CISA Adds Apple iOS Zero-Days to KEV: Patch Your iPhone Today

March 11, 2026March 11, 2026 ~ larshilse ~ Leave a comment

I just got done writing about VMware Aria Operations being added to CISA's Known Exploited Vulnerabilities catalog — management console, admin bypass, actively exploited, patch immediately — and before I'd even updated the slug I get the alert: CISA has added Apple iOS vulnerabilities to the KEV list. Again. Because we do this every few … Continue reading CISA Adds Apple iOS Zero-Days to KEV: Patch Your iPhone Today

Android Zero-Day CVE-2026-21385: Patch Your Phones Right Now

March 5, 2026March 5, 2026 ~ larshilse ~ Leave a comment

It's March. It's 2026. And apparently we still need to have the conversation about patching your phones. I know. I know. I've said it before. I'll say it again, because apparently some people need to hear it repeatedly, ideally at increasing volume. Google just dropped the March 2026 Android security patch, and buried in there … Continue reading Android Zero-Day CVE-2026-21385: Patch Your Phones Right Now