Philadelphia on Safeguarding the Communications Sector: This episode focuses on the critical role of cybersecurity in protecting essential communication systems. It features insights from Amy Herzog on the Ahead of the Threat Podcast, highlighting strategies to safeguard community-dependent systems against evolving threats. Source.
4. 3 Cybersecurity Stocks to Invest In as AI Reshapes Industries: In this bonus episode of The Morning Filter podcast, co-host Dave Sekera and senior analyst Malik Ahmed Khan discuss investment opportunities in cybersecurity stocks. They explore how AI is transforming industries and the potential for growth in cybersecurity investments. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is more dynamic and challenging than ever. From the critical SharePoint flaw to CISA's urgent Intune warning, and the vulnerabilities lurking in Zimbra webmail software, the threats are real and evolving. Cybersecurity firm Seqrite's research underscores the importance of staying vigilant and proactive in our defense strategies. The CISA's alert about the Cisco Firewall 0-Day vulnerability reminds us that cybercriminals are always on the lookout for weaknesses to exploit. Meanwhile, the Malaysian Communications and Multimedia Commission's call for an immediate iOS update highlights the growing concerns around mobile device security. As we navigate these turbulent waters, sharing knowledge is our strongest ally. If you found today's insights valuable, please share this newsletter with your friends and colleagues. Let's work together to build a more secure digital world, one informed decision at a time. Stay safe, stay informed, and see you in the next issue of ONSEC Cyber Daily!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)