Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
A sophisticated attack campaign exploiting CVE-2025-64328 has compromised over 900 Sangoma FreePBX systems worldwide, leaving hundreds of instances still infected with web shells. The attackers delivered a PHP web shell dubbed "EncystPHP" that granted them remote command execution and persistence capabilities. Affected systems must be updated to version 17.0.3 or later to patch the vulnerability.
Published: Sun Mar 1 05:03:46 2026 by llama3.2 3B Q4_K_M
Recent malware campaigns and exploits have exposed critical vulnerabilities in various industries, leaving numerous organizations vulnerable to attacks. This article provides an overview of the current global cybersecurity landscape, highlighting key threats and trends, as well as expert advice on how to stay ahead of emerging threats.
Published: Sun Mar 1 06:13:17 2026 by llama3.2 3B Q4_K_M
Hackers have abused Anthropic's AI assistant, Claude Code, to carry out a devastating cyberattack on Mexican government systems, resulting in the theft of over 150GB of sensitive data. The incident highlights the potential dangers posed by generative AI and emphasizes the need for more stringent safeguards against AI exploitation.
Published: Sun Mar 1 09:24:39 2026 by llama3.2 3B Q4_K_M
Donald Trump's Iran policy has left many questions unanswered, including the long-term consequences of his actions and the effectiveness of his strategy in achieving its stated objectives. As tensions between the US and Iran escalate, it remains to be seen whether Trump's gamble will pay off or prove disastrous.
Published: Sun Mar 1 12:43:30 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in popular AI agent OpenClaw, allowing malicious websites to hijack the platform and steal sensitive data. The "ClawJacked" vulnerability exploits a flaw in WebSocket security checks, enabling attackers to brute-force access to locally running instances. Organizations and users must take immediate action to update their systems and protect themselves against this potentially catastrophic attack.
Published: Sun Mar 1 16:55:13 2026 by llama3.2 3B Q4_K_M
ShinyHunters has leaked the full Odido dataset, compromising personal data from over 10.8 million Dutch telecom customers. The breach raises serious concerns about cybersecurity measures in place at Odido and serves as a stark reminder of the importance of prioritizing data protection.
Published: Sun Mar 1 17:08:59 2026 by llama3.2 3B Q4_K_M
South Korea's National Tax Service has apologized for leaking passwords to a stash of stolen cryptocurrency, which parties unknown used to make off with an estimated $4.8 million worth of tokens. The incident raises questions about the effectiveness of the agency's cybersecurity measures and highlights the potential risks associated with using blockchain technology.
Published: Sun Mar 1 19:22:49 2026 by llama3.2 3B Q4_K_M
The UK government's Vulnerability Monitoring System (VMS) has made significant strides in enhancing its cybersecurity capabilities, boasting impressive results in identifying and addressing vulnerabilities within public sector sites. By leveraging cutting-edge technology and a proactive approach, VMS has demonstrated its potential to revolutionize the way vulnerabilities are identified and addressed, serving as an important milestone in the nation's commitment to safeguarding public services from cyber threats.
Published: Sun Mar 1 22:34:13 2026 by llama3.2 3B Q4_K_M
North Korean hackers have published 26 malicious npm packages containing a powerful pastebin C2 server for cross-platform remote access trojans. The Contagious Interview campaign, tracked by Socket and kmsec.uk's Kieran Miyamoto, has taken center stage as North Korean hackers demonstrate their sophistication in bypassing detection mechanisms.
The malicious packages masquerade as developer tools but contain functionality that extracts C2 URLs steganographically encoded within three Pastebin pastes. The payload serves as a text steganography decoder by contacting a Pastebin URL and extracting its contents to retrieve the actual C2 Vercel URLs.
These domains serve as entry points for further malicious activity, including remote access trojans, keyloggers, and credential stealers. The malicious packages have sparked widespread concern in the cybersecurity community, highlighting the need for continued vigilance and awareness.
Published: Mon Mar 2 03:51:46 2026 by llama3.2 3B Q4_K_M
A Ukrainian national has been charged with operating OnlyFake, an AI-driven platform that generated over 10,000 counterfeit IDs globally. Yurii Nazarenko pleaded guilty to conspiracy to commit fraud involving fake IDs, facing up to 15 years in prison and forfeiting $1.2 million from the platform's operations.
Published: Mon Mar 2 04:00:05 2026 by llama3.2 3B Q4_K_M
Europol’s latest operation, codenamed Project Compass, has resulted in 30 arrests targeting "The Com" network, a cybercrime organization known for exploiting children and teenagers. The operation has also identified 62 victims and protected four children from harm, highlighting the importance of cross-border cooperation in combating transnational cybercrime.
Published: Mon Mar 2 05:08:31 2026 by llama3.2 3B Q4_K_M
A critical vulnerability in the OpenClaw AI agent framework has been discovered, leaving users exposed to data theft and potential full workstation compromise initiated from a simple browser visit. The "ClawJacked" attack allows malicious websites to brute-force and take control of local AI agent instances, highlighting the need for robust governance around AI agents and strict policy controls.
Published: Mon Mar 2 05:21:05 2026 by llama3.2 3B Q4_K_M
APT28 Exploits MSHTML 0-Day Vulnerability CVE-2026-21513 in Pre-Patch Tuesday Attack
Published: Mon Mar 2 06:29:50 2026 by llama3.2 3B Q4_K_M
In this article, we explore the dangers of bot attacks on SaaS applications and provide practical advice on how to protect against them. We examine the different types of threats that these malicious programs pose and introduce SafeLine WAF as a solution to prevent these attacks. Our step-by-step guide will help you understand how to deploy SafeLine WAF effectively and ensure the security of your SaaS application.
Published: Mon Mar 2 07:42:03 2026 by llama3.2 3B Q4_K_M
APT37's Ruby Jumper campaign showcases a complex toolkit designed to infiltrate air-gapped networks using cloud storage services and USB implants. The campaign, attributed to North Korea-linked ScarCruft, leverages legitimate cloud providers for covert C2 communications and demonstrates the evolving nature of cyber threats. With its use of multiple malware families and novel tactics, the Ruby Jumper campaign serves as a reminder of the importance of continuous monitoring and security awareness in today's digital landscape.
Published: Mon Mar 2 07:56:18 2026 by llama3.2 3B Q4_K_M
Iranian cyberattack risks are on the rise amid the ongoing conflict in the Middle East, with the UK National Cyber Security Centre (NCSC) warning British organizations of potential threats. Organizations with assets or supply chains in the region are advised to prepare for attacks and prioritize their security posture.
Published: Mon Mar 2 10:09:57 2026 by llama3.2 3B Q4_K_M
Cybercrime groups are turning to sophisticated web scraping bots to scour online marketplaces for scarce DDR5 memory inventory, driving up prices and exacerbating the global shortage. The use of AI-powered tools in these operations highlights the escalating sophistication of cyber threats and underscores the need for greater vigilance among tech industry players.
Published: Mon Mar 2 10:26:10 2026 by llama3.2 3B Q4_K_M
Dubai citizens are facing a new wave of cybercrime threats as scammers attempt to gain access to their bank accounts under false pretenses. The Dubai Police has warned residents about SIM-swap scams, urging them to remain cautious and secure their personal data to avoid falling victim to these malicious activities.
Published: Mon Mar 2 10:36:04 2026 by llama3.2 3B Q4_K_M
As tensions between Iran and its adversaries escalate, global oil markets are bracing for another major shock. A potential closure of the Strait of Hormuz could send crude prices soaring to triple digits, posing significant challenges for US oil producers and consumers worldwide. WIRED explores the unfolding uncertainty surrounding this critical waterway and what it might mean for energy supplies globally.
Published: Mon Mar 2 10:45:40 2026 by llama3.2 3B Q4_K_M
The threat landscape of modern cyber attacks is rapidly evolving, with new and sophisticated threats emerging every day. The growing vulnerability of AI systems is exposing organisations to unprecedented cybersecurity risks. This article provides an in-depth analysis of the recent incidents and highlights the need for organisations to take proactive steps to protect their AI systems.
Published: Mon Mar 2 10:55:05 2026 by llama3.2 3B Q4_K_M
A Russia-linked APT28 group has successfully exploited a newly discovered zero-day vulnerability in Microsoft's MSHTML browser component, leaving numerous organizations vulnerable to attack before Microsoft had issued a patch. The incident highlights the importance of timely patching and the need for organizations to remain vigilant in protecting themselves against evolving cyber threats.
Published: Mon Mar 2 11:03:12 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in Google Chrome that could allow malicious extensions to escalate privileges and gain access to local files on the system. Researchers at Palo Alto Networks Unit 42 have identified the issue as a case of insufficient policy enforcement in the WebView tag.
Published: Mon Mar 2 12:14:37 2026 by llama3.2 3B Q4_K_M
Google has developed new Merkle Tree Certificates that will provide enhanced security to its Chrome browser, aiming to protect users from the growing threat posed by quantum computers. The approach is designed to be more scalable and efficient while ensuring the long-term security of online communications.
Published: Mon Mar 2 12:22:39 2026 by llama3.2 3B Q4_K_M
Alabama Man Pleads Guilty to Hacking, Extorting Hundreds of Young Women, a chilling case that exposes the darker side of online exploitation, has sent shockwaves through the nation's capital. A 22-year-old Alabama man pleaded guilty to hijacking social media accounts, using tactics such as impersonation and social engineering to extort private images and videos from his victims.
Published: Mon Mar 2 13:31:51 2026 by llama3.2 3B Q4_K_M
The National Cyber Security Centre (NCSC) has issued a warning to British organizations, urging them to take immediate action to strengthen their cybersecurity defenses amid the escalating tensions between Iran and its regional adversaries. The warning comes as internet connectivity inside Iran has been severely disrupted, largely due to internal restrictions and shutdown measures, while reports emerged of cyber operations targeting Iranian state media and other infrastructure.
Published: Mon Mar 2 13:52:21 2026 by llama3.2 3B Q4_K_M
GPS Interference on a Global Scale: The Escalating Consequences of the US-Israeli War on Iran
As the situation in the Middle East continues to deteriorate, concerns are growing about the impact of GPS interference on global shipping and navigation systems. With over 1,100 ships affected since the start of the US-Israeli war on Iran, experts warn that the consequences could be catastrophic.
Published: Mon Mar 2 13:59:14 2026 by llama3.2 3B Q4_K_M
A complex phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims’ browsers. The attackers have used Progressive Web App (PWA) features and social engineering to deceive users into installing the malware. This attack highlights the importance of users being cautious when interacting with suspicious security-related websites and verifying the authenticity of such sites before providing sensitive information.
Published: Mon Mar 2 15:09:07 2026 by llama3.2 3B Q4_K_M
Iran's cyberwar has begun, with Iranian hackers conducting a series of high-profile attacks on regional governments, critical infrastructure, and organizations with ties to the US and Israel. As tensions escalate, US-linked organizations should be treated as "when, not an if" scenarios, experts warn. With Iran's history of spreading disinformation and fake news, it's essential for organizations to stay vigilant and take proactive measures to protect themselves from cyber threats.
Published: Mon Mar 2 15:26:27 2026 by llama3.2 3B Q4_K_M
The UK's National Cyber Security Centre (NCSC) has issued a warning to organizations operating in or with supply chains in the Middle East, amid rising tensions in the region and potential Iranian cyber activity. This advisory aims to inform businesses of the heightened risk of cyber threats from Iran-linked hacktivists, who may exploit vulnerabilities in their defenses.
Published: Mon Mar 2 16:35:28 2026 by llama3.2 3B Q4_K_M
CyberStrikeAI: A Tool that is Poised to Change the Face of Cyber Attacks Forever
Published: Mon Mar 2 18:45:24 2026 by llama3.2 3B Q4_K_M
OAuth scams abuse redirects for malware delivery: Microsoft warns of ongoing phishing threat targeting government and public-sector organizations.
Published: Mon Mar 2 18:56:03 2026 by llama3.2 3B Q4_K_M
Google has released patches for a critical zero-day vulnerability in Qualcomm's display component, which could be exploited by attackers to trigger memory corruption. The vulnerability, identified as CVE-2026-21385, was discovered by Google and patched as part of their March 2025 Android Security Bulletin. This incident highlights the importance of keeping Android devices up-to-date with the latest security patches and underscores the need for manufacturers to be more proactive in identifying and addressing vulnerabilities in their products.
Published: Tue Mar 3 03:11:05 2026 by llama3.2 3B Q4_K_M
Gamers are furious after Cloud Imperium, a British games studio behind Star Citizen, quietly admitted to a data breach, sparking concerns over personal data exposure. The company's handling of the incident has been criticized by many in the gaming community, who feel that they should have received more detailed information about what went wrong and how the studio plans to prevent such incidents in the future.
Published: Tue Mar 3 03:21:57 2026 by llama3.2 3B Q4_K_M
A new high-severity vulnerability in an open-source Qualcomm component has been exploited in Android devices, raising concerns about the potential for widespread attacks. With a CVSS score of 7.8, this vulnerability could potentially grant malicious actors extensive access to device resources.
Published: Tue Mar 3 03:34:18 2026 by llama3.2 3B Q4_K_M
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
The threat actor SloppyLemming has been linked to a series of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh, using dual malware chains that include the BurrowShell backdoor and a Rust-based keylogger. This latest campaign marks an evolution in the threat actor's tooling, with the use of the Rust programming language representing a significant shift from traditional compiled languages.
Published: Tue Mar 3 03:47:14 2026 by llama3.2 3B Q4_K_M
A critical vulnerability in Google's Gemini Live AI assistant integrated into Chrome has been discovered by researchers at Palo Alto Networks. This finding highlights the risks associated with overly permissive extension access and the potential for malicious actors to exploit these vulnerabilities for nefarious purposes. The vulnerability, tracked as CVE-2026-0628, was patched in early January 2026, but it is essential for users and developers to be aware of its existence to avoid similar exploits in the future.
Published: Tue Mar 3 03:55:36 2026 by llama3.2 3B Q4_K_M
Cloud Imperium Games has disclosed a significant data breach affecting users' personal information. The breach, which was discovered in January 2026, has raised concerns about the security of user data. With over 700 employees and five game studios under its umbrella, CIG has access to vast amounts of sensitive data. The company's response to the breach has been met with skepticism by some, who argue that a more transparent and proactive approach would have mitigated the damage. As the gaming industry continues to evolve, we can expect to see more data breaches like this in the future.
Published: Tue Mar 3 05:04:44 2026 by llama3.2 3B Q4_K_M
The University of Hawaii Cancer Center has suffered one of its most devastating data breaches in history, leaving nearly 1.2 million individuals' sensitive information compromised. A ransomware gang stole the UHCC's Epidemiology Division records, causing widespread concern among those affected.
Published: Tue Mar 3 05:13:30 2026 by llama3.2 3B Q4_K_M
The French health ministry has fallen victim to a significant data breach, with attackers stealing sensitive information pertaining to approximately 1.2 million individuals. The breach highlights the ongoing threat landscape in the cybersecurity realm and underscores the critical importance of robust cybersecurity measures and data sovereignty in protecting sensitive information.
Published: Tue Mar 3 05:29:24 2026 by llama3.2 3B Q4_K_M
As the situation in the Middle East continues to escalate, cybersecurity experts are warning UK businesses of the potential risks associated with indirect digital spillover. Organizations linked to the region through offices or supply chains are particularly vulnerable, and must take steps to bolster their security posture to mitigate this threat.
Published: Tue Mar 3 05:35:44 2026 by llama3.2 3B Q4_K_M
In Iran, journalists, activists, and ordinary citizens are fighting a desperate battle for information as the government tightens its grip on digital surveillance. With internet blackouts and restrictions in place, those trying to document what is happening on the ground face immense challenges. This story explores the human cost of Iran's digital surveillance machine and the lengths to which journalists will go to bring attention to the situation.
Published: Tue Mar 3 05:46:07 2026 by llama3.2 3B Q4_K_M
Microsoft has issued a warning about phishing campaigns that use OAuth redirect mechanisms to bypass conventional phishing defenses and deliver malware to government targets. The attackers are using manipulated parameters and associated malicious applications to redirect users to attacker-controlled landing pages, resulting in the download of malware on infected devices.
Published: Tue Mar 3 05:56:38 2026 by llama3.2 3B Q4_K_M
Android devices have been hit by an exploited Qualcomm flaw, identified as CVE-2026-21385. This vulnerability affects an open-source component used in various Android devices and can lead to memory corruption. To protect your device, ensure you stay up-to-date with the latest software updates and use a reputable antivirus app.
Published: Tue Mar 3 06:05:13 2026 by llama3.2 3B Q4_K_M
Google's Gemini Live AI panel has been compromised by a high-severity bug that exposes malicious extensions to system resources, providing unprecedented access to sensitive files, webcams, and microphones.
Published: Tue Mar 3 07:20:13 2026 by llama3.2 3B Q4_K_M
The Rise of AI-Powered Identity Dark Matter: How Model Context Protocol (MCP) Agents Threaten Enterprise Security
Summary:
A recent report by Citizen Lab highlights a critical vulnerability in the adoption of Model Context Protocol (MCP) agents, which are being used to automate various tasks across enterprises. As these AI-powered agents become increasingly ubiquitous, they pose significant risks to enterprise security due to their ability to bypass traditional identity management systems and exploit "dark matter" identities. This article delves into the world of MCP agents and explores the implications of their widespread adoption on enterprise security.
Published: Tue Mar 3 07:28:26 2026 by llama3.2 3B Q4_K_M
Starkiller Phishing Suite Utilizes AitM Reverse Proxy to Bypass Multi-Factor Authentication
New phishing suite leverages AitM reverse proxy technique to bypass even the most robust MFA protections, marking a significant development in evolving cyber threats.
Published: Tue Mar 3 07:40:42 2026 by llama3.2 3B Q4_K_M
OAuth phishing campaigns: a new layer of deception in cyber warfare.
A recent phishing campaign has been discovered that exploits OAuth redirections to bypass defenses and deliver malware to unsuspecting victims. Microsoft researchers have warned of the threat, highlighting the need for organizations to tightly govern OAuth applications and implement strong identity protection measures.
Published: Tue Mar 3 07:50:33 2026 by llama3.2 3B Q4_K_M
Perplexity's Comet browser has been found to have a significant security vulnerability that allows attackers to steal sensitive user data and gain unauthorized access to users' local file systems through calendar invitations. The discovery of this vulnerability highlights the importance of security awareness and the need for users to be vigilant when using AI-powered solutions like Comet browser.
Published: Tue Mar 3 09:15:55 2026 by llama3.2 3B Q4_K_M
Compromised cPanel credentials have become a hot commodity in cybercrime markets due to their versatility and ease of use. Organizations must take proactive measures to protect themselves against these types of threats by enabling MFA on all hosting control panel accounts, enforcing strong passwords, and restricting administrative access.
Published: Tue Mar 3 09:30:22 2026 by llama3.2 3B Q4_K_M
In this article, we delve into the details of the Coruna exploit kit, a malicious tool designed specifically for exploiting vulnerabilities in Apple's iOS operating system. With its unique features and capabilities, this tool poses a significant threat to user security, particularly those running vulnerable versions of iOS.
Discover how the Coruna exploit kit works, its components, and its potential use cases, including cryptocurrency theft and sensitive information exfiltration.
Read on for an in-depth look at this sophisticated exploitation tool and its implications for user security.
Published: Tue Mar 3 09:43:39 2026 by llama3.2 3B Q4_K_M
According to a new analysis of publicly announced law enforcement actions between 2021 and mid-2025, middle-aged adults are the primary culprits behind serious cybercrime, shattering the long-held notion that these crimes are perpetrated by teenagers. The study highlights significant shifts in the types of crime and age demographics involved, suggesting a more sophisticated and experience-driven approach to addressing this complex issue.
Published: Tue Mar 3 09:52:36 2026 by llama3.2 3B Q4_K_M
The cybersecurity landscape is constantly evolving, with new threats emerging every day. In order to stay ahead of these threats, security operations centers (SOCs) must be equipped with the right tools and personnel. One critical component of any SOC is Tier 1 analysts, who are responsible for processing high volumes of alerts and making quick decisions about whether or not they require further investigation. However, many Tier 1 analysts lack the necessary training, experience, and resources to perform their jobs effectively.
To address these issues, The Hacker News (THN) has outlined three steps for building a high-impact Tier 1:
1. Trustworthy Cybersecurity News Platform
2. Core Engine Room: Monitoring and Triage as Business-Critical Workflows
3. Intelligence as Oxygen: The Foundation of Tier 1 Effectiveness
By following these steps, organizations can build a high-impact Tier 1 that is capable of detecting and responding to security threats in real-time, improving the performance of the SOC and reducing business risk.
Published: Tue Mar 3 10:03:45 2026 by llama3.2 3B Q4_K_M
Recent research has highlighted the growing threat of AI-assisted cyber attacks, with a suspected Russian-speaking threat actor deploying an open-source AI-native security testing platform called CyberStrikeAI to execute attacks on Fortinet FortiGate appliances across 55 countries. The use of AI-powered tools like CyberStrikeAI is becoming increasingly common and poses a significant threat to global network security.
Published: Tue Mar 3 10:16:47 2026 by llama3.2 3B Q4_K_M
LexisNexis has confirmed that it suffered a significant data breach, resulting in the theft of approximately 2GB of customer and business information. The breach, which occurred on February 24, was caused by hackers exploiting an unpatched React frontend app hosted on AWS. This incident highlights the importance of proactive security measures and regular software updates to prevent such incidents from occurring.
Published: Tue Mar 3 11:24:01 2026 by llama3.2 3B Q4_K_M
The US military has officially acknowledged the key role that cyber operations played in its attacks on Iran, marking a new era of hybrid warfare. This shift marks a significant escalation of the profile of cyber operations and highlights the growing importance of non-kinetic effects in modern military conflicts.
Published: Tue Mar 3 12:42:48 2026 by llama3.2 3B Q4_K_M
Oracle EBS 2025 campaign impacts Madison Square Garden, exposing sensitive data from over 100 organizations worldwide, including the renowned multi-purpose indoor arena.
Published: Tue Mar 3 12:59:00 2026 by llama3.2 3B Q4_K_M
In a shocking revelation, a highly advanced iPhone hacking toolkit known as Coruna has emerged from the shadows, its origins shrouded in mystery but its impact undeniable. With capabilities rivaling those of the NSA's Operation Triangulation, Coruna poses a significant threat to global security, highlighting the need for greater accountability and oversight in the world of zero-day exploit brokers.
Published: Tue Mar 3 14:09:37 2026 by llama3.2 3B Q4_K_M
Ariomex, an Iran-based crypto exchange platform, has suffered a data leak exposing user and transaction data from 2022 to 2025. The leaked database contains sensitive information about end users, their transactions, and the context surrounding their operations, covering the period from 2022 to 2025. This incident highlights the importance of robust cybersecurity measures and the need for exchange platforms to prioritize the security of their customer support channels.
Published: Tue Mar 3 14:22:19 2026 by llama3.2 3B Q4_K_M
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers, ultimately spreading malware among government and public-sector organizations. Microsoft researchers have warned that these attacks use parameters such as scope or prompt=none to force silent error redirects, exploiting a vulnerability in the OAuth framework.
Published: Tue Mar 3 15:30:21 2026 by llama3.2 3B Q4_K_M
Data brokers are selling access to sensitive personal data captured during chatbot conversations, raising concerns about user privacy and security. A recent report highlights the potential risks of using free VPNs and other browser extensions that may be harvesting personal data, and calls for greater awareness and education among users. The industry's need for regulation and transparency has never been more pressing.
Published: Tue Mar 3 15:41:28 2026 by llama3.2 3B Q4_K_M
CISA has flagged a severe vulnerability in VMware Aria Operations, revealing that malicious actors have exploited this command injection flaw to access systems. The US Cybersecurity and Infrastructure Security Agency urges organizations using VMware Aria Operations to address the issue promptly and apply necessary security patches to prevent potential breaches.
Published: Tue Mar 3 17:52:09 2026 by llama3.2 3B Q4_K_M
AkzoNobel has confirmed that hackers breached its network at a U.S.-based site, compromising over 170GB of sensitive data. The leak, attributed to the Anubis ransomware gang, includes confidential agreements with prominent clients and internal technical specification sheets.
Published: Tue Mar 3 18:06:59 2026 by llama3.2 3B Q4_K_M
A $82K API Key Nightmare: The Great Gemini Heist - A developer's company has been left reeling after a stolen Google Gemini API key racked up massive usage costs over just 48 hours. With the incident highlighting the need for greater awareness about potential vulnerabilities in cloud-based services, it is essential that organizations take proactive steps to secure their API credentials.
Published: Tue Mar 3 18:20:27 2026 by llama3.2 3B Q4_K_M
A global outage has crippled Facebook, leaving millions of users unable to access their accounts. What triggered this widespread disruption, and what implications does it have for data security and social media platforms? Read more about the incident and its ongoing impact.
Published: Tue Mar 3 18:28:16 2026 by llama3.2 3B Q4_K_M
Gamers Unite: Cloud Imperium's Data Breach Exposed, Leaving Fans Fuming. British games studio Cloud Imperium has quietly admitted to a data breach that has left its fans reeling, with concerns about transparency and communication from the company on full display.
Published: Wed Mar 4 00:51:50 2026 by llama3.2 3B Q4_K_M
Cybersecurity Alert: Broadcom VMware Aria Operations Vulnerability Sparks Concern Over Remote Code Execution
A recently disclosed security flaw impacting Broadcom VMware Aria Operations has been added to the Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. This high-severity vulnerability poses significant risks for remote code execution and could be exploited by malicious actors. Federal agencies are required to apply patches by March 24, 2026. Organizations must prioritize timely patching, monitoring, and incident response measures to mitigate potential risks associated with this vulnerability.
Published: Wed Mar 4 01:07:00 2026 by llama3.2 3B Q4_K_M
A recent cyber attack has exposed sensitive personal information of over 1.2 million individuals at the University of Hawai ªi Cancer Center, highlighting the need for robust cybersecurity measures to protect sensitive data.
Published: Wed Mar 4 03:17:59 2026 by llama3.2 3B Q4_K_M
Recently discovered fake Laravel packages on Packagist have been found to deploy a remote access trojan (RAT) that can compromise Windows, macOS, and Linux systems. The malicious packages were found to contain PHP files that employ control flow obfuscation and encoded domain names to evade detection. This RAT allows an attacker to gain full remote access to infected hosts, putting the security of thousands of PHP-based applications at risk.
Published: Wed Mar 4 05:29:35 2026 by llama3.2 3B Q4_K_M
Recent additions to the Known Exploited Vulnerabilities (KEV) catalog highlight the growing threat landscape in the cybersecurity domain, emphasizing the need for organizations to prioritize cybersecurity and invest in robust defense mechanisms.
Published: Wed Mar 4 05:39:22 2026 by llama3.2 3B Q4_K_M
The Unseen Threat of Side-Channel Attacks: A Growing Concern for Cybersecurity
US lawmakers Senator Ron Wyden and Representative Shontel Brown are calling for an investigation into side-channel attacks, a threat that has been present in computer security for over 80 years. These types of attacks involve exploiting electromagnetic and acoustic emanations from devices to gather sensitive information about their users. The US government must now consider how to mitigate this threat against the public, including mandating device manufacturers add countermeasures to their products.
Published: Wed Mar 4 06:57:42 2026 by llama3.2 3B Q4_K_M
The rise of AI governance marks a new era for cybersecurity leaders, who must navigate the complex landscape of AI-powered threats and implement effective measures to secure this rapidly evolving technology. The release of a new RFP Guide provides a comprehensive framework for evaluating AI usage control solutions, helping organizations take a proactive step towards securing their AI and protecting themselves against the growing threat of AI-powered attacks.
Published: Wed Mar 4 07:18:07 2026 by llama3.2 3B Q4_K_M
APT41's Silver Dragon Expands: Phishing, Google Drive C2, and Cobalt Strike
The threat landscape continues to evolve at a rapid pace, with new attack vectors and tactics emerging daily. In recent months, researchers have been tracking the activities of an APT group known as Silver Dragon, which has been linked to the China-linked APT41. This article will delve into the world of Silver Dragon, exploring how they expand their playbook, using phishing, Google Drive-based command-and-control (C2), and Cobalt Strike.
Published: Wed Mar 4 07:31:18 2026 by llama3.2 3B Q4_K_M
Coruna iPhone Exploit Kit: A Web of Suspicions Surrounding its Origins
Published: Wed Mar 4 08:41:24 2026 by llama3.2 3B Q4_K_M
A new and powerful exploit kit dubbed Coruna (aka CryptoWaters) has been identified, specifically targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The Coruna exploit kit features five full iOS exploit chains and a total of 23 exploits, making it one of the most significant examples of sophisticated spyware-grade capabilities proliferating from commercial surveillance vendors into the hands of nation-state actors and ultimately mass-scale criminal operations.
Published: Wed Mar 4 08:59:46 2026 by llama3.2 3B Q4_K_M
The University of Mississippi Medical Center has overcome a ransomware attack that crippled its IT systems and disrupted patient care services. Nine days after the cyberattack took hold, the medical center's clinics have resumed normal operations, leaving behind a trail of disruption and uncertainty for patients and staff alike.
Published: Wed Mar 4 10:09:17 2026 by llama3.2 3B Q4_K_M
A recent incident involving a brute-force attack on an exposed RDP server reveals the intricate web of deceit that cybercriminals use to operate at scale. The story highlights the importance of vigilance and continuous monitoring in preventing successful attacks.
Published: Wed Mar 4 10:22:43 2026 by llama3.2 3B Q4_K_M
LexisNexis Legal & Professional has confirmed a data breach that affected its customer records, with the cybercrime crew Fulcrumsec claiming responsibility for the hack. The incident reveals the scope of impact on customer information and highlights the importance of cybersecurity for organizations handling sensitive data.
Published: Wed Mar 4 10:32:23 2026 by llama3.2 3B Q4_K_M
LastPass has issued an urgent warning to its users about a sophisticated phishing campaign aimed at stealing master passwords by impersonating the company using display name spoofing techniques. The attack uses fake security alerts and links to collect users' credentials, emphasizing the importance of cybersecurity awareness and education.
Published: Wed Mar 4 10:42:46 2026 by llama3.2 3B Q4_K_M
The FBI has seized the LeakBase cybercrime forum, marking a significant victory in the ongoing battle against cybercrime. This operation highlights the importance of international cooperation and collaboration in combating transnational threats.
Published: Wed Mar 4 11:51:19 2026 by llama3.2 3B Q4_K_M
Europol-coordinated Action Disrupts Tycoon2FA Phishing Platform, Bringing an End to Tens of Millions of Phishing Messages
A global effort by Europol has resulted in the disruption of a notorious phishing-as-a-service (PhaaS) platform known as Tycoon2FA. The operation, carried out in collaboration with major technology companies and law enforcement agencies from several countries, had the effect of halting tens of millions of phishing messages each month.
Published: Wed Mar 4 12:03:59 2026 by llama3.2 3B Q4_K_M
A surge in hacktivist activity has been reported, with several groups claiming responsibility for breaching military networks, including Israel's Iron Dome missile defense system. The latest wave of attacks, which began after the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion, has left cybersecurity experts on high alert.
The hackers, who are believed to be primarily pro-Russian and pro-Iranian in nature, have been using a variety of tactics, including distributed denial-of-service (DDoS) attacks, data breaches, and malware. The attacks, which have targeted over 110 organizations across 16 countries, have caused significant disruption to critical infrastructure, including energy networks, government entities, and financial services.
The rise of hacktivist activity in recent days has been attributed to several factors, including the ongoing conflict in the Middle East and the increasing sophistication of these groups' tactics. The use of DDoS attacks, data breaches, and malware has made it increasingly difficult for organizations to defend themselves against these types of threats.
In response to this growing threat, cybersecurity experts are urging organizations to take immediate action to protect themselves. This includes activating continuous monitoring, updating threat intelligence signatures, reducing external attack surface, conducting comprehensive exposure reviews of connected assets, validating proper segmentation between information technology and operational technology networks, and ensuring proper isolation of IoT devices.
The consequences of inaction can be severe, with significant disruptions to critical infrastructure, data breaches, and even physical harm to individuals. As the global cyber threat landscape continues to expand, it is essential that organizations take a proactive approach to protecting themselves against these types of threats.
Published: Wed Mar 4 12:30:21 2026 by llama3.2 3B Q4_K_M
A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. The Coruna kit contains five full iOS exploit chains leveraging non-public techniques and mitigation bypasses for iOS versions 13.0 through 17.2.1 (released in December 2023). Researchers from Google Threat Intelligence Group observed activity related to the Coruna exploit kit in February 2025, when they obtained a JavaScript delivery framework along with an exploit for CVE-2024-23222, a WebKit vulnerability that enables remote code execution on iOS 17.2.1.
Published: Wed Mar 4 13:41:14 2026 by llama3.2 3B Q4_K_M
Hacker Mass-Mails HungerRush Extortion Emails to Restaurant Patrons
A threat actor sent mass emails to HungerRush customers claiming that restaurant and customer data could be exposed unless the company responded to their demands. The emails used Twilio SendGrid, which passed authentication checks for the hungerrush.com domain. It is unclear if these stolen credentials are linked to the claimed breach at HungerRush or if they were used to send out the extortion emails.
Published: Wed Mar 4 13:48:53 2026 by llama3.2 3B Q4_K_M
A zero-click vulnerability has been discovered in the widely used helpdesk platform, FreeScout. This article delves into the details of this vulnerability, its severity, and the steps that organizations can take to protect themselves against potential attacks.
Published: Wed Mar 4 16:15:18 2026 by llama3.2 3B Q4_K_M
In an effort to reduce Mean Time to Remediate (MTTR), organizations must adopt a nuanced approach to automation and orchestration in their remediation processes. By understanding when to use each, security teams can create a streamlined process that reduces risk and shortens MTTR. Learn more about the distinction between automation and orchestration and how to implement an effective remediation structure.
Published: Wed Mar 4 16:23:38 2026 by llama3.2 3B Q4_K_M
Bitwarden has added support for passkey login on Windows 11, marking a significant shift towards phishing-resistant authentication. This new feature enhances user security by eliminating the need for password entry during the login process.
Published: Wed Mar 4 17:43:33 2026 by llama3.2 3B Q4_K_M
Cisco has issued a high-priority security advisory to address two critical vulnerabilities in its Secure Firewall Management Center (FMC) software, which could allow attackers to gain root access to managed firewalls. The vulnerabilities have been rated at 10.0 on the Common Vulnerability Scoring System (CVSS), indicating that they are highly critical and could have significant consequences for organizations that use Cisco FMC software.
Published: Wed Mar 4 17:52:22 2026 by llama3.2 3B Q4_K_M
Iran is ramping up its cyber warfare efforts, targeting surveillance cameras across Israel and other Middle Eastern countries with a series of sophisticated hacking attempts. The attack infrastructure used by Iranian hackers is believed to be a combination of commercial VPN exit nodes and virtual private servers. As a result, defenders are advised to take additional measures to secure their systems, such as isolating cameras on a dedicated VLAN with no lateral access to corporate or operational technology networks, and monitoring for repeated login failures or unexpected remote logins.
Published: Wed Mar 4 21:18:02 2026 by llama3.2 3B Q4_K_M
Europol has led an operation to dismantle a notorious phishing-as-a-service (PhaaS) toolkit known as Tycoon 2FA, which was used by thousands of cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale. The kit, described by Europol as one of the largest phishing operations worldwide, has been taken down in conjunction with a coalition of law enforcement agencies and security companies. Learn more about the impact of Tycoon 2FA on enterprises and the measures being taken to combat such threats.
Published: Thu Mar 5 01:30:36 2026 by llama3.2 3B Q4_K_M
The FBI and Europol have successfully dismantled LeakBase, a major dark web forum used to trade stolen credentials, dealing a significant blow to global cybercrime networks. This joint operation is seen as a major victory in the fight against cybercrime.
Published: Thu Mar 5 01:42:24 2026 by llama3.2 3B Q4_K_M
The Phobos Ransomware Administrator's Guilty Plea: A Delicate Web of Wire Fraud and Cybercrime
In a recent development, Evgenii Ptitsyn, a 43-year-old Russian national, has pleaded guilty to wire fraud conspiracy charges related to his role in administering the Phobos ransomware operation. The case highlights the cunning nature of this notorious cybercrime entity and serves as an important victory for law enforcement agencies worldwide who have been working tirelessly to dismantle the operation.
Published: Thu Mar 5 03:45:59 2026 by llama3.2 3B Q4_K_M
Google has uncovered a powerful new iOS exploit kit called Coruna that targets Apple iPhones running iOS 13–17.2.1 versions, but not the latest iOS release. The Coruna Exploit Kit includes five full exploit chains and 23 exploits, making it one of the most comprehensive and sophisticated iOS exploits ever discovered.
Published: Thu Mar 5 03:54:31 2026 by llama3.2 3B Q4_K_M
Cisco has identified two new security flaws in its Catalyst SD-WAN Manager software that have been actively exploited by remote attackers. Administrators are advised to upgrade their devices to the latest software releases as soon as possible to remediate these vulnerabilities.
Published: Thu Mar 5 05:03:41 2026 by llama3.2 3B Q4_K_M
A new Russian cyber campaign has been discovered utilizing two previously undocumented malware families named BadPaw and MeowMeow to compromise Ukrainian entities. The attack, attributed to the state-sponsored threat actor APT28, highlights the ongoing evolution of cyber threats and the need for robust cybersecurity measures to protect against them.
Published: Thu Mar 5 05:23:42 2026 by llama3.2 3B Q4_K_M
In a significant operation led by Europol, authorities from 14 countries dismantled the notorious LeakBase cybercrime forum, bringing down a platform used to trade hacking tools and stolen data. The FBI played a key role in the takedown, which highlights the importance of international collaboration in combating cybercrime.
Published: Thu Mar 5 05:34:51 2026 by llama3.2 3B Q4_K_M
Anthropic, a US-based artificial intelligence startup, is engaged in a last-ditch effort to salvage its deal with the Pentagon after being designated a "supply chain risk" due to concerns over national security risks. The controversy surrounding the company's relationship with the DoD has far-reaching implications for the AI industry as a whole.
Published: Thu Mar 5 06:41:58 2026 by llama3.2 3B Q4_K_M
A sophisticated online gambling ring that exploited war-displaced Ukrainian women has been dismantled by Spanish and Ukrainian law enforcement authorities, in collaboration with Europol. The operation, which utilized stolen identities from over 5,000 citizens across 17 different nationalities, generated an estimated 4,750,000 euros in illicit profits. This stark reminder of the ever-present threat of cybercrime highlights the need for continued vigilance and proactive efforts to combat these nefarious activities.
Published: Thu Mar 5 06:53:04 2026 by llama3.2 3B Q4_K_M
Iran-based threat actors have been linked to a sophisticated malware campaign targeting Iraqi officials. The Dust Specter campaign utilizes never-before-seen malware dubbed SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM to impersonate Iraq's Ministry of Foreign Affairs and exfiltrate sensitive data from compromised systems. The use of generative AI tools in the development of this malware suggests a significant escalation in the sophistication of Iranian hacking groups.
Published: Thu Mar 5 07:13:24 2026 by llama3.2 3B Q4_K_M
The current state of Windows security highlights a critical vulnerability that has been overlooked by many organizations: where multi-factor authentication (MFA) stops and credential abuse starts. This article delves into the intricate world of Windows authentication paths, revealing seven key vulnerabilities that attackers exploit to gain unauthorized access to systems.
Published: Thu Mar 5 07:20:42 2026 by llama3.2 3B Q4_K_M
A sophisticated Russian APT actor has been uncovered targeting Ukrainian entities with new malware families, BadPaw and MeowMeow. The attack chain begins with a phishing email carrying a link to a ZIP archive, which launches an HTA file displaying a lure document written in Ukrainian concerning border crossing appeals. This initial step is followed by the download of BadPaw, a .NET-based loader that establishes command-and-control (C2) communication with a remote server. Researchers attribute the campaign with high confidence to a Russia-linked cyberespionage group, while attributing it with moderate confidence to the threat actor APT28.
Published: Thu Mar 5 09:40:10 2026 by llama3.2 3B Q4_K_M
Google's Zero-Day Vulnerability Report reveals 90 active exploits in attacks last year, with a significant increase in enterprise targets. Learn more about the growing threat of zero-day exploitation and how organizations can protect themselves.
Published: Thu Mar 5 11:13:59 2026 by llama3.2 3B Q4_K_M
The 2026 State of Browser Security Report reveals a shocking truth about the enterprise's most critical blind spot: its browser security. As AI-native browsers and embedded copilots become increasingly mainstream, the report highlights the dangers of adopting a "one-size-fits-all" approach to security, where traditional controls are often ineffective against modern threats.
Published: Thu Mar 5 11:23:27 2026 by llama3.2 3B Q4_K_M
The 2025 zero-day exploitation report paints a dire picture of the cybersecurity landscape, with big tech companies being the prime targets for malicious actors. As threat actors continue to adapt and innovate, defenders must do the same to stay ahead of the curve. With robust defensive measures in place, we can mitigate the risks associated with zero-day exploits and ensure a safer online environment for all.
Published: Thu Mar 5 11:36:42 2026 by llama3.2 3B Q4_K_M
Prime Video's hit series "The Boys" is coming to an end with its final season. With the showrunner expressing concerns about becoming the thing they've been satirizing for five years, fans are left wondering what this will mean for the future of the franchise.
Published: Thu Mar 5 11:45:51 2026 by llama3.2 3B Q4_K_M
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild, highlighting the importance of keeping software up-to-date and applying patches in a timely manner. To learn more about this vulnerability and how to protect against it, please read our latest article on The Hacker News.
Published: Thu Mar 5 11:58:38 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in the User Registration & Membership plugin, which is widely used across over 60,000 WordPress sites. The vulnerability can be exploited by hackers to create administrator accounts without authentication, posing a significant risk to websites that rely on user registration and membership features.
Published: Thu Mar 5 13:10:48 2026 by llama3.2 3B Q4_K_M
An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies' networks - including a bank, software firm, and airport - since the beginning of February, according to security researchers. The attackers used custom-made backdoors and Rclone to gain unauthorized access to the compromised networks.
Published: Thu Mar 5 13:42:04 2026 by llama3.2 3B Q4_K_M
Phobos Ransomware Admin Faces Up to 20 Years After Guilty Plea: A Closer Look at the Phosphorus-Infused Cybercrime Scheme. Russian national Evgenii Ptitsyn has pleaded guilty in the United States to his role in the Phobos ransomware operation, carrying a maximum penalty of 20 years in prison for wire fraud count.
Published: Thu Mar 5 13:51:18 2026 by llama3.2 3B Q4_K_M
The Department of Homeland Security's turbulent tenure under Kristi Noem has been marked by controversy, criticism, and conflict. As the agency looks to the future under new leadership, it remains to be seen whether the challenges facing DHS can be effectively addressed in a way that prioritizes public safety, human rights, and responsible governance.
Published: Thu Mar 5 15:20:45 2026 by llama3.2 3B Q4_K_M
Chinese state hackers have been targeting telecommunication service providers in South America since 2024, using a new malware toolkit that combines three previously undocumented families: TernDoor, PeerTime, and BruteEntry. The attackers use these malware tools to gain access to various network-edge devices used in telecom environments, compromising Windows, Linux, and network-edge devices.
The campaign is closely associated with the FamousSparrow and Tropic Trooper hacker groups, but is tracked as a separate activity cluster. Cisco Talos researchers have listed indicators of compromise (IoCs) associated with the observed UAT-9244 activity, which defenders can use to detect and block these attacks early.
The attackers are using the malware toolkit to target telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. The campaign is closely associated with the FamousSparrow and Tropic Trooper hacker groups, but is tracked as a separate activity cluster.
The attackers are using the malware toolkit to target telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. Cisco Talos researchers have listed indicators of compromise (IoCs) associated with the observed UAT-9244 activity, which defenders can use to detect and block these attacks early.
Published: Thu Mar 5 17:41:27 2026 by llama3.2 3B Q4_K_M
A recent cybersecurity alert warns users of a new threat that exploits Microsoft's AI-powered search feature, Bing, to promote fake GitHub repositories hosting information-stealing malware. The malicious campaign is linked to the popular open-source AI agent, OpenClaw. Users are advised to exercise caution and verify software sources to avoid falling prey to this threat.
Published: Thu Mar 5 17:50:07 2026 by llama3.2 3B Q4_K_M
Global tensions are escalating in the Middle East as a result of air strikes launched by the US and Israel against Iran, prompting a retaliatory response from Iranian forces. Over a dozen countries have announced plans to evacuate their citizens or sponsor repatriation flights, while social media platforms are flooded with disinformation and misinformation. The situation has significant implications for global security, trade, and human lives.
Published: Thu Mar 5 18:04:11 2026 by llama3.2 3B Q4_K_M
State-sponsored espionage groups have reached an all-time high in exploiting vulnerabilities in enterprise software and appliances, with China-linked cyber-espionage groups dominating the list of attackers. As organizations continue to rely on cloud computing and SaaS solutions, they must prioritize vigilance against this growing threat.
Published: Thu Mar 5 19:19:12 2026 by llama3.2 3B Q4_K_M
ClickFix Campaign: A New Low in Social Engineering Attacks
Microsoft has revealed a new widespread ClickFix campaign using Windows Terminal to deploy Lumma Stealer malware, which highlights an evolving threat landscape and underscores the importance of constant vigilance in safeguarding systems. Read more about this emerging attack vector and its implications for endpoint security.
Published: Fri Mar 6 02:34:06 2026 by llama3.2 3B Q4_K_M
The threat landscape has witnessed a plethora of high-profile cybersecurity incidents that have left organizations and governments alike on high alert. Recent AI-powered attacks have compromised critical infrastructure and stolen sensitive information, highlighting the growing importance of prioritizing cybersecurity risk management and ensuring robust measures are in place to detect and respond to emerging threats.
Published: Fri Mar 6 02:45:31 2026 by llama3.2 3B Q4_K_M
The Federal Bureau of Investigation (FBI) has confirmed that it is investigating a breach of surveillance and wiretap systems, which raises significant concerns for national security. The incident is believed to have affected FBI networks used to manage wiretapping and foreign intelligence surveillance warrants, but the exact scope and impact are still unknown at this time. As the nation's security agencies continue to rely on advanced surveillance systems to gather intelligence and prevent terrorism, this breach serves as a wake-up call for increased vigilance and cooperation among law enforcement agencies.
Published: Fri Mar 6 03:54:31 2026 by llama3.2 3B Q4_K_M
A new China-linked Advanced Persistent Threat (APT) actor, UAT-9244, has been identified targeting critical telecommunications infrastructure in South America. This article delves into the details of UAT-9244's tactics, techniques, and procedures, providing an in-depth analysis of its sophisticated malware and attack vectors.
Published: Fri Mar 6 04:09:52 2026 by llama3.2 3B Q4_K_M
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The additions reveal a growing threat landscape driven by sophisticated threat actors exploiting widespread vulnerabilities. With CISA urging federal agencies to address the vulnerabilities by March 26, 2026, organizations must prioritize vulnerability remediation to protect their networks against emerging threats.
Published: Fri Mar 6 04:22:43 2026 by llama3.2 3B Q4_K_M
A recent report by Google's Threat Intelligence Group (GTIG) highlights the significant increase in zero-day vulnerabilities exploited in 2025, with nearly half of them targeting enterprise technologies and corporate infrastructure. This marks a record share for such attacks, underscoring the growing trend towards enterprise-focused cyber threats.
Published: Fri Mar 6 04:31:13 2026 by llama3.2 3B Q4_K_M
Transport for London's 2024 Breach Exposes Data of 7 Million Customers, Leaving Authorities Scrambling to Respond
Published: Fri Mar 6 05:46:22 2026 by llama3.2 3B Q4_K_M
The world of cyber warfare has long been dominated by the cat-and-mouse game between hackers and cybersecurity experts. However, in recent years, a new player has emerged as a major actor in this realm: the military. Specifically, armed forces around the world have begun to adopt hacking consumer cameras as a means of gathering intelligence and conducting surveillance. This development is not unique to any particular country or region; rather, it is a global phenomenon that has been observed in various parts of the world. From Ukraine to Iran, hackers have reportedly targeted traffic cameras to gather intelligence on targets such as Israel, while Israeli intelligence sources have revealed that they had penetrated Tehran's camera systems using real-time data from these cameras. The implications of this development are far-reaching and significant, highlighting the increasing sophistication and stealth of cyber warfare while raising concerns about liability and accountability.
Published: Fri Mar 6 06:01:48 2026 by llama3.2 3B Q4_K_M
The AI-Powered Risk Management Revolution: How MSPs Can Scale Cybersecurity Services
Artificial Intelligence is transforming the way Managed Service Providers (MSPs) approach risk management. By automating manual assessments, providing actionable remediation plans, streamlining compliance processes, and offering clear risk reporting, AI-powered risk management platforms are unlocking scalable, recurring revenue for MSPs.
Stay ahead of the game by embracing AI-powered risk management solutions. Learn how to choose the right platform, overcome common challenges, and deliver measurable value at scale in our latest article: The AI-Powered Risk Management Revolution
Published: Fri Mar 6 06:10:47 2026 by llama3.2 3B Q4_K_M
In a recent surge of activity, Iranian hackers have been targeting U.S. networks with a sophisticated backdoor dubbed Dindoor, which highlights the increasing threat posed by state-sponsored cyber warfare. The attack is believed to be linked to MuddyWater, an Iranian hacking group affiliated with the Ministry of Intelligence and Security (MOIS). Organizations are advised to bolster their cybersecurity posture by strengthening monitoring capabilities, limiting exposure to the internet, disabling remote access to operational technology systems, enforcing phishing-resistant multi-factor authentication, implementing network segmentation, taking offline backups, and ensuring that all internet-facing applications, VPN gateways, and edge devices are up-to-date.
Published: Fri Mar 6 06:23:23 2026 by llama3.2 3B Q4_K_M
Iran-nexus APT Dust Specter has been linked to a recent campaign targeting Iraqi officials with phishing emails delivering new malware families. The attackers used sophisticated tactics, including password-protected archives, droppers disguised as legitimate software applications, and C2 servers with randomized delays to evade detection. This incident highlights the growing concern of Iranian threat actors expanding their reach into new regions and targeting high-value targets.
Published: Fri Mar 6 06:41:56 2026 by llama3.2 3B Q4_K_M
Cisco has confirmed two more vulnerabilities in its SD-WAN management software, which could allow attackers to exploit arbitrary files or gain unauthorized access to systems. Network administrators are advised to patch their deployments as soon as possible to prevent further exploitation.
Published: Fri Mar 6 10:02:02 2026 by llama3.2 3B Q4_K_M
The ClickFix scam has evolved again, using Windows Terminal to trick users into running malware that compromises their browser vaults. With Microsoft monitoring the situation closely, it's essential for users to remain vigilant and report any suspicious activity.
Published: Fri Mar 6 10:12:58 2026 by llama3.2 3B Q4_K_M
In a shocking turn of events, John Daghita, the son of a government contractor, has been arrested in Saint Martin after allegedly stealing over $46 million in seized cryptocurrency from the US Marshals Service. This brazen heist has left investigators scrambling to unravel the threads of this intricate scheme.
Published: Fri Mar 6 10:20:09 2026 by llama3.2 3B Q4_K_M
Microsoft has finally fixed a Windows Recovery Environment (WinRE) bug that was introduced in the October 14, 2025 update for Windows 10, but the issue highlights concerns about the company's quality control processes. The latest update addresses a known issue where WinRE would not start after installing the same release, which left some users without access to their USB devices in the recovery environment.
Published: Fri Mar 6 10:26:20 2026 by llama3.2 3B Q4_K_M
Transparent Tribe's latest campaign marks a significant shift in the threat actor's tactics, leveraging AI-assisted malware industrialization to overwhelm target environments. With its use of lesser-known programming languages, trusted services, and hybrid attack approach, Transparent Tribe poses a significant challenge for cybersecurity defenders. As the threat landscape continues to evolve, it is essential that organizations remain vigilant and proactive in their security posture.
Published: Fri Mar 6 10:39:21 2026 by llama3.2 3B Q4_K_M
Recently, cybersecurity researchers have identified a complex and stealthy malware campaign known as VOID#GEIST, which utilizes batch scripts as a primary means of delivery for various encrypted remote access trojans (RATs). This multi-stage attack framework has garnered significant attention due to its sophisticated nature and the potential threat it poses to organizations worldwide. Learn more about this evolving threat landscape and how to stay informed about emerging threats.
Published: Fri Mar 6 10:48:14 2026 by llama3.2 3B Q4_K_M
Cisco SD-WAN Security Alert: Exploitation of Patched Flaws Sparks Global Panic
In a recent warning from Cisco, two recently patched Catalyst SD-WAN flaws are being actively exploited in the wild. The networking giant urges organizations to apply the latest security updates to reduce the risk of compromise. Learn more about this global security alert and how it affects your organization's cybersecurity posture.
Published: Fri Mar 6 11:01:44 2026 by llama3.2 3B Q4_K_M
Microsoft has warned of a new ClickFix campaign that exploits Windows Terminal to deliver the Lumma Stealer malware via social engineering attacks. The campaign uses a combination of fake CAPTCHAs and PowerShell commands to trick users into executing malicious code, compromising the security of Windows environments.
Published: Fri Mar 6 11:16:13 2026 by llama3.2 3B Q4_K_M
CISA has issued a warning to federal agencies about the use of the Coruna exploit kit in high-stakes crypto theft attacks. The agency orders immediate patching of three critical iOS flaws that have been targeted by attackers, highlighting the growing threat landscape for mobile devices in cyber espionage and theft operations.
Published: Fri Mar 6 12:25:45 2026 by llama3.2 3B Q4_K_M
Israeli smartphones are under threat from a new wave of spyware disguised as emergency-alert apps via SMS messages. The malicious software has been linked to a Hamas-aligned cyberespionage group and is capable of stealing sensitive user data, including GPS locations and contact lists.
Published: Fri Mar 6 13:36:43 2026 by llama3.2 3B Q4_K_M
Advanced hacking groups have been exploiting critical iOS vulnerabilities using a powerful exploit kit called Coruna. CISA has warned federal agencies to patch three vulnerabilities targeted in the kit, which can bypass security measures and pose significant risks to organizations.
Published: Fri Mar 6 15:21:14 2026 by llama3.2 3B Q4_K_M
Cognizant TriZetto Provider Solutions has disclosed a significant data breach that has exposed sensitive information from over 3.4 million patients. The breach, which occurred on October 2, 2025, highlights the ongoing challenges posed by cyber threats in the healthcare sector and underscores the need for robust data protection measures.
Published: Fri Mar 6 15:33:01 2026 by llama3.2 3B Q4_K_M
The internet blackout in Iran has triggered a chain reaction of events with far-reaching consequences for global security, commerce, and human rights. As the country's digital landscape becomes increasingly uncertain, the international community is watching with great concern to see how this situation unfolds.
Published: Fri Mar 6 15:49:30 2026 by llama3.2 3B Q4_K_M
Iran-linked APT group MuddyWater has deployed a sophisticated Dindoor backdoor against multiple U.S. organizations, highlighting the increasing sophistication of nation-state sponsored attacks.
Published: Fri Mar 6 16:00:16 2026 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |