Europe sanctions Chinese and Iranian firms for cyberattacks
The European Union Council has announced sanctions against three entities and two individuals for their involvement in cyberattacks targeting critical infrastructure in the region. [...]
Intelligence Feed
Curated cybersecurity reporting and advisories. Headlines link to original sources.
Items
138
Last update
Mar 17, 2026, 07:19 PM (UTC)
No matching results
Try a different keyword, or switch the source filter back to “All sources”.
CISO DEMO: Cybersecurity Vendors Pitch Chief Information Security Officers On YouTube
Security chiefs watch short videos produced by Cybercrime Magazine – Steve Morgan, Founder of Cybersecurity Ventures Sausalito, Calif. – Mar. 17, 2026 Around a year ago, Cybersecurity Ventures asked AI “Why use YouTube for marketing?” and it replied “YouTube i…
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a report published Monday, BeyondTrust revealed that Amazo…
Android OS-Level Attack Bypasses Mobile Payment Security
Android’s LSPosed-based attack hijacks payment apps via runtime manipulation and SIM-binding bypass
Tech Giants Invest $12.5 Million in Open Source Security
Anthropic, AWS, Google, Microsoft, and OpenAI fund the Linux Foundation’s long-term security initiatives focused on open source software. The post Tech Giants Invest $12.5 Million in Open Source Security appeared first on SecurityWeek.
UK Companies House Exposed Details of Millions of Firms
The government agency confirmed the vulnerability could have been exploited to obtain company details and alter records. The post UK Companies House Exposed Details of Millions of Firms appeared first on SecurityWeek.
'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment
CursorJack shows how malicious MCP deeplinks in Cursor IDE can trigger user-approved code execution
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tricked into manually running malicious commands to address no…
Surf AI Raises $57 Million for Agentic Security Operations Platform
The company has announced its launch, backed by funding from Accel, Cyberstarts, and Boldstart Ventures. The post Surf AI Raises $57 Million for Agentic Security Operations Platform appeared first on SecurityWeek.
Top 5 Things CISOs Need to Do Today to Secure AI Agents
AI agents are autonomous actors with real access to data and systems, not just copilots. Token Security explains why identity-based access control is critical to prevent misuse and data exposure. [...]
New font-rendering trick hides malicious commands from AI tools
A new font-rendering attack causes AI assistants to miss malicious commands shown on webpages by hiding them in seemingly harmless HTML. [...]
Microsoft stops force-installing the Microsoft 365 Copilot app
Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices that have the Microsoft 365 desktop client apps. [...]
Robotic Surgery Giant Intuitive Discloses Cyberattack
The company says some of its internal business applications were accessed after an employee fell victim to a phishing attack. The post Robotic Surgery Giant Intuitive Discloses Cyberattack appeared first on SecurityWeek.
Growing Threat Of Scams Hits Australia’s Not-For-Profit (NFP) Sector Hard
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 17, 2026 – Read the full story in Eureka Street Mark Gaetani, National President of the St Vincent de Paul Society in Australia, recently read in Cybercrime Magazine th…
174 Vulnerabilities Targeted by RondoDox Botnet
The botnet has increased its activity, peaking at 15,000 exploitation attempts per day, and taking a more targeted approach. The post 174 Vulnerabilities Targeted by RondoDox Botnet appeared first on SecurityWeek.
Google, Meta, Microsoft Among Signatories of Pact to Combat Scams
Several major tech and retail companies have signed an industry accord against online scams and fraud. The post Google, Meta, Microsoft Among Signatories of Pact to Combat Scams appeared first on SecurityWeek.
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and TypeScript. [...]
Microsoft shares fix for Windows C: drive access issues on Samsung PCs
Microsoft has shared guidance to fix C:\ drive access issues and app failures on some Samsung laptops running Windows 11, versions 25H2 and 24H2. [...]
Surge in Nation State Attacks on UK Firms Amid Cyber Warfare Fears
Armis reveals that “mutually assured disruption” is no longer preventing state-backed attacks
Tracebit Raises $20M for Cloud-Native Deception Technology
The company plans to scale its products, expand to new markets, and grow its marketing and engineering teams. The post Tracebit Raises $20M for Cloud-Native Deception Technology appeared first on SecurityWeek.
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversarial Testing Benchmark Report 2026 from Pentera. The report, based on a survey of 300 US CISOs and senio…
New Windows 11 hotpatch fixes Bluetooth device visibility issue
Microsoft has released an emergency update to fix a Bluetooth device visibility issue on hotpatch-enabled Windows 11 Enterprise devices. [...]
CISA Flags Year-Old Wing FTP Vulnerability as Exploited
Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek.
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
Microsoft is working to address a known issue that renders the classic Outlook email client unusable for users who have enabled the Microsoft Teams Meeting Add-in. [...]
AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks
Akamai warns that Layer 7 DDoS, API abuse and AI-powered attacks are merging into coordinated, multi-vector campaigns that are harder to detect and defend against. The post AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks appeared first on Secu…
Average Number of Daily API Attacks Up 113% Annually
Akamai says 87% of organizations suffered an API-related security incident last year
UK Cyber Monitoring Centre Sets Its Sights on US Expansion One Year After Launch
The US Cyber Monitoring Center should be operational in 2027, said the UK CMC leadership
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop application to distribute malicious payloads to certain contacts. The activity has been attributed by South Korean threat int…
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2025-47813…
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python projects — including Django apps, ML research code, Streamlit dash…
Stryker attack wiped tens of thousands of devices, no malware needed
Last week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. [...]
CISA flags Wing FTP Server flaw as actively exploited in attacks
CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks. [...]
UK’s Companies House confirms security flaw exposed business data
Companies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies' information since October 2025. [...]
Microsoft Exchange Online outage blocks access to mailboxes
Microsoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars. [...]
Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact
Broadcom, Bechtel, Estée Lauder, and Abbott Technologies are the only major companies that have yet to issue a public statement. The post Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact appeared first on SecurityWeek.
Researchers Warn of Global Surge in Fake Shipment Tracking Scams
Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling. This week has that energy. Fresh messes, old problems getting sharper, and research that stops feeling theoretical real fast. A few b…
Shadow AI is everywhere. Here’s how to find and secure it.
Shadow AI is quietly spreading across SaaS environments as employees adopt new AI tools without IT oversight. Nudge Security explains how security teams can discover AI apps, monitor usage, and govern risky AI activity. [...]
CrackArmor Flaws Expose Linux Systems to Privilege Escalation
CrackArmor AppArmor flaws let local Linux users gain root, break containers and enable DoS attacks
Microsoft pulls Samsung app blocking Windows C: drive from Store
Microsoft has removed the Samsung Galaxy Connect app from the Microsoft Store because it was causing issues on specific Samsung Galaxy Book 4 and desktop models running Windows 11. [...]
Security Flaw in AWS Bedrock Code Interpreter Raises Alarms
DNS-based attack in AWS Bedrock AgentCore lets AI sandboxes exfiltrate cloud data
How Secure Is The Data Stored By Cloud Providers?
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 16, 2026 – Read the full Forbes story The cloud is home to a dizzying amount of data. According to Cybersecurity Ventures, nearly half of the world’s data exists in ext…
Why Security Validation Is Becoming Agentic
If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated pentesting product, in another. A vulnerability scanner feeding an attac…
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. "Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of…
FBI Calls for Help to Track Steam Malware Campaign
The FBI wants to hear from gamers who have downloaded Steam titles containing malware
UK: Companies House Web Glitch Exposes Corporate Details to Fraudsters
An issue with the Companies House website has put the personal and corporate information of millions at risk
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share ove…
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
Google is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from using the accessibility services API. The change, incorporated in Android 17 Beta 2, was first reported by Android Authority la…
OpenAI says ChatGPT ads are not rolling out globally for now
OpenAI told BleepingComputer that ChatGPT ads on Free and Go plans are not yet rolling out outside the United States, even though some users noticed references to ads in the updated privacy policy. [...]
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent…
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it propagates through the Open VSX registry. "Instead of requiring every malicious listing to embed the loader directly,…
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-10…
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
Meta has announced plans to discontinue support for end-to-end encryption (E2EE) for chats on Instagram after May 8, 2026. "If you have chats that are impacted by this change, you will see instructions on how you can download any media or messages you may want…
Interpol's 'Operation Synergia III' Nets 94 Arrests in Major Cybercrime Sweep
A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency's ongoing efforts to dismantle criminal networks, disrupt emerging threats, and sa…
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. "The campaign redirects users searching for legitimate enterprise…
Investigating a New Click-Fix Variant
Disclaimer: This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of defense capabilities. It is based on independent research and observations of the current threat landscape available at…
How AI And LLMs Are Redefining Cloud Security and Cyber Defense
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 13, 2026 – Read the full story in Forbes Cloud security has become the backbone of enterprise resilience, but the threat landscape has evolved faster than traditional s…
Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild. The list of vulnerabilities is as follows - CVE-2026-3909 (CVSS score: 8.8) - An out-of-bounds wr…
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees.…
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. "SocksEscort infected home and small b…
Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution
Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if successfully exploited, could result in remote code execution. The vulnerabilities are as follows - CVE-2026-21666 (CVSS score: 9.9)…
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem.…
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by a financially motivated threat actor named Hive0163. "Although still relatively unspectacular, AI-generated malware s…
PixRevolution Malware Hijacks Brazil's PIX Transfers in Real Time
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse
Critical Zero-Click Flaw in n8n Allows Full Server Compromise
The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking authentication flows, and encrypted traffic that conceals m…
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of “yeah… this is probably going to show up in real incidents sooner tha…
Backstory Of East Coast Hang Out (ECHO), The First Social Network Launched In 1989
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 12, 2026 – Listen to the podcast Stacy Horn, 66, is an author and the founder of East Coast Hang Out, or ECHO, which is widely regarded as the first social The post Bac…
CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws
CISA issued urgent directive as attackers exploit Cisco SD-WAN flaw granting admin access to networks
Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to…
Police Scotland Fined After Sharing Victim’s Phone Data
The ICO has fined Police Scotland after it shared the entire contents of a victim’s phone with her alleged attacker
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as part of the Coruna exploit kit. The vulnerability, tracked as CVE-2023-43010, relates to an unspecified vulnerability in…
Iran Claims Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, T…
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68…
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025
Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes
Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. The attack, at its core, takes…
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United S…
Infosecurity Europe Announces 2026 Keynote Line Up
Infosecurity Europe 2026 reveals its keynote line-up, featuring Jason Fox, Shlomo Kramer, Cynthia Kaiser and more, with sessions on AI, cloud security and post quantum threats
Researchers Uncover ‘LeakyLooker’ Vulnerabilities in Google Looker Studio
LeakyLooker flaws in Google Looker Studio let attackers run cross-tenant SQL attacks on cloud data
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The vulnerabilities are listed below - CVE-2026-27577 (CVS…
Compromised WordPress Sites Deliver ClickFix Attacks in Global Infostealer Campaign
Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, warn Rapid7 researchers
BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign
BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data
Researchers Discover Major Security Gaps in LLM Guardrails
Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Austral…
The Hacking Games Is Recruiting GenZ Talent To Create A Generation Of Cyber Fighters
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 11, 2026 – Listen to the podcast Fergus Hay is the CEO & co-founder of The Hacking Games, a recruitment tech platform that uses AI to identify gamers whose skills can T…
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed below - CVE-2019-17571 (CVSS score: 9.8) - A code injection vulnera…
What Boards Must Demand in the Age of AI-Automated Exploitation
“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, many executive teams and boards have treated a large vulnerab…
Cyber-Attacks on UK Firms Increase at Four Times Global Rate
Check Point data shows attack volumes are growing much faster in the UK than worldwide
Microsoft Fixes Two Publicly Disclosed Zero-Days
March Patch Tuesday sees Microsoft release updates for 79 flaws
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-s…
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours. The attack started with the theft of a developer's GitHub t…
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below - chrono_anchor dnp3times time_calibrato…
Microsoft Patch Tuesday, March 2026 Edition
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may…
OpenAI's Promptfoo Deal Plugs Agentic AI Testing Gap
OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed secur…
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work fas…
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infec…
Only 24% Of organizations Test Identity Recovery Every Six Months
Only 24% of organizations test identity disaster recovery plans every 6 months, Quest Software said
Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell
Ericsson Breach Exposes Data of 15k Employees and Customers
Ericsson data breach affects 15k employees/customers after third-party service provider compromise
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environme…
Why 2026 Is the Perfect Time To Pivot Into Cybersecurity
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 10, 2026 – Read the full story in EC-Council The late 1990s dot-com boom saw internet adoption explode, venture capital pour in, new roles appear overnight, and salarie…
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why t…
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April…
Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials
Dutch intelligence reveals Russian state hackers are trying to hijack the Signal and WhatsApp accounts of key targets
ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the co…
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 (CVSS sc…
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to th…
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Trump Administration Unveils New Cyber Strategy for America
US national cyber strategy focuses on stronger defenses, countering threats, fostering innovation
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency. The activity has been attributed with moderate co…
UK Launches New Crackdown Unit to Tackle Cyber-Fraud at the Source
New UK Online Crime Centre will combine expertise from a range of sources to takedown online channels cyber-scammers rely on
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
Another week in cybersecurity. Another week of "you've got to be kidding me." Attackers were busy. Defenders were busy. And somewhere in the middle, a whole lot of people had a very bad Monday morning. That's kind of just how it goes now. The good news? There…
AI Security Startups Dominate New Cyber Innovation Awards
Over one in five winners of IT-Harvest’s 2026 Cyber 150 are AI security companies
Is Cybersecurity the Dark Horse for Venture Investors During the Iran Conflict?
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 9, 2026 – Read the full story in Forbes If Defense Tech is the loud winner during the Iran conflict, Cybersecurity is the quiet one, and the opportunity is just as larg…
Can the Security Platform Finally Deliver for the Mid-Market?
Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With heightened awareness of supply chain attacks, your customers and business partners are defining the security level you must meet. What if you…
TriZetto Provider Solutions Breach Hits 3.4 Million Patients
Billing services provider TriZetto Provider Solutions has begun notifying millions of patients about a data breach
Ghanaian Pleads Guilty to Role in $100m Romance Scam
Derrick Van Yeboah admitted he stole over $10m in romance scams as part of crime gang
How AI Assistants are Moving the Security Goalposts
AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines ove…
Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor
A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
Malicious insiders are using misusing AI for nefarious gain, while employees cutting corners also creates risk, warns Mimecast
ContextCrush Flaw Exposes AI Development Tools to Attacks
Critical flaw "ContextCrush" in Context7 MCP Server could allow malicious instructions into AI tools
AI Didn’t Invent Social Engineering, It Made It Worse
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 5, 2026 – Listen to the podcast In the latest episode of “CISO Confidential“, a series on the popular Cybercrime Magazine Podcast sponsored by Doppel, host Charlie Osbo…
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Exploit kit "Coruna" targets iPhones running iOS 13.0 to 17.2.1, focusing on financial data theft
Zero-Click FreeScout Bug Enables Remote Code Execution
Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction
Cisco Issues Patches for 48 Vulnerabilities in Enterprise Networking Products
Two of the 48 Cisco vulnerabilities, affecting Secure Firewall Management Center, are maximum-severity flaws
Europol Operation Seizes LeakBase Data Breach Site
A global operation has resulted in the takedown of popular cybercrime forum LeakBase
Coalition of Western Countries Launches 6G Cybersecurity Guidelines
A coalition of seven Western nations has launched guidelines to help integrate security-by-design principles into future 6G standards
Global Takedown Neutralizes Tycoon2FA Phishing Service
Law enforcers and industry partners have taken down notorious phishing-as-a-service platform Tycoon2FA
Surge in Attacks on Surveillance Cameras Linked to Iranian Hackers
Increased attempts to compromise surveillance cameras linked to Iran during Middle East conflict
Multi-Stage "BadPaw" Malware Campaign Targets Ukraine
Malware campaign uses Ukrainian email service for credibility, deploying "BadPaw" to execute attacks
Examining North Korea’s Cybercrime Economy
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 4, 2026 – Read the full story in Finextra It is estimated that one third to a half of North Korea’s budget comes from cyberfraud and extortion. Finextra reports that mo…
Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows
The OpenID Foundation warns that fragmented policies on posthumous digital accounts could open the door for fraudsters to exploit AI deepfakes
Page 1 of 1 0 results