Security Leftovers

posted by Roy Schestowitz on Mar 19, 2026

• LWN ☛ Security updates for Wednesday

  Security updates have been issued by AlmaLinux (.NET 10.0, .NET 9.0, compat-openssl11, container-tools:rhel8, grub2, and libvpx), Debian (ansible, gst-plugins-base1.0, and nodejs), Fedora (chromium, forgejo, and systemd), Oracle (container-tools:rhel8, grub2, kernel, libpng, libvpx, nginx, opencryptoki, python3.12, and vim), Red Hat (firefox, python-wheel, python3.12-wheel, and thunderbird), SUSE (389-ds, chromium, clamav, container-suseconnect, curl, freerdp, gvfs, kea, kubernetes, ruby4.0-rubygem-minitar, ruby4.0-rubygem-multi_xml, ruby4.0-rubygem-nokogiri, ruby4.0-rubygem-puma, ruby4.0-rubygem-rack, ruby4.0-rubygem-rack-session, ruby4.0-rubygem-rails, ruby4.0-rubygem-rails-html-sanitizer, ruby4.0-rubygem-railties, ruby4.0-rubygem-rubyzip, vim, and xen), and Ubuntu (flask, libssh, linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15,

  linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15, linux-gcp-6.17, linux-realtime, linux-realtime, linux-realtime, linux-realtime-6.8, snapd, and vim).

• SANS ☛ Scans for "adminer", (Wed, Mar 18th)

  A very popular target of attackers scanning our honeypots is "phpmyadmin". phpMyAdmin is a script first released in the late 90s [...]

• SANS ☛ Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)

• Silicon Angle ☛ Researchers discover zero-day DarkSword exploit chain in iOS 18

  Researchers from Surveillance Giant Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s GTIG threat intelligence team, Lookout Inc. and iVerify Inc. published their findings today. They named the vulnerability collection DarkSword. It affects multiple versions of iOS 18 that run on hundreds of millions of iPhones.

• Security Week ☛ Apple Debuts Background Security Improvements With Fresh WebKit Patches

  The lightweight updates are meant to deliver security protections between security updates.

• Security Week ☛ ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

  Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance.

• Scoop News Group ☛ Second iOS exploit kit now in use by suspected Russian hackers

  The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Surveillance Giant Google suggests.

• Devices/Embedded

  • Cyble Inc ☛ Water Infrastructure Cybersecurity Gets Boost In New York

    In response to these growing risks, Kathy Hochul, Governor of New York, announced this week a set of new cybersecurity regulations and a $2.5 million grant program aimed at helping communities protect drinking water and wastewater systems from cyber attacks. The initiative represents what state officials describe as a whole-of-government approach to water infrastructure cybersecurity, combining regulatory standards, financial support, and technical assistance to strengthen the security of essential services used by millions of New Yorkers.