Security AffairsENISA Technical Advisory on Secure Package Managers: Essential DevSecOps GuidanceThu, 12 Mar 2026 08:49:00 +0000 ENISA’s first Technical Advisory on Secure Package Managers helps developers safely use third-party packages. ENISA has released its first Technical Advisory on Package Managers, focusing on how developers can safely consume third-party packages. The document (March 2026, v1.1) follows public feedback incorporating 15 contributions from stakeholders, experts, and the open-source community. “This document focuses on […] U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalogThu, 12 Mar 2026 08:46:25 +0000 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in n8n to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an n8n flaw, tracked as CVE-2025-68613 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. n8n is a workflow automation platform designed for technical teams that combines the […] Bell Ambulance data breach impacted over 238,000 peopleThu, 12 Mar 2026 04:12:58 +0000 Bell Ambulance confirms a February 2025 breach affecting 238,000 people, exposing personal, financial, and health information. Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers, […] Pro-Palestinian hacktivist group Handala targets Stryker in global disruptionWed, 11 Mar 2026 19:51:23 +0000 Pro-Palestinian hacktivist group Handala claims a cyberattack on Stryker, alleging it wiped 200,000 systems and disrupted global operations. Pro-Palestinian hacktivist group Handala claims responsibility for a disruptive cyberattack against medical technology firm Stryker. “Medical technology giant Stryker is experiencing a global outage across its systems after a cyberattack early Wednesday. Staff and contractors report that […] BeatBanker malware targets Android users with banking Trojan and crypto minerWed, 11 Mar 2026 19:00:23 +0000 BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called BeatBanker spreads through fake Starlink apps distributed on websites posing as the Google Play Store. Once installed, it hijacks devices, steals login credentials, tampers with cryptocurrency transactions, and secretly […] Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CXWed, 11 Mar 2026 11:28:36 +0000 Hewlett Packard Enterprise (HPE) fixed several flaws in Aruba AOS-CX, including a critical bug that lets attackers reset admin passwords. Hewlett Packard Enterprise (HPE) patched multiple vulnerabilities in Aruba AOS-CX, the operating system used in Aruba CX switches. The most severe issue, tracked as CVE-2026-23813 (CVSS score of 9.8), allows unprivileged attackers to bypass authentication […] KadNap bot compromises 14,000+ devices to route malicious trafficWed, 11 Mar 2026 09:03:38 +0000 KadNap malware infects 14,000+ edge devices, mainly Asus routers, turning them into a stealth proxy botnet used to route malicious internet traffic. KadNap malware infects more than 14,000 edge devices, mainly ASUS routers, and turns them into a proxy botnet used to route malicious traffic. First detected in August 2025, the campaign heavily targets the […] Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugsTue, 10 Mar 2026 23:29:18 +0000 Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities in its products. None of the flaws are known to be exploited so far. Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities across its products. The IT giant addressed flaws across Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. Including […] Attackers exploit FortiGate devices to access sensitive network informationTue, 10 Mar 2026 19:02:57 +0000 Attackers are exploiting FortiGate devices to breach networks and steal configuration data containing service account credentials and network details. SentinelOne researchers warn that attackers are exploiting vulnerabilities or weak credentials in FortiGate devices to gain initial access to corporate networks. Once inside, they extract configuration files that may contain service account credentials and information about […] APT28 conducts long-term espionage on Ukrainian forces using custom malwareTue, 10 Mar 2026 15:14:13 +0000 APT28 used BEARDSHELL and COVENANT malware to spy on Ukrainian military personnel, enabling long-term surveillance since April 2024. The Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has used BEARDSHELL and COVENANT malware to conduct long-term surveillance of Ukrainian military personnel. According to ESET, the campaign began in April 2024 and relies on […] |
The Hacker NewsSix Android Malware Families Target Pix Payments, Banking Apps, and Crypto WalletsThu, 12 Mar 2026 13:26:00 +0530 Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to full-fledged remote administration tools such as SURXRAT. PixRevolution, according to CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain ExposedThu, 12 Mar 2026 10:48:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 (CVSS score: 9.9), concerns a case of expression injection that leads to remote code execution. The security shortcoming was patched Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four MinutesWed, 11 Mar 2026 22:08:00 +0530 Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. The attack, at its core, takes advantage of AI browsers' tendency to reason their actions and use it against the model itself to lower their security guardrails, Guardio Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored CredentialsWed, 11 Mar 2026 20:21:00 +0530 Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The vulnerabilities are listed below - CVE-2026-27577 (CVSS score: 9.4) - Expression sandbox escape leading to remote code execution (RCE) CVE-2026-27493 (CVSS score: 9.5) - Unauthenticated Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global CrackdownWed, 11 Mar 2026 18:45:00 +0530 Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The effort also led to 21 arrests made by the Royal Thai Police, the company said. The action builds upon Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network DevicesWed, 11 Mar 2026 17:56:00 +0530 SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed below - CVE-2019-17571 (CVSS score: 9.8) - A code injection vulnerability in SAP Quotation Management Insurance application (FS-QUO) CVE-2026-27685 (CVSS score: 9.1) - An insecure deserialization What Boards Must Demand in the Age of AI-Automated ExploitationWed, 11 Mar 2026 17:00:00 +0530 “You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, many executive teams and boards have treated a large vulnerability backlog as an uncomfortable but tolerable fact of life: “we’ve accepted the risk.” If you’ve ever seen a report showing Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-DaysWed, 11 Mar 2026 14:45:00 +0530 Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vulnerabilities relate to privilege escalation, followed by 18 remote code execution, 10 information disclosure, four UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 HoursWed, 11 Mar 2026 13:01:00 +0530 A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours. The attack started with the theft of a developer's GitHub token, which the threat actor then used to gain unauthorized access to the cloud and steal data. "The threat actor, UNC6426, then used this Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer SecretsWed, 11 Mar 2026 10:42:00 +0530 Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below - chrono_anchor dnp3times time_calibrator time_calibrators time-sync The crates, per Socket, impersonate timeapi.io and were published between late February and early March FortiGate Devices Exploited to Breach Networks and Steal Service Account CredentialsTue, 10 Mar 2026 21:51:00 +0530 Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic WorkflowsTue, 10 Mar 2026 21:51:00 +0530 Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" for hackers. The Problem: "The Invisible Employee" Think of an AI Agent like a new employee who has KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy BotnetTue, 10 Mar 2026 21:30:00 +0530 Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60% of victims located in the U.S., according to the Black Lotus Labs team at Lumen. A lesser number of New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL QueriesTue, 10 Mar 2026 18:50:00 +0530 Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in The Zero-Day Scramble is Avoidable: A Guide to Attack Surface ReductionTue, 10 Mar 2026 16:30:00 +0530 You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how teams can manage it deliberately. Time-to-exploit is shrinking The larger and less controlled your attack surface is, APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian MilitaryTue, 10 Mar 2026 16:25:00 +0530 The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in a new report shared with The Hacker News. APT28, also tracked as Blue Athena, BlueDelta, Fancy Bear, Fighting Ursa, Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector ToolTue, 10 Mar 2026 12:47:00 +0530 Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the exploitation of customers' overly permissive Experience Cloud guest user configurations to obtain access to sensitive CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively ExploitedTue, 10 Mar 2026 11:47:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 (CVSS score: 7.5) - A server-side request forgery (SSRF) vulnerability in Omnissa Workspace One UEM (formerly VMware Workspace One UEM) that Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS CredentialsTue, 10 Mar 2026 00:01:00 +0530 Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to the registry by a user named "openclaw-ai" on March 3, 2026. It has been downloaded 178 times to date. The library is still available for UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work DeviceMon, 09 Mar 2026 20:20:00 +0530 The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency. The activity has been attributed with moderate confidence to the state-sponsored adversary, which is also tracked under the cryptonyms Jade Sleet, PUKCHONG, Slow Pisces, and ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded MalwareMon, 09 Mar 2026 19:16:00 +0530 Another week in cybersecurity. Another week of "you've got to be kidding me." Attackers were busy. Defenders were busy. And somewhere in the middle, a whole lot of people had a very bad Monday morning. That's kind of just how it goes now. The good news? There were some actual wins this week. Real ones. The kind where the good guys showed up, did the work, and made a dent. It doesn't always Can the Security Platform Finally Deliver for the Mid-Market?Mon, 09 Mar 2026 17:15:00 +0530 Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With heightened awareness of supply chain attacks, your customers and business partners are defining the security level you must meet. What if you could be the enabler for your organization to remain competitive — and help win business — by easily demonstrating that you meet these Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data TheftMon, 09 Mar 2026 15:58:00 +0530 Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code, and harvest sensitive data. The extensions in question, both originally associated with a developer named "akshayanuonline@gmail.com" (BuildMelon), are listed below - QuickLens - Search Screen with Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical InfrastructureMon, 09 Mar 2026 12:51:00 +0530 High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The activity, which has targeted aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications sectors, has been attributed by Palo Alto Networks Unit 42 to a previously undocumented threat activity group dubbed OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity IssuesSat, 07 Mar 2026 21:58:00 +0530 OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that's designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a research preview to ChatGPT Pro, Enterprise, Business, and Edu customers via the Codex web with free usage for the next month. "It builds deep context about your project to identify Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI ModelSat, 07 Mar 2026 16:51:00 +0530 Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in Firefox 148, released late last month. The vulnerabilities were identified over a two-week period in Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting IndiaFri, 06 Mar 2026 20:41:00 +0530 The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a "high-volume, mediocre mass of implants" that are developed using lesser-known programming languages like Nim, Zig, and Crystal and rely on trusted services like Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RATFri, 06 Mar 2026 20:03:00 +0530 Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOID#GEIST by Securonix Threat Research. At a high level, the obfuscated batch script is used to deploy a second The MSP Guide to Using AI-Powered Risk Management to Scale CybersecurityFri, 06 Mar 2026 16:00:00 +0530 Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, increases upsell opportunities, and drives recurring revenue. But to deliver this consistently and efficiently, you need the right technology and processes. Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor BackdoorFri, 06 Mar 2026 15:53:00 +0530 New research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies' networks, including banks, airports, non-profit, and the Israeli arm of a software company. The activity has been attributed to a state-sponsored hacking group called MuddyWater (aka Seedworm). It's affiliated with the Iranian China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom AttacksFri, 06 Mar 2026 13:52:00 +0530 A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as closely associated with another cluster known as FamousSparrow. It's worth Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma StealerFri, 06 Mar 2026 12:14:00 +0530 Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use of the terminal emulator program instead of instructing users to launch the Windows Run dialog and paste a command Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV CatalogFri, 06 Mar 2026 12:00:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed below - CVE-2017-7921 (CVSS score: 9.8) - An improper authentication vulnerability affecting Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager VulnerabilitiesThu, 05 Mar 2026 20:52:00 +0530 Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2026-20122 (CVSS score: 7.1) - An arbitrary file overwrite vulnerability that could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security LeadersThu, 05 Mar 2026 20:52:00 +0530 Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted data and storing it so it can be decrypted later using quantum computers. This tactic—known as “harvest now, decrypt later”—means sensitive data transmitted today could become ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & MoreThu, 05 Mar 2026 19:14:00 +0530 Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech companies also drew attention. Together, these updates offer a useful snapshot of what is happening Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM MalwareThu, 05 Mar 2026 17:31:00 +0530 A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the cluster under the name Dust Specter. The attacks, which manifest in the form of two different Where Multi-Factor Authentication Stops and Credential Abuse StartsThu, 05 Mar 2026 16:30:00 +0530 Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but coverage. Enforced through an identity provider (IdP) such as Microsoft Entra ID, Okta, or APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in UkraineThu, 05 Mar 2026 15:40:00 +0530 Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border crossing appeals Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 AttacksThu, 05 Mar 2026 12:21:00 +0530 Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies. The subscription-based phishing kit, which first emerged in August 2023, was described by Europol as one of the largest phishing FBI and Europol Seize LeakBase Forum Used to Trade Stolen CredentialsThu, 05 Mar 2026 12:04:00 +0530 A joint law enforcement operation has dismantled LeakBase, one of the world's largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access the forum's website ("leakbase[.]la") are now 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East ConflictWed, 04 Mar 2026 22:51:00 +0530 Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. "The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, driving nearly 70% of all attack activity between February 28 and March 2," Radware said in a Tuesday Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1Wed, 04 Mar 2026 18:58:00 +0530 Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It's not effective against the latest version of iOS. The findings were first reported by WIRED. "The New RFP Template for AI Usage Control and AI GovernanceWed, 04 Mar 2026 17:00:00 +0530 As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need "AI Governance," but they have no idea what they are actually looking for. The CISO’s Dilemma: You Have the AI Budget, but Do You Have the Requirements? As AI Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and LinuxWed, 04 Mar 2026 15:07:00 +0530 Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that's functional on Windows, macOS, and Linux systems. The names of the packages are listed below - nhattuanbl/lara-helper (37 Downloads) nhattuanbl/simple-queue (29 Downloads) nhattuanbl/lara-swagger (49 Downloads) APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2Wed, 04 Mar 2026 13:44:00 +0530 Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. "Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments," Check Point said CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV CatalogWed, 04 Mar 2026 10:05:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an Fake Tech Support Spam Deploys Customized Havoc C2 Across OrganizationsTue, 03 Mar 2026 22:45:00 +0530 Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner organizations, involved the threat actors using email spam as lures, followed by a phone call from Building a High-Impact Tier 1: The 3 Steps CISOs Must FollowTue, 03 Mar 2026 20:00:00 +0530 Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts sit at the front line of detection, and yet they are also the most vulnerable to the cognitive and organizational pressures that quietly erode SOC performance over time. The Paradox at the Gate: Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 CountriesTue, 03 Mar 2026 19:59:00 +0530 The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis of the IP address ("212.11.64[.]250") that was used by the suspected |
darkreadingINC Ransomware Group Holds Healthcare Hostage in OceaniaWed, 11 Mar 2026 22:00:00 GMT Government agencies, emergency clinics, and others in Australia, New Zealand, and Tonga have had serious run-ins with the prolific ransomware outfit. Xygeni GitHub Action Compromised Via Tag PoisonWed, 11 Mar 2026 20:22:39 GMT Attackers operated an active C2 implant for up to a week and compromised AppSec vendor Xygeni's xygeni/xygeni-action in that time. Chinese Nexus Actors Shift Focus to Qatar Amid Iranian ConflictWed, 11 Mar 2026 14:46:51 GMT Two attacks on Qatari entities signal a shift in focus for China-backed actors and demonstrate how quickly they can pivot in response to geopolitical events. Middle East Conflict Highlights Cloud Resilience GapsWed, 11 Mar 2026 05:00:00 GMT Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well. Microsoft Patches 83 CVEs in March UpdateWed, 11 Mar 2026 01:08:31 GMT For a change, there's little in this month's Patch Tuesday that should cause panic, according to security experts. 'Overly Permissive' Salesforce Cloud Configs in the CrosshairsTue, 10 Mar 2026 21:05:28 GMT Some customers have mishandled guest user configurations otherwise intended to allow third-party access to important — and sensitive — client data. Russian Threat Actor Sednit Resurfaces With Sophisticated ToolkitTue, 10 Mar 2026 18:57:55 GMT After several years of using simple implants, the Russia-affiliated actor is back with two new sophisticated malware tools. 'BlackSanta' EDR Killer Targets HR WorkflowsTue, 10 Mar 2026 13:30:00 GMT A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection. White House Cyber Strategy Prioritizes OffenseMon, 09 Mar 2026 21:09:12 GMT In a seven-page strategy document, the Trump administration signaled a shift to preemption and deterrence to handling cyber threats. 'InstallFix' Attacks Spread Fake Claude Code SitesMon, 09 Mar 2026 20:42:25 GMT A fresh cyberattack campaign blends malvertising with a ClickFix-style technique that highlights risky behavior with AI coding assistants and command-line interfaces. Are We Ready for Auto Remediation With Agentic AI?Mon, 09 Mar 2026 20:13:01 GMT With the rapid innovations in AI, we are entering an exciting era of automated risk remediation. Learn about security team readiness to leverage agentic AI for threat and exposure management. Chinese Cyber Threat Lurks In Critical Asian Sectors for YearsMon, 09 Mar 2026 12:05:06 GMT An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows and Linux, likely for spying. Cylake Offers AI-Native Security Without Relying on Cloud ServicesFri, 06 Mar 2026 19:04:36 GMT Cylake's platform will analyze security data locally and identify potential attacks for organizations concerned about data sovereignty. North Korean APTs Use AI to Enhance IT Worker ScamsFri, 06 Mar 2026 17:49:02 GMT DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails. EU Auto Rules Shift Gears on Cybersecurity StandardsFri, 06 Mar 2026 15:05:55 GMT The European Union is taking new precautions as climate change and cybersecurity threats rise across the automotive industry. Iran's Cyber-Kinetic War Doctrine Takes ShapeFri, 06 Mar 2026 14:01:11 GMT Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one and the same. Cyberattack on Mexico's Gov't Agencies Highlight AI ThreatFri, 06 Mar 2026 13:37:31 GMT Using Anthropic's Claude, OpenAI's ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencies and its citizens' data. Nation-State Actor Embraces AI Malware Assembly LineThu, 05 Mar 2026 21:56:07 GMT Pakistan's APT36 threat group has begun using vibe-coding to churn out mediocre malware, but at a scale that could overwhelm defenses. Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing PlatformThu, 05 Mar 2026 21:23:26 GMT The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses. Cisco Drops 48 New Firewall Vulnerabilities, 2 CriticalThu, 05 Mar 2026 20:11:15 GMT Edge bugs are so fetch, and Cisco just patched 50 new ones, including some heavy hitters with 10 out of 10 scores on the CVSS scale. Fig Security Emerges From Stealth to Fix Broken Security OperationsThu, 05 Mar 2026 16:55:05 GMT Fig Security's platform traces security data flows end-to-end across SIEMs, pipelines, and response systems to alert teams before infrastructure changes break critical defenses. Software Development Practices Help Enterprises Tackle Real-Life RisksThu, 05 Mar 2026 16:34:20 GMT Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error. LatAm Now Faces 2x More Cyberattacks Than USThu, 05 Mar 2026 14:00:00 GMT Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage. VMware Aria Operations Bug Exploited, Cloud Resources at RiskWed, 04 Mar 2026 21:04:56 GMT Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud environments. Stranger Things Meets Cybersecurity: Lessons from the Hive MindWed, 04 Mar 2026 17:09:27 GMT Events and concepts from the Stranger Things television series illustrate how enterprises can defend their networks and stay "right side up." Dark Reading Confidential: This Threat Hunter Helped Cops Bust Up An African Cybercrime SyndicateWed, 04 Mar 2026 15:00:00 GMT Dark Reading Confidential Episode 15: Interpol relied on Will Thomas and team to help break up a sprawling cybercrime ring, leading to the arrest of 574 suspects, the recovery of more than $3 million, and the decryption of six malware variants. Here's his story. China's Silver Dragon Razes Governments in EU, SE AsiaWed, 04 Mar 2026 11:26:55 GMT The emerging actor, part of the APT41 nexus, gains initial access via phishing, and uses legitimate network services to obscure cyber espionage activities. Indian APT 'Sloppy Lemming' Targets Defense, Critical InfrastructureTue, 03 Mar 2026 22:24:22 GMT India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control. Vehicle Tire Pressure Sensors Enable Silent TrackingTue, 03 Mar 2026 20:53:39 GMT Like many other features and systems in modern cars, tire pressure sensors leak sensitive data that can be abused by threat actors. Qualcomm Zero-Day Exploited in Targeted Android AttacksTue, 03 Mar 2026 20:28:05 GMT The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups. Speakeasies to Shadow AI: Banning AI Browsers Will FailTue, 03 Mar 2026 17:40:21 GMT Lessons from history highlight why AI-enabled browsers require controlled enablement. AI Agent Overload: How to Solve the Workload Identity CrisisTue, 03 Mar 2026 12:57:19 GMT Workloads keep getting more complicated and organizations are struggling to keep up. So what's the play? As War Continues, Pro-Iranian Actors Launch Barrage of CyberattacksTue, 03 Mar 2026 11:30:31 GMT Iran and its supporters have taken to cyberspace to retaliate for US-Israeli military action, with an aim to cause economic and physical disruption. Critical OpenClaw Vulnerability Exposes AI Agent RisksMon, 02 Mar 2026 22:34:36 GMT The now-patched flaw is the latest in a growing string of security issues associated with the viral AI tool, which has seen rapid adoption among developers. The Tug-of-War Over Firewall Backlogs in the AI-Driven Development EraMon, 02 Mar 2026 21:32:04 GMT Speed and security are historically clashing priorities, but with AI and automation, it's increasingly important that application developers and security teams get on the same page. 30 Alleged Members of 'The Com' Arrested in Project CompassMon, 02 Mar 2026 20:32:09 GMT The global law enforcement crackdown, which began in January 2025, also identified nearly 180 members of the notorious cybercriminal collective. Quantum-Resistant Data Diode Secures Sensitive Data on Edge Devices, Critical SystemsMon, 02 Mar 2026 12:55:27 GMT Forward Edge-AI's new Isidore Quantum is a compact, low-power hardware device designed to defend sensitive operational technology endpoints against future quantum attacks. Bug in Google's Gemini AI Panel Opens Door to HijackingMon, 02 Mar 2026 10:27:15 GMT Attackers could have exploited the vulnerability to escalate privileges, violate user privacy while browsing, and access sensitive resources. Life Mirrors Art: Ransomware Hits Hospitals on TV & IRLFri, 27 Feb 2026 20:48:05 GMT HBO's "The Pitt" is showing audiences what a real Mississippi healthcare system is going through this week, thanks to a ransomware attack. Cities Hosting Major Events Need More Focus on Wireless, Drone DefenseFri, 27 Feb 2026 20:23:17 GMT Major events like the FIFA World Cup need to look beyond traditional physical and cyber security to active and passive wireless threats, say experts. Flaw-Finding AI Assistants Face Criticism for Speed, AccuracyFri, 27 Feb 2026 20:16:24 GMT Using AI to find security vulnerabilities holds significant promise, but the initial products fall short of the needs of enterprises and software developers, say experts. The Case for Why Better Breach Transparency MattersFri, 27 Feb 2026 16:18:19 GMT It's become a standard practice for organizations to disclose the bare minimum about a data breach, or worse — not disclose the incident at all. Claude Code Security Shows Promise, Not PerfectionFri, 27 Feb 2026 14:00:00 GMT Claude Code's introduction rippled across the stock market, but researchers and analysts say its impact was overstated, as they peel back the layers. Marquis v. SonicWall Lawsuit Ups the Breach Blame GameThu, 26 Feb 2026 22:02:41 GMT When a company gets breached through a third-party security vendor, who should bear responsibility? For one FinTech company, the answer is the firewall provider. Cisco SD-WAN Zero-Day Under Exploitation for 3 YearsThu, 26 Feb 2026 21:45:56 GMT The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind. Chinese Police Use ChatGPT to Smear Japan PM TakaichiThu, 26 Feb 2026 00:00:00 GMT A Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account. Flaws in Claude Code Put Developers' Machines at RiskWed, 25 Feb 2026 22:02:32 GMT The vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains. RAMP Forum Seizure Fractures Ransomware EcosystemWed, 25 Feb 2026 21:14:21 GMT Researchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves. PCI Council Says Threats to Payments Systems Are Speeding UpWed, 25 Feb 2026 19:15:33 GMT The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay ahead of attackers. Malicious Next.js Repos Target Developers Via Fake Job InterviewsWed, 25 Feb 2026 16:42:00 GMT Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines. |
Krebs on SecurityIran-Backed Hackers Claim Wiper Attack on Medtech Firm StrykerWed, 11 Mar 2026 16:20:13 +0000 A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency. Microsoft Patch Tuesday, March 2026 EditionWed, 11 Mar 2026 00:32:51 +0000 Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday. How AI Assistants are Moving the Security GoalpostsSun, 08 Mar 2026 23:35:42 +0000 AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey. Who is the Kimwolf Botmaster “Dort”?Sat, 28 Feb 2026 12:01:57 +0000 In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher's home. This post examines what is knowable about Dort based on public information. ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFAFri, 20 Feb 2026 20:00:30 +0000 Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand's real website, and then acts as a relay between the target and the legitimate site -- forwarding the victim's username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses. Kimwolf Botnet Swamps Anonymity Network I2PWed, 11 Feb 2026 16:08:11 +0000 For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet's control servers. Patch Tuesday, February 2026 EditionTue, 10 Feb 2026 21:49:53 +0000 Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild. Please Don’t Feed the Scattered Lapsus ShinyHuntersMon, 02 Feb 2026 16:15:16 +0000 A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More » Who Operates the Badbox 2.0 Botnet?Mon, 26 Jan 2026 16:11:38 +0000 The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea about that. Kimwolf Botnet Lurking in Corporate, Govt. NetworksTue, 20 Jan 2026 18:19:13 +0000 A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf's ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks. |
Hackread – Cybersecurity News, Data Breaches, AI and MoreIran-Linked Handala Hackers Claim Major Hacks on Stryker and VerifoneWed, 11 Mar 2026 23:05:48 +0000 Iran-linked Handala hackers claim cyberattacks on Stryker and Verifone. Stryker confirms network disruption while Verifone says no breach evidence found. BeatBanker Android Trojan Uses Silent Audio Loop to Steal CryptoWed, 11 Mar 2026 17:01:51 +0000 BeatBanker Android Trojan spreads via fake Google Play Store pages, using a silent audio loop to stay active while stealing crypto, banking data, and login credentials. BlackSanta Malware Targets HR Staff with Fake CV DownloadsWed, 11 Mar 2026 12:14:34 +0000 Aryaka researchers have identified a new threat from a Russian-speaking group using 'BlackSanta' malware. By disguising attacks as job applications, hackers are bypassing security to target recruitment workflows. Microsoft Fixes 79 Flaws in March Patch Tuesday, Including Two 0-DaysWed, 11 Mar 2026 09:56:52 +0000 Microsoft fixes 79 vulnerabilities in March 2026 Patch Tuesday, including two publicly disclosed 0-days affecting SQL Server, .NET and Windows systems. Your Data Lake Is Turning Into a Junk Drawer? Here’s How to Clean It UpWed, 11 Mar 2026 09:10:40 +0000 Data lakes start organized but can turn into dumping grounds. Learn the signs of data lake clutter and simple steps to clean it up without rebuilding. Cal AI, New Owner of MyFitnessPal, Hit by Alleged Breach of 3 Million UsersTue, 10 Mar 2026 21:58:59 +0000 Cal AI faces data breach claims after hackers post alleged data of 3 million users, including emails, health details, and subscriptions. ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce DataTue, 10 Mar 2026 18:25:37 +0000 ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid. China-Linked Hackers Hit Qatar with Backdoor Disguised as War NewsTue, 10 Mar 2026 17:33:29 +0000 China-linked hackers targeted Qatar using fake war news lures to spread PlugX backdoor malware and spy on military and energy sectors. Study Finds ROME AI Agent Attempted Cryptomining Without InstructionsTue, 10 Mar 2026 14:10:08 +0000 A recent research paper describing the training of an experimental AI agent has started a discussion after the… Fake LinkedIn Interview Used by Lazarus Hackers to Target AllSecure CEOTue, 10 Mar 2026 12:37:36 +0000 Researchers at AllSecure have revealed how North Korean hackers from the Lazarus Group used a fake LinkedIn job interview and deepfake technology to target their CEO. |
Hacker CombatSnowflake Data Breach: What Happened and How to Prevent ItTue, 05 Aug 2025 18:00:42 +0000 In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at... The post Snowflake Data Breach: What Happened and How to Prevent It appeared first on Hacker Combat. Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk ManagementFri, 13 Dec 2024 12:04:08 +0000 Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat. Zero Trust ArchitectureMon, 02 Dec 2024 10:43:16 +0000 Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and... The post Zero Trust Architecture appeared first on Hacker Combat. What Is a Security Operations Center (SOC)?Mon, 02 Dec 2024 07:51:03 +0000 A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat. XDR vs SIEM Security Information and Event ManagementFri, 29 Nov 2024 12:53:23 +0000 The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to... The post XDR vs SIEM Security Information and Event Management appeared first on Hacker Combat. Best Free EDR for Windows PCFri, 29 Nov 2024 11:19:32 +0000 Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),... The post Best Free EDR for Windows PC appeared first on Hacker Combat. Free EDR Solutions for Home Users in 2025Tue, 26 Nov 2024 07:46:59 +0000 EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go... The post Free EDR Solutions for Home Users in 2025 appeared first on Hacker Combat. Cloud Security EssentialsMon, 28 Oct 2024 04:57:20 +0000 Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –... The post Cloud Security Essentials appeared first on Hacker Combat. Antivirus SoftwareMon, 28 Oct 2024 02:43:18 +0000 Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity... The post Antivirus Software appeared first on Hacker Combat. How to Protect Against Ransomware Attacks?Fri, 25 Oct 2024 03:57:42 +0000 Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat. |
Flipboard.com CybercriminalitéDisparition d’YggTorrent : quelles sont les alternatives ?Thu, 12 Mar 2026 06:00:42 GMT ► En bref YggTorrent est au cœur d’une polémique depuis plusieurs semaines • La plateforme vient de subir une attaque massive sur ses serveurs • Le tracker … Affaire Epstein : comment un nombre hors norme de données du FBI liées au pédocriminel ont été soustraites par un pirate « étranger »Wed, 11 Mar 2026 18:13:44 GMT RÉCIT - Un rapport de 64 pages au sein des fichiers Epstein confirme les faits, et étaye minute par minute cet étonnant piratage. Où sont donc passés … Un mystérieux signal diffusé par ondes radio intrigue les spécialistes, serait-ce une station iranienne?Wed, 11 Mar 2026 11:00:07 GMT Le retour d'émissions cryptées sur ondes courtes, une technique héritée de la Guerre froide, alimente les soupçons d'opérations clandestines liées à … « 1,2 million de comptes bancaires consultés » : les premières arnaques démarrent et elles sont redoutables !Tue, 10 Mar 2026 06:06:49 GMT Une escroquerie très sournoise se déploie en France. Tout le monde peut se faire avoir. « Caisse d’épargne : une tentative de paiement de 924,99 € est … Une faille de sécurité majeure pourrait affecter un téléphone Android sur quatre - ZDNETThu, 12 Mar 2026 06:03:16 GMT Cette vulnérabilité matérielle, présente principalement dans les téléphones d'entrée de gamme, permet le vol de données sensibles de … Une cyberattaque en France, puis une traque mondiale : pourquoi vous devez voir "Don't Go to the Police", qui est gratuit !Thu, 12 Mar 2026 07:02:00 GMT Le documentaire français Don't Go to the Police retrace la cyberattaque LockBit qui a paralysé Coaxis et 350 000 entreprises en une nuit. Un film … INFO FRANCE 3. Fuite de données : les informations personnelles de 310 000 jeunes mises en vente sur le darkweb suite à une cyberattaque contre la RégionThu, 12 Mar 2026 05:53:36 GMT La Région Occitanie a subi une cyberattaque permettant à un groupe de hackeurs de voler les données de 310 000 jeunes bénéficiaires de la "Carte … Cyberattaques en Israël et aux États-Unis : qui est le groupe Handala, soutien de l’Iran ?Wed, 11 Mar 2026 18:52:15 GMT Le groupe Handala, revendiquant des cyberattaques contre des infrastructures américaines et israéliennes, se présente comme un acteur majeur depuis … Cyberattaque russe contre WhatsApp et Signal : une « vaste campagne mondiale » est en coursTue, 10 Mar 2026 09:04:28 GMT Des pirates russes s’en prennent actuellement à Signal et WhatsApp. Selon les services de renseignement néerlandais, les cyberattaques reposent sur … WhatsApp : ce paramètre activé par défaut compromet votre sécuritéMon, 09 Mar 2026 10:02:57 GMT Vous ne le savez peut-être pas, mais ce paramètre vous expose à des arnaques si vous ne le désactivez pas. WhatsApp : ce paramètre activé par défaut peut faciliter les attaques, voici comment le désactiverWed, 11 Mar 2026 06:00:19 GMT L'omniprésence de WhatsApp nous fait parfois oublier les règles de prudence élémentaires. En mars 2026, une faille sur Android rappelle que le … Comment un test de Claude, d’Anthropic, a abouti à la découverte de plus de 100 failles dans Firefox et permis de renforcer la sécurité du navigateur open sourceMon, 09 Mar 2026 16:11:56 GMT Au cours d'un test interne de son IA, Anthropic a demandé à Claude Opus 4.6, son modèle le plus performant, de tenter de hacker le navigateur … Stryker signale un incident de cybersécurité provoquant des perturbations informatiques mondialesWed, 11 Mar 2026 22:33:50 GMT Stryker Corporation (NYSE:SYK) a révélé mercredi avoir identifié un incident de cybersécurité affectant certains systèmes informatiques, entraînant … « Signal et Whatsapp ne sont pas adaptées » : comment les hackers russes s’attaquent aux comptes de militaires et hauts dignitairesMon, 09 Mar 2026 16:15:42 GMT Les hackers au service de la Russie s’attaquent aux comptes Signal et Whatsapp (entre autres) de militaires, politiciens et haut dignitaires de pays … iPhone : Apple a une protection redoutable contre les pires hackers… et presque personne ne l’activeFri, 06 Mar 2026 11:08:00 GMT Une fonctionnalité discrète d’Apple promet un niveau de protection inédit contre les attaques informatiques les plus sophistiquées. Pourtant, malgré … Mali: le journaliste Youssouf Sissoko se défend de toute infractionMon, 09 Mar 2026 18:02:53 GMT Le journaliste malien Youssouf Sissoko a comparu lundi 9 mars devant le pôle judiciaire spécialisé contre la cybercriminalité. Le directeur de publication du journal L'Alternance avait été arrêté et emprisonné le 5 février, après la publication d'un article questionnant des déclarations du chef de … L’UE est-elle prête à gérer les retombées d’une guerre États-Unis–Iran ?Tue, 10 Mar 2026 09:53:32 GMT Les États-Unis et l’Iran sont en guerre, et l’Union européenne est de plus en plus touchée par ce conflit régional qui s’intensifie rapidement. En s’étendant rapidement en un conflit régional à multiples fronts, les affrontements ont ébranlé la sécurité énergétique mondiale, les combats s’étendant … Cyberattaque mondiale : WhatsApp et Signal attaqués par des hackers russesTue, 10 Mar 2026 13:11:22 GMT Une campagne de phishing cible des responsables politiques, des militaires et des journalistes… Les applications de messagerie chiffrée sont devenues … Municipales 2026 à Isbergues : David Thellier brigue un deuxième mandat dans « la continuité et le bon sens »Thu, 12 Mar 2026 05:00:00 GMT Après un premier mandat « semé d’embûches » – Covid, inflation, cyberattaque… –, le maire d’Isbergues David Thellier est candidat à sa succession … Les hackers passent à l’IA : la cybersécurité entre dans une nouvelle courseWed, 11 Mar 2026 04:33:11 GMT Au cours des deux dernières décennies, la cybersécurité s’est structurée autour d’un principe simple : détecter plus vite que l’attaquant. Les … À Madagascar, les autorités veulent refonder une police nationale décriée par les collectifs d'usagersWed, 04 Mar 2026 09:57:25 GMT À Madagascar, les autorités ont lancé une opération d'envergure en vue de reprendre en mains une police nationale en pleine crise de confiance. Le 3 mars 2026 à Antananarivo, les autorités ont ouvert un mois de consultations nationales déclinées dans les 23 régions du pays. Un programme censé … Cybersécurité : pourquoi la France reste si fragile face aux fuites de donnéesWed, 11 Mar 2026 18:30:00 GMT DÉCRYPTAGE - Si le nombre d’attaques par rançongiciel traité par l’Anssi est en léger recul, celles liées à des exfiltrations de données augmentent. Alerte rouge sur l'iPhone : Apple révèle qu'une opération d'espionnage frappe la FranceFri, 06 Mar 2026 13:31:15 GMT Apple a lancé sa première grande alerte de l’année en France. Certains propriétaires d’iPhone ont reçu un message prévenant qu’ils étaient la cible … "Un message malveillant envoyé à l’ensemble de la communauté éducative", un lycée de Toulouse victime d’un piratage informatiqueTue, 10 Mar 2026 09:33:28 GMT Le lycée général, technologique et professionnel Déodat de Séverac à Toulouse a été victime, samedi 7 mars, d’une attaque informatique affectant … Municipales à Paris: après son soutien affiché à Emmanuel Grégoire, un ancien candidat LFI dit être victime de cyberattaquesThu, 05 Mar 2026 14:44:31 GMT Tout semble parti d’un post X, publié par Emmanuel Grégoire le 27 février. Le candidat socialiste à la mairie de Paris y a parlé protection de … « Don’t go to the police » : Un documentaire vidéo captivant sur la traque des cybercriminels de LockbitThu, 12 Mar 2026 08:18:06 GMT 14 Décembre 2023. Un employé d’une entreprise française clique sur un mail frauduleux. Il ne sait pas qu’il va être le point de départ d’une … Bonk.fun piraté : Détournement du domaine, dispositif de drainage de crypto introduitThu, 12 Mar 2026 04:27:17 GMT L'opérateur, connu sous le nom de Tom, a déclaré que seuls les utilisateurs ayant signé un faux message des conditions d'utilisation sur le site … “Fin de partie” : YGGtorrent est mort, un seul hacker a suffi pour abattre le géant français du torrentWed, 04 Mar 2026 09:36:00 GMT YGG Torrent, le plus grand site de torrents francophone, n'a pas été fermé par la justice ni par l'ARCOM. Non : il a été éventré de l'intérieur par … En 2025, la police fédérale a saisi plus de 195 millions d'euros d'avoirs criminels | VRT NWS: le site d'information de référenceWed, 11 Mar 2026 14:22:34 GMT L’an dernier, la police fédérale a saisi 195.031.046 euros d'avoirs criminels, détaille son rapport annuel présenté ce mercredi par le … Ekinops : la trésorerie disponible s'élevait à 32,1 ME à fin décembre 2025Wed, 11 Mar 2026 18:56:00 GMT (Boursier.com) — A l'issue de son exercice 2025, Ekinops a enregistré un chiffre d'affaires consolidé de 105 millions d'euros, en repli de -11% par … |
CyberScoopSalesforce issues new security alert tied to third customer attack spree in six monthsWed, 11 Mar 2026 14:12:16 +0000 Researchers said the threat group behind the campaign is associated with ShinyHunters, an outfit that’s previously stolen data from Salesforce instances for extortion attempts. The post Salesforce issues new security alert tied to third customer attack spree in six months appeared first on CyberScoop. If consequences matter, they should apply to vendors, tooWed, 11 Mar 2026 10:00:00 +0000 The latest executive order pushes Washington to crack down on cyber fraud, but a different mandate eases software security accountability, leaving an inconsistent strategy that keeps the attack surface cheap to exploit. The post If consequences matter, they should apply to vendors, too appeared first on CyberScoop. Microsoft’s monthly Patch Tuesday is first in 6 months with no actively exploited zero-daysTue, 10 Mar 2026 19:37:28 +0000 The vendor said six of the 83 vulnerabilities it addressed this month are more likely to be exploited. The post Microsoft’s monthly Patch Tuesday is first in 6 months with no actively exploited zero-days appeared first on CyberScoop. FBI says even in an AI-powered world, security basics still matterTue, 10 Mar 2026 19:31:04 +0000 AI is speeding up attacks but otherwise not changing their fundamental nature, said FBI official Jason Bilnoski. The post FBI says even in an AI-powered world, security basics still matter appeared first on CyberScoop. Federal judge blocks Perplexity’s AI browser from making Amazon purchasesTue, 10 Mar 2026 18:57:42 +0000 Amazon sued the AI browser company last year, accusing them of computer fraud, accessing password protected accounts and buying items. The post Federal judge blocks Perplexity’s AI browser from making Amazon purchases appeared first on CyberScoop. Critical defect in Java security engine poses serious downstream security risksTue, 10 Mar 2026 17:36:17 +0000 Attackers can exploit the defect in the widely deployed pac4j with relative ease, but researchers haven’t observed active exploitation in the wild. The post Critical defect in Java security engine poses serious downstream security risks appeared first on CyberScoop. No, it’s not ‘unnecessarily burdensome’ to control your own dataTue, 10 Mar 2026 10:00:00 +0000 The State Department frames data sovereignty and innovation as opposing forces. Modern encryption proves we can have both. The post No, it’s not ‘unnecessarily burdensome’ to control your own data appeared first on CyberScoop. Sean Cairncross lays out what’s coming next for Trump’s cyber strategyMon, 09 Mar 2026 17:31:01 +0000 The national cyber director is pitching an approach that blends cyber operations with diplomacy, law enforcement and pressure on CEOs to shore up their organizations. The post Sean Cairncross lays out what’s coming next for Trump’s cyber strategy appeared first on CyberScoop. We’ve seen ransomware cost American lives. Here’s what it will actually take to stop it.Mon, 09 Mar 2026 10:00:00 +0000 Hackers have cut their attack timelines from weeks to hours while the government spreads resources too thin. We need to stop pretending we can protect everything and start focusing on what would hurt us most. The post We’ve seen ransomware cost American lives. Here’s what it will actually take to stop it. appeared first on CyberScoop. The long-awaited Trump cyber strategy has arrivedFri, 06 Mar 2026 22:55:48 +0000 The administration also released an executive order on cybercrime and fraud. The post The long-awaited Trump cyber strategy has arrived appeared first on CyberScoop. |