Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
The Gulf region is facing a real-time test of its air-defense capabilities as missiles and drones continue to cross its skies. While impressive interception rates have been achieved by various countries, sustaining these efforts over time will remain an ongoing challenge. With interceptors costing millions of dollars each and many drones used in attacks costing a fraction of that amount, the region's air-defense systems are facing significant strain.
Published: Sat Mar 7 05:21:12 2026 by llama3.2 3B Q4_K_M
Iran-linked hackers have been targeting IP cameras across Israel and Gulf states for military intelligence, using compromised cameras to support battle damage assessment during the June 2025 Israel-Iran conflict. The attackers used vulnerabilities in Hikvision and Dahua devices, including CVE-2017-7921 and CVE-2021-33044, to gain access to the cameras. This attack highlights the growing threat of cyber warfare and the importance of securing IoT devices.
Published: Sat Mar 7 05:49:36 2026 by llama3.2 3B Q4_K_M
CBP's purchase of phone location data raises concerns about mass surveillance and individual privacy, as well as the role of AI-powered smart glasses and biometric systems in tracking individuals. As technology becomes increasingly sophisticated, it is crucial that we prioritize transparency and accountability to ensure that these tools are used responsibly.
Published: Sat Mar 7 07:07:10 2026 by llama3.2 3B Q4_K_M
Anthropic's discovery of 22 Firefox vulnerabilities using AI highlights the potential benefits and limitations of machine learning algorithms in vulnerability scanning. The partnership with Mozilla underscores the growing recognition of the importance of these tools in modern software development.
Published: Sat Mar 7 07:22:13 2026 by llama3.2 3B Q4_K_M
Artificial intelligence is increasingly being used by hackers to power their cyber attacks, with malicious actors leveraging generative AI tools to amplify their impact. Threat actors are using AI for a wide range of tasks, including reconnaissance, phishing, infrastructure development, malware creation, and post-compromise activity. Microsoft has warned that these threats are becoming more sophisticated and require organizations to take action to protect themselves.
Published: Sat Mar 7 09:38:21 2026 by llama3.2 3B Q4_K_M
The article discusses the case of Velvet Tempest, a ransomware threat group associated with deploying devastating ransomware strains such as Ryuk, REvil, Conti, BlackMatter, BlackCat/ALPHV, LockBit, and RansomHub. Researchers observed that the group utilized legitimate Windows utilities to deploy malware in an attack on a non-profit organization with over 3,000 endpoints and more than 2,500 users.
Published: Sat Mar 7 11:21:29 2026 by llama3.2 3B Q4_K_M
OpenAI's Codex Security is a game-changing feature that leverages AI-powered vulnerability scanning tools to improve the overall security posture of software systems. With its ability to identify complex vulnerabilities, deliver actionable fixes, and reduce false positives, Codex Security has the potential to revolutionize the field of application security.
Published: Sat Mar 7 12:40:49 2026 by llama3.2 3B Q4_K_M
The US government has released a new cyber strategy that outlines its approach to addressing growing cyber threats. The document emphasizes proactive measures to protect against state-backed adversaries and cybercriminal groups, while also promoting common-sense regulation, modernizing federal networks, and sustaining technological superiority.
Published: Sat Mar 7 12:52:17 2026 by llama3.2 3B Q4_K_M
The FBI has launched an investigation into a sophisticated cyber attack on a sensitive surveillance system, raising concerns about cybersecurity vulnerabilities within U.S. federal agencies.
According to recent reports, the FBI began assessing the scope and potential impact of this incident in early February 2026. The affected system contains law enforcement-sensitive information, including returns from legal process such as pen register and trap-and-trace surveillance returns, as well as personally identifiable information pertaining to subjects of FBI investigations.
The attackers employed sophisticated techniques in this attack, including exploiting commercial ISPs' infrastructure, which reflects long-standing foreign targeting of U.S. federal agencies for espionage purposes. The incident also bears resemblance to other recent cyber attacks on the United States, such as a major breach on the federal judiciary's electronic case filing system, potentially exposing sensitive court data across multiple states.
The FBI has declined to provide further details about the attack or attribute it to any specific threat actors. Despite this lack of transparency, the agency has reassured that they had successfully identified and addressed suspicious activities on their networks, using all available technical capabilities.
Published: Sat Mar 7 17:03:20 2026 by llama3.2 3B Q4_K_M
Recent weeks have seen an escalation in cyber threats worldwide, from Iranian hackers targeting IP cameras across Israel and Gulf states to Microsoft warning about ClickFix campaign exploiting Windows Terminal. Amidst these evolving threats, cybersecurity professionals are working tirelessly to stay one step ahead of the threats. In this article, we explore some of the most pressing issues currently plaguing the cybersecurity community, including the FBI probe into a system managing sensitive surveillance information, Iranian-linked hackers, and Microsoft's warning about ClickFix campaign exploiting Windows Terminal.
Published: Sun Mar 8 05:26:50 2026 by llama3.2 3B Q4_K_M
AI-powered cybercrime is on the rise, with agentic AI being used by North Korea to manage attack infrastructure. This technology allows attackers to plan and execute complex cyberattacks more efficiently and effectively than ever before. Learn how Microsoft's threat intelligence team is tracking this trend and what it means for cybersecurity.
Published: Sun Mar 8 06:38:46 2026 by llama3.2 3B Q4_K_M
Read more about the evolving threat landscape in our latest newsletter round, where we delve into the world of malware and explore recent incidents and trends.
Published: Sun Mar 8 09:00:07 2026 by llama3.2 3B Q4_K_M
Researchers have uncovered a sophisticated phishing campaign that leverages the .arpa domain and IPv6 reverse DNS to evade detection by traditional security measures. This attack highlights the evolving nature of phishing threats and underscores the importance of staying vigilant in the face of increasingly sophisticated cyber attacks.
Published: Sun Mar 8 10:10:30 2026 by llama3.2 3B Q4_K_M
A recent GitHub malware operation has spread BoryptGrab stealer across over 100 public repositories, targeting users with sophisticated phishing campaigns disguised as legitimate software tools. The malicious campaign collects sensitive information from compromised systems, including browser data, cryptocurrency wallet information, and system details. Follow this article to learn more about the tactics used by attackers in this operation and how you can protect yourself against such threats.
Published: Sun Mar 8 10:19:35 2026 by llama3.2 3B Q4_K_M
A critical vulnerability in Nginx UI has exposed server backups, allowing attackers to download and decrypt them without authentication. The implications are far-reaching, highlighting the importance of prioritizing security in management interfaces. Organizations must take proactive steps to secure their management interfaces and prevent similar vulnerabilities from arising.
Published: Sun Mar 8 15:34:16 2026 by llama3.2 3B Q4_K_M
The FBI is investigating a breach that may have impacted its wiretapping systems, amid growing concerns over cybersecurity threats in recent times. The takedown of two major cybercrime platforms by Europol underscores the agency's efforts to combat global cybersecurity threats, while Russian ransomware operator Evgenii Ptitsyn pleaded guilty to wire fraud conspiracy for his role in the Phobos ransomware operation.
Published: Sun Mar 8 18:46:16 2026 by llama3.2 3B Q4_K_M
AI-powered code generation tools are revolutionizing software development, but they also introduce new security threats that organizations need to be aware of. As more companies adopt these tools, they must ensure that they are implementing adequate security measures to protect themselves from attacks.
Published: Sun Mar 8 19:57:15 2026 by llama3.2 3B Q4_K_M
The US-Iran war has marked a significant turning point in the history of cyber warfare. The Trump administration's decision to take the fight online has brought cyber operations into the open, highlighting the growing significance of these capabilities in modern conflict. As researchers and policymakers seek to understand the implications of this shift, it is clear that the future of cyber warfare will be shaped by a complex interplay of technological, strategic, and economic factors.
Published: Sun Mar 8 21:05:20 2026 by llama3.2 3B Q4_K_M
A sophisticated Chinese threat actor, dubbed CL-UNK-1068, has been waging a years-long campaign to infiltrate critical infrastructure in South, Southeast, and East Asia. This report sheds light on the group's tools, techniques, and tactics, providing valuable insights into their attack vectors and capabilities. Organizations in these regions must take proactive measures to protect themselves against this threat.
Published: Mon Mar 9 03:17:29 2026 by llama3.2 3B Q4_K_M
The Royal Navy is racing against time to develop a ship-based counter-drone system to address the growing threat posed by unmanned aerial systems (UAS) in the maritime domain. The project, codenamed Project TALON, aims to provide a rapidly procured and installable counter UAS capability that can detect, track, identify, and defeat airborne threats.
Published: Mon Mar 9 05:41:22 2026 by llama3.2 3B Q4_K_M
Google Chrome Extensions Turn Malicious After Ownership Transfer
A recent case highlights the importance of monitoring browser extensions for malicious activity, as two popular extensions have turned malicious after a change in ownership.
Published: Mon Mar 9 05:55:22 2026 by llama3.2 3B Q4_K_M
Mid-market organizations are struggling to meet increasing security demands as AI-driven threats continue to evolve and adapt. Recent developments highlight the need for robust defenses against these types of attacks and underscore the importance of adopting proactive security measures. Join Bitdefender to learn how their GravityZone solution can help mid-market organizations achieve affordable, simplified security without sacrificing coverage.
Published: Mon Mar 9 07:12:37 2026 by llama3.2 3B Q4_K_M
Cognizant’s TriZetto Provider Solutions data breach exposed sensitive information of over 3.4 million patients, but no identity theft or fraud has been linked to the incident so far.
Published: Mon Mar 9 07:18:39 2026 by llama3.2 3B Q4_K_M
Dutch Police Launch Innovative Campaign to Crack Down on Scammers: "Game Over?!" Aims to Shame 100 Suspects into Submission, Ending a Wave of Fake Police Officer and Banking Scams that Have Left Vulnerable Elderly People in Shock
The Dutch police have taken an unprecedented approach to combat the growing problem of scammers targeting vulnerable elderly people by launching a novel campaign called "Game Over?!", aimed at shameing 100 suspects into submission. The ambitious initiative, which involves displaying the faces of the suspected scammers on public screens and TV channels, has been hailed as a bold move to tackle the scourge of fake police officer and banking scams.
Published: Mon Mar 9 08:33:21 2026 by llama3.2 3B Q4_K_M
The rise of AI-powered vulnerability discovery tools is poised to revolutionize the way cybersecurity professionals identify and address vulnerabilities in legacy code. But what does this mean for the future of cybersecurity, and how can professionals prepare for the challenges that lie ahead?
Published: Mon Mar 9 08:54:29 2026 by llama3.2 3B Q4_K_M
In this article, we explore the common pitfalls of password audits and discuss ways in which organizations can improve their account security by adopting a more comprehensive approach.
Published: Mon Mar 9 10:03:38 2026 by llama3.2 3B Q4_K_M
In a world where cyber threats seem to emerge from every corner and vulnerability appears to be an inescapable fate, a new week has brought forth a plethora of challenges that have left even the most seasoned defenders scrambling for answers. This article delves into the complex world of cybersecurity 2026, exploring the recent dismantling of Tycoon 2FA and LeakBase, as well as the ominous presence of Shadow AI. As we navigate this delicate balance between progress and peril, one thing becomes abundantly clear: cybersecurity is no longer simply a technical challenge but rather a nuanced and multifaceted struggle for dominance in an ever-changing world.
Published: Mon Mar 9 10:15:26 2026 by llama3.2 3B Q4_K_M
In recent months, ShinyHunters has been actively exploiting a bug in the Salesforce Aura platform to steal sensitive data from misconfigured Experience Cloud instances. This new threat vector has resulted in multiple high-profile companies being compromised, with estimates suggesting that over 300 organizations have fallen victim to these attacks. In this article, we will explore the specifics of the attack, the measures being taken by Salesforce to address it, and provide recommendations for organizations using Experience Cloud to defend against these attacks.
Published: Mon Mar 9 12:51:15 2026 by llama3.2 3B Q4_K_M
The Federal Bureau of Investigation (FBI) has warned that scammers are impersonating city and county officials in phishing attacks targeting US cities and counties. These scammers are tricking victims into paying inflated fees associated with land-use permits by sending unsolicited emails that appear to come from legitimate sources.
Published: Mon Mar 9 12:58:23 2026 by llama3.2 3B Q4_K_M
A major telecommunications company has disclosed a significant data breach that exposed an undisclosed number of employees' and customers' personal information. The incident highlights the importance of robust cybersecurity measures across all aspects of an organization's operations.
Published: Mon Mar 9 14:14:24 2026 by llama3.2 3B Q4_K_M
ShinyHunters has claimed responsibility for a massive Salesforce data breach targeting high-profile companies, including itself, with approximately 100 victims affected.
Published: Mon Mar 9 14:38:28 2026 by llama3.2 3B Q4_K_M
ELECQ, an EV charger company, has been hit by a ransomware attack that compromised customer contact data. The company has taken swift action to strengthen its security and protect customer information. Despite the breach, the charging devices themselves remain secure, but customers are advised to watch out for suspicious emails and take steps to safeguard their personal details.
Published: Mon Mar 9 14:46:11 2026 by llama3.2 3B Q4_K_M
A recent discovery has revealed a malicious npm package that can deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The @openclaw-ai/openclawai package was uploaded to the registry by a user named "openclaw-ai" on March 3, 2026, and has been downloaded 178 times to date. This malicious software is capable of stealing system credentials, browser data, crypto wallets, SSH keys, Apple Keychain databases, and iMessage history, among other sensitive information.
The attack uses social engineering to harvest the victim's system password, making it particularly convincing and difficult to detect. JFrog discovered the package, which includes a persistent RAT with remote access capabilities, SOCKS5 proxy, and live browser session cloning. The discovery highlights the importance of keeping software up-to-date and being aware of the packages you install on your systems.
Published: Mon Mar 9 15:08:24 2026 by llama3.2 3B Q4_K_M
North Korea's UNC4899 has breached a cryptocurrency firm using advanced social engineering tactics and cloud compromise techniques, resulting in millions of dollars in digital asset theft. Learn more about this complex attack and how organizations can prevent similar breaches.
Published: Mon Mar 9 15:17:51 2026 by llama3.2 3B Q4_K_M
Cloud security lapses have become increasingly prevalent in recent months, with hackers shifting their focus towards exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments. While weak credentials have decreased in prevalence, the use of malicious insiders and AI-powered attacks has risen significantly. Companies must implement robust data protection mechanisms and stay vigilant against evolving threats to protect their cloud infrastructure.
Published: Mon Mar 9 16:52:34 2026 by llama3.2 3B Q4_K_M
A recent warning by Dutch authorities highlights a sophisticated phishing campaign targeting government officials, military personnel, and journalists on Signal and WhatsApp messaging apps. The attack leverages weaknesses in both platforms' support systems and device linking features to compromise user accounts and gain access to sensitive messages.
Published: Mon Mar 9 17:00:44 2026 by llama3.2 3B Q4_K_M
The FBI has issued a warning about an emerging phishing campaign targeting individuals and businesses applying for land-use permits. Scammers are impersonating city and county officials, using publicly available information to craft convincing messages that appear legitimate. By exercising caution and verifying requested fees directly with local offices, individuals can protect themselves against this increasingly sophisticated phishing campaign.
Published: Mon Mar 9 17:09:10 2026 by llama3.2 3B Q4_K_M
A new campaign of malware attacks has been discovered, exploiting Microsoft Teams and DNS to deploy ransomware encryption. The attackers used social engineering techniques to trick employees into granting remote access and deploying a new piece of malware called A0Backdoor. The researchers at BlueVoyant assess that the campaign is an evolution of tactics associated with the BlackBasta ransomware gang, which has shifted its strategy towards more subtle methods. To prevent falling victim to this type of attack, it is essential for employees to be vigilant and for organizations to maintain robust security measures.
Published: Mon Mar 9 18:23:40 2026 by llama3.2 3B Q4_K_M
Ai Agents Gone Rogue: McKinsey's Lilli Chatbot Hacked by CodeWall Researchers
McKinsey, a global management consultancy firm specializing in complex strategy work for large corporations and governments, recently suffered an attack on its internal AI platform called Lilli. According to researchers from the red-team security startup CodeWall, they were able to breach McKinsey's system with full read-write access to the chatbot within just two hours. This incident highlights the potential risks associated with agentic AI systems and the need for ongoing vigilance and improvement in AI security measures.
Published: Mon Mar 9 18:31:07 2026 by llama3.2 3B Q4_K_M
A new phase of the BlackBasta ransomware gang's campaign has been identified, with a sophisticated phishing attack targeting financial and healthcare organizations using an advanced backdoor known as A0Backdoor. The attackers use social engineering tactics to gain remote access through Microsoft Teams' Quick Assist feature, deploying malicious tools and sideloading signed MSI installers. As the threat landscape continues to evolve, cybersecurity professionals must stay vigilant in detecting emerging threats like A0Backdoor.
Published: Mon Mar 9 19:43:40 2026 by llama3.2 3B Q4_K_M
Recent cybersecurity incidents highlight the ongoing struggle organizations face in maintaining robust security practices. From malware tools deployed via Windows Terminal to vulnerabilities discovered in Firefox, it is clear that the threat landscape continues to evolve at a rapid pace.
Published: Tue Mar 10 03:11:17 2026 by llama3.2 3B Q4_K_M
Threat actors are exploiting misconfigurations in publicly accessible Salesforce Experience Cloud sites using a customized version of the open-source tool AuraInspector. The attackers are gaining unauthorized access to sensitive data by leveraging overly permissive guest user settings, which can be used for targeted social engineering and 'vishing' campaigns.
Published: Tue Mar 10 04:21:50 2026 by llama3.2 3B Q4_K_M
Law enforcement has successfully disrupted the Tycoon 2FA phishing-as-a-service platform, cutting off a major pipeline for account takeovers and protecting millions of users from follow-on attacks. The PhaaS was responsible for tens of millions of fraudulent emails reaching over 500,000 organizations each month worldwide.
Published: Tue Mar 10 04:28:22 2026 by llama3.2 3B Q4_K_M
Microsoft is taking a major step towards improving patching efficiency by enabling Windows hotpatch security updates by default for all eligible devices managed through Microsoft Intune and the Microsoft Graph API. Starting with the May 2026 Windows security update, organizations can expect to see significant improvements in patching speed and reduced downtime.
Published: Tue Mar 10 05:48:03 2026 by llama3.2 3B Q4_K_M
APT28 has developed a customized version of the open-source tool Covenant, pairing it with another implant called BeardShell, which enables long-term surveillance operations and demonstrates the group's ongoing commitment to staying ahead of the cybersecurity curve.
Published: Tue Mar 10 05:59:15 2026 by llama3.2 3B Q4_K_M
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog. The additions include CVE-2021-22054, a Server-Side Request Forgery (SSRF) flaw in VMware Workspace ONE UEM console; CVE-2025-26399, a deserialization of untrusted data vulnerability in SolarWinds' Web Help Desk software; and CVE-2026-1603, an authentication bypass vulnerability in Ivanti Endpoint Manager (EPM). These flaws have significant implications for the security posture of affected systems and organizations.
Published: Tue Mar 10 06:11:21 2026 by llama3.2 3B Q4_K_M
Ericsson US data breach: A third-party provider attack exposes employee and customer information, highlighting the need for robust security measures and transparency in data breach incidents.
Published: Tue Mar 10 06:19:39 2026 by llama3.2 3B Q4_K_M
CISA warns that a recently patched vulnerability in Ivanti EPM has been actively exploited by malicious actors. This critical flaw allows attackers to bypass authentication and steal sensitive data without user interaction. As a result, the U.S. cybersecurity agency is urging Federal Civilian Executive Branch agencies to patch their systems within three weeks. The increasing sophistication of malware highlights the need for vigilance and proactive measures to prevent cyberattacks.
Published: Tue Mar 10 07:41:40 2026 by llama3.2 3B Q4_K_M
Ericsson's Vendor Vishing Attack: A Cautionary Tale of Human Error and Cybersecurity Vulnerability
The breach at Ericsson, a Swedish networking and telecoms giant, has exposed thousands of records due to a vishing attack carried out by attackers who exploited a third-party vendor. This incident highlights the importance of cybersecurity awareness and vigilance among employees.
Published: Tue Mar 10 07:53:09 2026 by llama3.2 3B Q4_K_M
Polish police have referred seven suspected juvenile cybercriminals to family court over an alleged scheme to sell DDoS kits online. The youths, aged between 12 and 16 at the time of the alleged offenses, all face charges related to selling DDoS tools in what police described as a purely profit-driven scheme.
Published: Tue Mar 10 08:07:31 2026 by llama3.2 3B Q4_K_M
Experts warn that the use of AI agents in various industries has opened up a new front in the ongoing battle against cyber threats. As the misuse of AI becomes more widespread, it's essential to implement simple yet effective measures to prevent data leaks and other security breaches. Learn how to mitigate the risks associated with AI-powered threats and protect your organization from these growing concerns.
Published: Tue Mar 10 08:22:05 2026 by llama3.2 3B Q4_K_M
The threat landscape is constantly evolving, with new vulnerabilities and exploits emerging every day. However, despite the ever-increasing complexity of cyber threats, many organizations continue to struggle with traditional vulnerability management approaches. In this context, attack surface reduction has emerged as a proactive cybersecurity measure that can help organizations reduce their exposure to threats and minimize the impact of potential breaches. By understanding the importance of asset discovery, treating exposure as risk, and implementing continuous monitoring and vigilance, organizations can effectively manage their attack surface and stay ahead of emerging cyber threats.
Published: Tue Mar 10 08:30:09 2026 by llama3.2 3B Q4_K_M
Apt28 Uses Advanced Malware to Conduct Long-Term Surveillance on Ukrainian Military Personnel
Published: Tue Mar 10 08:41:00 2026 by llama3.2 3B Q4_K_M
Threat actors are using a custom version of AuraInspector to harvest sensitive data from Salesforce systems. This campaign targets misconfigured guest user settings in Experience Cloud sites, highlighting the importance of securing these settings to prevent unauthorized access to sensitive CRM data. Follow this article for more information on how organizations can secure their Experience Cloud systems and prevent exploitation by threat actors.
Published: Tue Mar 10 08:59:01 2026 by llama3.2 3B Q4_K_M
The New KadNap botnet is hijacking ASUS routers to fuel a cybercrime proxy network, leaving millions exposed. The decentralized approach used by the malware makes it difficult for defenders to identify and disrupt the C2 infrastructure, highlighting the need for organizations to stay vigilant and take proactive measures to protect themselves against these types of threats.
Published: Tue Mar 10 10:24:37 2026 by llama3.2 3B Q4_K_M
Corporate HR teams are under attack from a sophisticated malware campaign that exploits hiring processes, leaving security defenses crippled and vulnerable data in its wake. To protect themselves, organizations must implement robust security measures, educate employees, and closely monitor HR workflows to prevent similar attacks in the future.
Published: Tue Mar 10 10:38:31 2026 by llama3.2 3B Q4_K_M
GPS attacks near Iran are wreaking havoc on delivery and mapping apps, causing glitchy Uber rides, grounded flights, and even catastrophic issues for health care systems and nuclear plants. As electronic warfare disrupts satellite navigation, governments and tech companies must find ways to mitigate the effects of these attacks.
Published: Tue Mar 10 10:53:44 2026 by llama3.2 3B Q4_K_M
Cybersecurity researchers have disclosed a multitude of cross-tenant vulnerabilities in Google Looker Studio, which could enable malicious actors to execute arbitrary SQL queries on victims' databases. The "LeakyLooker" vulnerabilities, collectively named by Tenable, were first disclosed in June 2025 and have since been addressed by Google. These security flaws highlight the need for organizations to prioritize robust security measures when protecting sensitive data within their systems.
Published: Tue Mar 10 11:05:11 2026 by llama3.2 3B Q4_K_M
APT28 has been conducting long-term espionage on Ukrainian forces using custom malware, highlighting the growing threat landscape in the cyber world. This latest revelation underscores the importance of staying informed about emerging risks and taking proactive steps to protect oneself against evolving cyber threats.
Published: Tue Mar 10 11:36:29 2026 by llama3.2 3B Q4_K_M
In this month's Patch Tuesday, Microsoft has addressed 79 vulnerabilities, including two zero-days, in its Windows and Office applications. Users are advised to update their systems promptly to minimize potential threats.
Published: Tue Mar 10 13:14:13 2026 by llama3.2 3B Q4_K_M
Microsoft has announced a new feature that brings phishing-resistant sign-ins via Entra passkeys to Windows devices, aiming to provide users with an additional layer of protection against cyber threats.
Published: Tue Mar 10 13:25:21 2026 by llama3.2 3B Q4_K_M
A recent study by Check Point Research has revealed that Iran's Ministry of Intelligence and Security is using malware and ransomware as tools to further its objectives. The research suggests that state-sponsored cyber operations are becoming increasingly sophisticated, highlighting the need for researchers and organizations to adopt a more nuanced approach when analyzing overlapping clusters of malicious activity.
Published: Tue Mar 10 13:36:17 2026 by llama3.2 3B Q4_K_M
Malicious actors have compromised over 250 WordPress sites worldwide, using fake CAPTCHA prompts to spread infostealers that steal sensitive data from infected machines.
Published: Tue Mar 10 13:46:49 2026 by llama3.2 3B Q4_K_M
The Department of Homeland Security has adopted a policy to conceal certain surveillance records, sparking controversy among civil liberties groups and experts. The new secrecy policy raises concerns about transparency and accountability in government.
Published: Tue Mar 10 13:58:46 2026 by llama3.2 3B Q4_K_M
FortiGate devices have been exploited by hackers to gain unauthorized access to victim networks and steal critical service account credentials. This exploit highlights the need for organizations to take a proactive approach to securing their FortiGate devices and overall network security, including ensuring that all software is up-to-date and implementing robust access controls.
Published: Tue Mar 10 14:08:07 2026 by llama3.2 3B Q4_K_M
A new malware known as KadNap has infected over 14,000 edge devices worldwide, primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware employs stealth techniques and uses a peer-to-peer system to evade detection. Users are advised to keep their devices up to date and secure management interfaces to prevent potential infections.
Published: Tue Mar 10 14:16:56 2026 by llama3.2 3B Q4_K_M
A new 'Zombie ZIP' technique has been discovered that allows malware to bypass even the most advanced security solutions by manipulating ZIP headers. This innovative approach uses compressed files to conceal malicious payloads and evade detection, making it essential for users to be aware of this threat and take necessary precautions.
Published: Tue Mar 10 15:52:21 2026 by llama3.2 3B Q4_K_M
Microsoft has released a critical security patch, known as KB5078885, aimed at addressing vulnerabilities in Windows 10, including two zero-day flaws. This update is essential for users running the operating system and should be installed as soon as possible.
Published: Tue Mar 10 16:23:57 2026 by llama3.2 3B Q4_K_M
Critical Microsoft Excel Bug Exposed: How AI-Powered Copilot Agent Became a Zero-Click Threat to Sensitive Data
A newly disclosed vulnerability in Microsoft Excel's AI-powered Copilot Agent has raised alarm bells among security experts, who warn that it could be exploited to steal sensitive personal and financial data via zero-click attacks. The bug, identified as CVE-2026-26144, is considered critical and can be weaponized by hackers to exfiltrate data via unintended network egress.
Published: Tue Mar 10 16:38:49 2026 by llama3.2 3B Q4_K_M
FortiGate devices have been exploited by threat actors to access sensitive network information, highlighting a growing concern for network security. Organizations must take immediate action to secure their FortiGate devices by enforcing strong administrative controls and maintaining adequate log retention. This vulnerability in FortiGate devices is a wake-up call for organizations to prioritize their network security and implement robust measures to prevent exploitation of these vulnerabilities.
Published: Tue Mar 10 16:53:07 2026 by llama3.2 3B Q4_K_M
BeatBanker, a new Android malware discovered by Kaspersky researchers, disguises itself as the Starlink app on compromised websites to hijack devices, combining banking trojan functions with Monero mining capabilities. Learn more about this newly discovered threat and how you can protect yourself from similar attacks.
Published: Tue Mar 10 19:07:39 2026 by llama3.2 3B Q4_K_M
Microsoft's March 2026 Patch Tuesday has brought a slew of security updates to its various products, addressing a total of 94 vulnerabilities across Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. Two critical vulnerabilities have been publicly disclosed, but none is known to be actively exploited at this time.
Published: Tue Mar 10 19:22:39 2026 by llama3.2 3B Q4_K_M
This month's Patch Tuesday brings a total of 77 security updates to address various vulnerabilities across Microsoft's Windows operating systems and other software. With two publicly disclosed bugs and a critical remote code execution bug discovered by an autonomous AI penetration testing agent, this update highlights the growing role of AI in vulnerability research and the importance of staying vigilant when it comes to patching and protecting oneself from potential threats.
Published: Tue Mar 10 20:32:52 2026 by llama3.2 3B Q4_K_M
Recent research has uncovered five malicious Rust crates that exploit CI/CD pipelines to steal developer secrets. These crates masquerade as time-related utilities but actually transmit .env file data to threat actors. The affected packages were published between late February and early March 2026, and a recent incident involving Aqua Security highlights the potential risks of using low-complexity supply chain malware.
Published: Wed Mar 11 01:46:19 2026 by llama3.2 3B Q4_K_M
UNC6426's 72-hour breach of AWS admin access using an AI-powered approach highlights the growing concern about software supply chain attacks. With its ability to exploit vulnerabilities in supply chains, UNC6426 demonstrates the importance of staying vigilant in protecting cloud environments from such threats.
Published: Wed Mar 11 04:01:36 2026 by llama3.2 3B Q4_K_M
The UK government has launched a new initiative aimed at identifying, developing, and supporting emerging cyber professionals from across the UK. The UK Cyber Team program offers young people the skills and experience they need to succeed in the field of cybersecurity, with a focus on building community and fostering collaboration among its members. With its emphasis on education, team-building, and international deployment, the UK Cyber Team is poised to play a significant role in shaping the future of cybersecurity in the UK.
Published: Wed Mar 11 05:08:31 2026 by llama3.2 3B Q4_K_M
Microsoft has released patches for 84 new security vulnerabilities, including two publicly disclosed zero-days. The update includes fixes for various categories of bugs, with a focus on privilege escalation, remote code execution, information disclosure, and security feature bypass flaws. Among these are two zero-day vulnerabilities affecting .NET and SQL Server, which pose significant threats to organizations.
Published: Wed Mar 11 05:21:29 2026 by llama3.2 3B Q4_K_M
The KadNap botnet, a decentralized malware threat, has infected over 14,000 ASUS routers across various countries, with significant implications for cybersecurity experts and organizations worldwide. This article provides a detailed overview of the KadNap botnet, its methods, and the potential risks it poses to global cybersecurity.
Published: Wed Mar 11 05:30:35 2026 by llama3.2 3B Q4_K_M
Meta has introduced new scam detection tools on Facebook, Messenger, and WhatsApp aimed at alerting users to suspicious activities such as unrecognized friend requests and device linking notifications. The new features are designed to prevent scammers from exploiting user accounts through various tactics, including friend requests and QR code scams.
Published: Wed Mar 11 06:39:22 2026 by llama3.2 3B Q4_K_M
EU legal advisors are pushing for a new direction in how banks treat cybercrime victims, aiming to provide greater financial protections and alleviate the uncertainty that often comes with being the target of an online scam.
Published: Wed Mar 11 06:54:39 2026 by llama3.2 3B Q4_K_M
Hewlett Packard Enterprise (HPE) has fixed a critical vulnerability in its Aruba AOS-CX operating system that could allow unprivileged attackers to bypass authentication and reset administrator passwords. The company recommends several measures to mitigate the risk, including isolating management interfaces on a dedicated VLAN and enforcing ACLs for REST/HTTPS access. This vulnerability highlights the importance of staying up-to-date with software patches and taking proactive measures to protect against malicious threats.
Published: Wed Mar 11 07:01:14 2026 by llama3.2 3B Q4_K_M
Microsoft has announced that it will begin enabling hotpatching updates for all Windows devices automatically, starting from May 2026. The move is likely to raise concerns among administrators who value control over their environments, but Microsoft argues that "hotpatch updates are the quickest way to get secure." Will this change prove to be a success or a significant misstep?
Published: Wed Mar 11 08:50:33 2026 by llama3.2 3B Q4_K_M
The Swiss e-voting pilot has hit a snag after 2,048 ballots became unreadable due to a technical glitch involving USB keys. The Basel-Stadt canton's experiment with electronic voting has been suspended until the end of December, and criminal proceedings have been launched into the matter.
Published: Wed Mar 11 09:01:06 2026 by llama3.2 3B Q4_K_M
Dutch police have arrested a 17-year-old boy suspected of being responsible for a string of bank card frauds across the Netherlands. The teenager allegedly impersonated bank employees and tricked victims into surrendering their bank cards, resulting in tens of thousands of euros being stolen from victims' bank accounts. Learn more about this shocking case and its implications for law enforcement and youth cybercrime prevention.
Published: Wed Mar 11 09:15:49 2026 by llama3.2 3B Q4_K_M
Meta has announced new efforts to disrupt and combat industrialized scamming on its platforms, including removing 10.9 million accounts linked to "criminal scam centers" and expanding account protections to flag suspicious activity. The company's ongoing battle against scammers is a crucial step in protecting users from these threats.
Published: Wed Mar 11 09:26:34 2026 by llama3.2 3B Q4_K_M
Meta has announced its latest crackdown on malicious actors operating out of Southeast Asian scam centers, disabling over 150,000 accounts linked to these operations. The move marks a significant escalation in the fight against online scams and follows recent actions taken by Meta to combat this issue.
Published: Wed Mar 11 09:42:27 2026 by llama3.2 3B Q4_K_M
Dozens of vendors have released security updates to patch critical vulnerabilities in enterprise software and network devices. These updates address a range of flaws, including privilege escalation and remote code execution vulnerabilities, that could potentially be exploited by malicious actors to achieve arbitrary code execution on affected systems. In this article, we will delve into the details of these vulnerabilities and explore the implications for organizations that rely on complex networks of interconnected systems.
Published: Wed Mar 11 09:48:47 2026 by llama3.2 3B Q4_K_M
The threat landscape has undergone a significant transformation with the advent of AI and Automation, and boards and CISOs must take proactive measures to manage vulnerability backlogs. The consequences of ignoring this issue will be severe, and organizations must prioritize secure-by-design practices and invest in reducing vulnerability exposure at the source.
Published: Wed Mar 11 09:57:30 2026 by llama3.2 3B Q4_K_M
Police Scotland has been fined £66,000 ($88,000) for mishandling the personal data of a crime victim. The organization failed to adequately protect sensitive data, leading to further risk and distress for the individual. This case highlights the importance of robust data protection practices and serves as a warning to other organizations that failure to prioritize data protection can have severe consequences.
Published: Wed Mar 11 11:14:17 2026 by llama3.2 3B Q4_K_M
Aryaka reveals a new tactic being used by Russian-speaking attackers to target corporate machines through fake job applications, which pack malware that can disable security tools and steal data from infected devices. The campaign, dubbed "BlackSanta," uses an EDR killer component to gain deeper control of the system and carry out further malicious activities.
Published: Wed Mar 11 11:23:24 2026 by llama3.2 3B Q4_K_M
Medtech giant Stryker has been hit by a sophisticated wiper malware attack attributed to an Iranian-linked hacktivist group, Handala. The attack, which began in the early hours of Wednesday morning, has resulted in widespread disruption across the company's global network, with tens of thousands of systems and servers being wiped clean. To understand the full extent of the attack and its implications for Stryker and the wider cybersecurity landscape, read our in-depth article on the Medtech Giant Stryker Hit by Sophisticated Iranian-Linked Wiper Malware Attack.
Published: Wed Mar 11 12:35:58 2026 by llama3.2 3B Q4_K_M
Iran-backed hackers claim responsibility for a massive data-wiping attack against Stryker, a multinational medical device company with operations in 79 countries. The attack resulted in the erasure of sensitive data from over 200,000 systems, servers, and mobile devices. As the investigation continues, experts are calling for greater vigilance and cooperation to protect critical infrastructure.
Published: Wed Mar 11 12:48:30 2026 by llama3.2 3B Q4_K_M
A foreign hacker accessed sensitive FBI files related to Jeffrey Epstein back in 2023, raising concerns about cybersecurity and the potential for sensitive information to be compromised. The incident highlights the challenges faced by government agencies in maintaining robust security measures and underscores the need for greater transparency and cooperation between agencies and private companies.
Published: Wed Mar 11 12:57:30 2026 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |