PP104: How SocGholish Picks Locks to Let In Ransomware
In the cybercrime industry, initial access brokers specialize in break-ins. They pick digital locks and slide open electronic windows, and then sell that access to other threat act…
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security e…
NB569: Adding Drones to Your DR Plan; Collision Avoidance (Orbital, not Wi-Fi)
Take a Network Break! We start with a critical vulnerability in Cisco’s Integrated Management Controller. In the news, Verizon settles patent litigation over IoT antenna technology…
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Rus…
Friendica – A Decentralized Social Network
Article URL: https://friendi.ca/ Comments URL: https://news.ycombinator.com/item?id=47648048 Points: 166 # Comments: 58
API authentication and authorization bypass
CVSSv3 Score: 9.1 An Improper Access Control vulnerability [CWE-284] in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via cra…
Claude Code Found a Linux Vulnerability Hidden for 23 Years
Article URL: https://mtlynch.io/claude-code-found-linux-vulnerability/ Comments URL: https://news.ycombinator.com/item?id=47633855 Points: 433 # Comments: 268
OpenClaw privilege escalation vulnerability
https://old.reddit.com/r/sysadmin/comments/1sbdw29/if_youre_...https://web.archive.org/web/20260403174514/https://old.reddi... Comments URL: https://news.ycombinator.com/item?id=4…
HN821: Boring Network Design Is Good
Ethan Banks sits down with Ryan Hamel at the 96th North American Network Operators’ Group (NANOG96). Ryan, a network automation developer for the Zayo Group, talks about why boring…
IPB197: SLAAC and the End of DHCP?
Today our hosts discuss the essential role of Stateless Address Autoconfiguration (SLAAC) in successfully deploying an IPv6-mostly network. SLAAC is required to assign a unique IPv…
Yggdrasil Network
Article URL: https://yggdrasil-network.github.io/ Comments URL: https://news.ycombinator.com/item?id=47618100 Points: 122 # Comments: 60
N4N052: Multicast Part 2
Lenny Giuliano, Sr. Distinguished Systems Engineer at HPE Juniper Networks, joins Holly and Ethan for another round of multicast. Part two helps fill in details not covered in epis…
We intercepted the White House app's network traffic
Article URL: https://www.atomic.computer/blog/white-house-app-network-traffic-analysis/ Comments URL: https://news.ycombinator.com/item?id=47595865 Points: 234 # Comments: 72
Vulnerability research is cooked
Article URL: https://sockpuppet.org/blog/2026/03/30/vulnerability-research-is-cooked/ Comments URL: https://news.ycombinator.com/item?id=47578086 Points: 267 # Comments: 170
Show HN: Zerobox – Sandbox any command with file, network, credential controls
I'm excited to introduce Zerobox, a cross-platform, single binary process sandboxing CLI written in Rust. It uses the sandboxing crates from the OpenAI Codex repo and adds addition…
Full network of clitoral nerves mapped out for first time
Article URL: https://www.theguardian.com/society/2026/mar/29/full-network-clitoral-nerves-mapped-out-first-time-women-pelvic-surgery Comments URL: https://news.ycombinator.com/item…
AyaFlow: A high-performance, eBPF-based network traffic analyzer written in Rust
Article URL: https://github.com/DavidHavoc/ayaFlow Comments URL: https://news.ycombinator.com/item?id=47563978 Points: 103 # Comments: 11
The European AllSky7 fireball network
Article URL: https://www.allsky7.net/#archive Comments URL: https://news.ycombinator.com/item?id=47539767 Points: 122 # Comments: 13
Country that put backdoors in Cisco routers to spy on world bans foreign routers
Article URL: https://www.theregister.com/2026/03/24/fcc_foreign_routers/ Comments URL: https://news.ycombinator.com/item?id=47506279 Points: 162 # Comments: 53
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wi…
My home network observes bedtime with OpenBSD and pf
Article URL: https://ratfactor.com/openbsd/pf-gateway-bedtime Comments URL: https://news.ycombinator.com/item?id=47489620 Points: 136 # Comments: 35
Migrating the American express payment network, twice
Article URL: https://americanexpress.io/migrating-the-payments-network-twice/ Comments URL: https://news.ycombinator.com/item?id=47483830 Points: 101 # Comments: 36
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three…
CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root
Article URL: https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root Comments URL: https://n…
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Mich…
Microsoft Patch Tuesday, March 2026 Edition
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this mo…
Authentication rate-limit bypass permits to brute force admin logins
CVSSv3 Score: 7.3 An Improper Control of Interaction Frequency vulnerability [CWE-799] in FortiWeb may allow a remote unauthenticated attacker to bypass the authentication ra…
Arbitrary file deletion in administrative interface
CVSSv3 Score: 6.0 An Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability [CWE-88] in FortiDeceptor WEBUI may allow a privileged a…
Buffer overflow via fgtupdates service
CVSSv3 Score: 7.0 A Stack-based Buffer Overflow vulnerability [CWE-121] in FortiManager fgtupdates service may allow a remote unauthenticated attacker to execute unauthorized…
Format string vulnerability in fazsvcd
CVSSv3 Score: 6.5 A use of externally-controlled format string vulnerability [CWE-134] in FortiAnalyzer, FortiAnalyzer Cloud, FortiManager and FortiManager Cloud fazsvcd daem…