**Patch Tuesday, Router Vulnerabilities, and Phrack Calls for Papers: This Week in Security**

The intersection of security and vulnerability patches has brought a host of critical issues to light this week. As the calendar aligns Patch Tuesday with Friday the 13th, it's a reminder that cybersecurity threats are always lurking, waiting to exploit vulnerabilities in our systems. In this article, we'll delve into the latest updates, router vulnerabilities, and a call for papers from the renowned Phrack publication.

**Patching the Unpatchable: March's Critical Updates**

Microsoft's Patch Tuesday has arrived, bringing with it a batch of critical updates for various products, including SQL Server and Microsoft-hosted device pricing and payment orchestrator services. These patches address a range of vulnerabilities, some of which have already been exploited in the wild. As always, it's essential to prioritize these updates to prevent potential data breaches and ensure the security of your systems.

**Router Vulnerabilities: Time to Replace Old Gear**

The FBI has issued a warning regarding decommissioned end-of-life routers from major manufacturers, including Linksys and Cisco. These routers, once vulnerable to exploits, have now become a ticking time bomb for unsuspecting users. With the possibility of widespread compromise, it's crucial to upgrade to newer, more secure devices or explore alternative firmware options like OpenWRT. Remember, a vulnerable device exposed to the internet is a ticking time bomb, and it's only a matter of time before it's compromised.

**Government-Backed Exploit Toolkit Evolves into Cryptocurrency Stealer**

In a concerning development, a government-backed exploit toolkit has been converted into a generic crimeware exploit targeting iPhones. The "Coruna" exploit kit, documented by Google Threat Intelligence, combines 23 exploits into five chained attacks to execute code from a web page. This evolution highlights the difficulties in creating modern exploits and the ever-shifting landscape of cyber threats. The final payload focuses on cryptocurrency theft, searching for wallet addresses and recovery keys to pilfer digital assets.

**KEV Database: A Resource for Businesses and Governments**

The US Government Cyber Defense Agency (CISA) has added new warnings to the Known Exploited Vulnerabilities (KEV) database. This database aims to distill the overwhelming number of security issues into actionable vulnerabilities that have been observed in the wild. CISA advises not only federal and government agencies but also offers guidance for businesses of all sizes. Many of these vulnerabilities have already been patched, but the window of opportunity for exploitation is closing, making it even more critical to address these issues promptly.

**Phrack Calls for Papers: Contribute to the Summer Issue**

The venerable Phrack publication, a stalwart of telecom and computer security hackery since 1985, has an open call for papers to contribute to its summer issue. Phrack has been a font of critical explanations and explorations of security threats, including the influential "Smashing the Stack for Fun and Profit." If you think you've got something to share or want to explore their retro demo scene loading page and back issues, head over to the Phrack website.

In conclusion, this week's security updates have highlighted the importance of prioritizing patches, upgrading old gear, and staying vigilant in the face of evolving cyber threats. Whether you're a seasoned security professional or an enthusiast, it's essential to stay informed and take proactive measures to protect yourself and your systems.