%term

CVE-2025-32975: Arctic Wolf Observes Exploitation of Quest KACE Systems Management Appliance

Mar 19, 2026 By Andres Ramos In Arctic Wolf

Starting the week of March 9, 2026, Arctic Wolf observed malicious activity in customer environments potentially linked to the exploitation of CVE-2025-32975 on unpatched Quest KACE Systems Management Appliance (SMA) instances that were publicly exposed to the internet. This vulnerability was patched in May 2025. Quest KACE SMA is an on-premises appliance for centralized endpoint management, providing inventory, software deployment, patching, and endpoint monitoring capabilities.

Read Post

Arctic Wolf

Read more about CVE-2025-32975: Arctic Wolf Observes Exploitation of Quest KACE Systems Management Appliance

The Unsung AI Hero: Data Normalization

Mar 18, 2026 By Megan Horner In Seemplicity

AI agents are only as effective as the data they consume. In this post, we explore the unsung hero of the security stack: data normalization. This process serves as the deterministic guardrail that makes AI grounding possible. Without a structured data foundation, grounding is only as good as the often chaotic data being retrieved, leading to confident but incorrect AI responses.

Read Post

Seemplicity

Read more about The Unsung AI Hero: Data Normalization

Securing the Agent Skills Registry: How Snyk and Tessl Are Setting the Standard

Mar 17, 2026 By Stephen Thoemmes In Snyk

Agent skills are becoming the building blocks of AI-native software development, giving coding agents structured, versioned context, like how to use your APIs, how to build in your codebase, and how to enforce your team's policies. Developers install them from registries the same way they install npm packages or Python libraries. But unlike npm or PyPI, the agent skills ecosystem is new.

Read Post

Snyk

Read more about Securing the Agent Skills Registry: How Snyk and Tessl Are Setting the Standard

I Read Cursor's Security Agent Prompts, So You Don't Have To

Mar 17, 2026 By Randall Degges In Snyk

Cursor's security team built four autonomous agents that review 3,000+ PRs per week, catch 200+ vulnerabilities, and open fix PRs automatically. The engineering is impressive, and the prompts are shockingly simple. But there's a meaningful gap between "LLM agents reviewing PRs" and "enterprise security program," and that gap is exactly where things get interesting.

Read Post

Snyk

Read more about I Read Cursor's Security Agent Prompts, So You Don't Have To

Why Evolving Cyber Threats Rely on Old Vulnerabilities

Mar 16, 2026 By Daniel Imber In Outpost 24

Credential abuse, exploitation of vulnerabilities, or phishing were the initial access vectors in 61% of breaches in 2025, according to Verizon’s 2025 Data Breach Investigation Report. While new threats present fresh challenges to security teams, reports like this highlight that cybercriminals still favor well-established attack methods and exploit familiar weaknesses.

Read Post

Outpost 24

Read more about Why Evolving Cyber Threats Rely on Old Vulnerabilities

Lovable vs. Bolt - Vibe Code Challenge

Mar 16, 2026 By Snyk In Snyk

Which AI tool is better for building a real app without writing code, Bolt or Lovable? In this video, I put both AI app builders head-to-head using the exact same prompt to create a DIY home repair forum. From database setup to authentication, UI design, publishing, and security checks, we compare how each platform performs in real time. The goal isn’t just to generate something that looks like an app, it’s to see whether these tools can actually create something usable, functional, and potentially production-ready. We evaluate.

View Video

Snyk

Read more about Lovable vs. Bolt - Vibe Code Challenge

Stryker Systems Disrupted in Cyber Attack; Handala Group Claims Responsibility

Mar 13, 2026 By Arctic Wolf Labs In Arctic Wolf

On March 11, 2026, U.S. medical technology company Stryker Corporation disclosed a cyber attack that disrupted its global internal networks and Microsoft systems, leaving thousands of employees unable to access corporate systems and devices inoperable. In its SEC filing, Stryker stated it has no indication of ransomware or malware, considers the incident contained, and is assessing the full impact, with no timeline provided for full restoration.

Read Post

Arctic Wolf

Read more about Stryker Systems Disrupted in Cyber Attack; Handala Group Claims Responsibility

Multiple Authenticated High and Critical Vulnerabilities in Veeam Backup & Replication

Mar 13, 2026 By Andres Ramos In Arctic Wolf

On March 12, 2026, Veeam released fixes for multiple high and critical severity vulnerabilities in their Backup & Replication product that could allow remote code execution (RCE), privilege escalation, and credential theft. Arctic Wolf has not identified publicly available proof-of-concept exploits for these vulnerabilities, nor have we observed any exploitation.

Read Post

Arctic Wolf

Read more about Multiple Authenticated High and Critical Vulnerabilities in Veeam Backup & Replication

Emerging Threat: Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2026-21262)

Mar 12, 2026 By Igal Zeifman In CyCognito

CVE-2026-21262 is an elevation of privilege vulnerability affecting Microsoft SQL Server. The issue is caused by improper access control within SQL Server components, allowing an authenticated attacker to elevate privileges over a network.

Read Post