DarkSword iOS Exploit Kit: Six Vulnerabilities, Three Zero-Days, and Full Device Takeover
20 Mar 2026 Peter Bassill
Researchers at Google, iVerify, and Lookout have exposed DarkSword, a full-chain iOS exploit kit targeting iPhones running iOS 18.4–18.7. Leveraging six vulnerabilities including three zero-days, the kit has been used by multiple threat actors — including a suspected Russian espionage group — to silently exfiltrate credentials, crypto wallets, messages, and more within seconds of a single page visit.
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Unauthenticated Root Access
20 Mar 2026 Peter Bassill
Interlock ransomware exploited Cisco Secure Firewall Management Center zero-day CVE-2026-20131 (CVSS 10.0) as early as January 2026 — over a month before public disclosure. We examine the full attack chain, the tooling exposed by the threat actor's own opsec failure, and the mitigations every defender should apply immediately.
CVE-2026-32746 Enables Unauthenticated Root RCE
18 Mar 2026 Peter Bassill
A critical, as-yet-unpatched buffer overflow in GNU InetUtils telnetd allows any unauthenticated attacker to achieve remote code execution as root via a single connection to TCP port 23 — no credentials, no user interaction required. A fix is expected by 1 April 2026. Organisations should disable Telnet immediately if it is not strictly necessary.