| 1 | FBI warns of Handala hackers using Telegram in malware attacks | Mar 23, 10:10 am |
|---|
| 2 | Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper | Mar 23, 9:10 am |
|---|
| 3 | CISA orders feds to patch DarkSword iOS flaws exploited attacks | Mar 23, 9:10 am |
|---|
| 4 | New KB5085516 emergency update fixes Microsoft account sign-in | Mar 23, 8:10 am |
|---|
| 5 | Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems | Mar 23, 7:10 am |
|---|
| 6 | ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd) | Mar 23, 2:10 am |
|---|
| 7 | VoidStealer malware steals Chrome master key via debugger trick | Mar 22, 3:10 pm |
|---|
| 8 | Trivy vulnerability scanner breach pushed infostealer via GitHub Actions | Mar 21, 6:10 pm |
|---|
| 9 | Microsoft Azure Monitor alerts abused for callback phishing attacks | Mar 21, 5:10 pm |
|---|
| 10 | Microsoft Azure Monitor alerts abused in callback phishing campaigns | Mar 21, 3:10 pm |
|---|
| 11 | Google adds ‘Advanced Flow’ for safe APK sideloading on Android | Mar 21, 3:10 pm |
|---|
| 12 | FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks | Mar 21, 2:10 pm |
|---|
| 13 | Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager | Mar 21, 11:10 am |
|---|
| 14 | CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026 | Mar 21, 9:10 am |
|---|
| 15 | Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages | Mar 21, 8:10 am |
|---|
| 16 | FBI links Signal phishing attacks to Russian intelligence services | Mar 20, 9:10 pm |
|---|
| 17 | Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets | Mar 20, 7:10 pm |
|---|
| 18 | Oracle pushes emergency fix for critical Identity Manager RCE flaw | Mar 20, 7:10 pm |
|---|
| 19 | Police take down 373,000 fake CSAM sites in Operation Alice | Mar 20, 6:10 pm |
|---|
| 20 | Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure | Mar 20, 5:10 pm |
|---|
| 21 | CISA orders feds to patch max-severity Cisco flaw by Sunday | Mar 20, 3:10 pm |
|---|
| 22 | How CISOs Can Survive the Era of Geopolitical Cyberattacks | Mar 20, 2:10 pm |
|---|
| 23 | Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover | Mar 20, 1:10 pm |
|---|
| 24 | Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams | Mar 20, 12:10 pm |
|---|
| 25 | The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks | Mar 20, 11:10 am |
|---|
| 26 | Musician admits to $10M streaming royalty fraud using AI bots | Mar 20, 10:10 am |
|---|
| 27 | GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th) | Mar 20, 9:10 am |
|---|
| 28 | Microsoft: March Windows updates break Teams, OneDrive sign-ins | Mar 20, 8:10 am |
|---|
| 29 | International joint action disrupts world’s largest DDoS botnets | Mar 20, 8:10 am |
|---|
| 30 | DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks | Mar 20, 7:10 am |
|---|
| 31 | Ex-data analyst stole company data in $2.5M extortion scheme | Mar 20, 7:10 am |
|---|
| 32 | 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security | Mar 20, 6:10 am |
|---|
| 33 | Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks | Mar 20, 6:10 am |
|---|
| 34 | ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th) | Mar 20, 2:10 am |
|---|
| 35 | Feds Disrupt IoT Botnets Behind Huge DDoS Attacks | Mar 20, 1:10 am |
|---|
| 36 | Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers | Mar 19, 9:10 pm |
|---|
| 37 | Navia discloses data breach impacting 2.7 million people | Mar 19, 9:10 pm |
|---|
| 38 | 54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security | Mar 19, 8:10 pm |
|---|
| 39 | New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores | Mar 19, 8:10 pm |
|---|
| 40 | FBI seizes Handala data leak site after Stryker cyberattack | Mar 19, 5:10 pm |
|---|
| 41 | Bitrefill blames North Korean Lazarus group for cyberattack | Mar 19, 5:10 pm |
|---|
| 42 | ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More | Mar 19, 3:10 pm |
|---|
| 43 | Russian hackers exploit Zimbra flaw in Ukrainian govt attacks | Mar 19, 3:10 pm |
|---|
| 44 | New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data | Mar 19, 2:10 pm |
|---|
| 45 | 7 Ways to Prevent Privilege Escalation via Password Resets | Mar 19, 2:10 pm |
|---|
| 46 | Max severity Ubiquiti UniFi flaw may allow account takeover | Mar 19, 1:10 pm |
|---|
| 47 | New ‘Perseus’ Android malware checks user notes for secrets | Mar 19, 11:10 am |
|---|
| 48 | How Ceros Gives Security Teams Visibility and Control in Claude Code | Mar 19, 11:10 am |
|---|
| 49 | CISA urges US orgs to secure Microsoft Intune systems after Stryker breach | Mar 19, 11:10 am |
|---|
| 50 | DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover | Mar 19, 10:10 am |
|---|
| 51 | Critical Microsoft SharePoint flaw now exploited in attacks | Mar 19, 10:10 am |
|---|
| 52 | CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks | Mar 19, 7:10 am |
|---|
| 53 | ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th) | Mar 19, 2:10 am |
|---|
| 54 | Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th) | Mar 19, 1:10 am |
|---|
| 55 | Aura confirms data breach exposing 900,000 marketing contacts | Mar 18, 11:10 pm |
|---|
| 56 | CISA orders feds to patch Zimbra XSS flaw exploited in attacks | Mar 18, 8:10 pm |
|---|
| 57 | ConnectWise patches new flaw allowing ScreenConnect hijacking | Mar 18, 7:10 pm |
|---|
| 58 | OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs | Mar 18, 6:10 pm |
|---|
| 59 | Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access | Mar 18, 5:10 pm |
|---|
| 60 | Ransomware gang exploits Cisco flaw in zero-day attacks since January | Mar 18, 5:10 pm |
|---|
| 61 | Marquis: Ransomware gang stole data of 672K people in cyberattack | Mar 18, 4:10 pm |
|---|
| 62 | Scans for "adminer", (Wed, Mar 18th) | Mar 18, 2:10 pm |
|---|
| 63 | Nordstrom's email system abused to send crypto scams to customers | Mar 18, 2:10 pm |
|---|
| 64 | New “Darksword” iOS exploit used in infostealer attack on iPhones | Mar 18, 2:10 pm |
|---|
| 65 | The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms | Mar 18, 2:10 pm |
|---|
| 66 | 9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors | Mar 18, 1:10 pm |
|---|
| 67 | Claude Code Security and Magecart: Getting the Threat Model Right | Mar 18, 1:10 pm |
|---|
| 68 | Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE | Mar 18, 1:10 pm |
|---|
| 69 | Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels | Mar 18, 12:10 pm |
|---|
| 70 | ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th) | Mar 18, 11:10 am |
|---|
| 71 | Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit | Mar 18, 9:10 am |
|---|
| 72 | Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS | Mar 18, 7:10 am |
|---|
| 73 | Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23 | Mar 18, 6:10 am |
|---|
| 74 | Apple pushes first Background Security Improvements update to fix WebKit flaw | Mar 18, 1:10 am |
|---|
| 75 | GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX | Mar 17, 10:10 pm |
|---|
| 76 | Europe sanctions Chinese and Iranian firms for cyberattacks | Mar 17, 7:10 pm |
|---|
| 77 | AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE | Mar 17, 6:10 pm |
|---|
| 78 | LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader | Mar 17, 3:10 pm |
|---|
| 79 | Microsoft stops force-installing the Microsoft 365 Copilot app | Mar 17, 2:10 pm |
|---|
| 80 | New font-rendering trick hides malicious commands from AI tools | Mar 17, 2:10 pm |
|---|
| 81 | Top 5 Things CISOs Need to Do Today to Secure AI Agents | Mar 17, 2:10 pm |
|---|
| 82 | LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks | Mar 17, 1:10 pm |
|---|
| 83 | AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds | Mar 17, 12:10 pm |
|---|
| 84 | IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th) | Mar 17, 12:10 pm |
|---|
| 85 | Microsoft shares fix for Windows C: drive access issues on Samsung PCs | Mar 17, 12:10 pm |
|---|
| 86 | LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks | Mar 17, 12:10 pm |
|---|
| 87 | Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware | Mar 17, 11:10 am |
|---|
| 88 | Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic | Mar 17, 11:10 am |
|---|
| 89 | New Windows 11 hotpatch fixes Bluetooth device visibility issue | Mar 17, 11:10 am |
|---|
| 90 | CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths | Mar 17, 6:10 am |
|---|
| 91 | ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th) | Mar 17, 2:10 am |
|---|
| 92 | Stryker attack wiped tens of thousands of devices, no malware needed | Mar 16, 8:10 pm |
|---|
| 93 | GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos | Mar 16, 8:10 pm |
|---|
| 94 | CISA flags Wing FTP Server flaw as actively exploited in attacks | Mar 16, 6:10 pm |
|---|
| 95 | UK’s Companies House confirms security flaw exposed business data | Mar 16, 5:10 pm |
|---|
| 96 | ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More | Mar 16, 4:10 pm |
|---|
| 97 | Microsoft Exchange Online outage blocks access to mailboxes | Mar 16, 4:10 pm |
|---|
| 98 | Microsoft pulls Samsung app blocking Windows C: drive from Store | Mar 16, 2:10 pm |
|---|
| 99 | /proxy/ URL scans with IP addresses, (Mon, Mar 16th) | Mar 16, 2:10 pm |
|---|
| 100 | Shadow AI is everywhere. Here’s how to find and secure it. | Mar 16, 2:10 pm |
|---|
| 101 | ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers | Mar 16, 1:10 pm |
|---|
| 102 | Why Security Validation Is Becoming Agentic | Mar 16, 1:10 pm |
|---|
| 103 | DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage | Mar 16, 10:10 am |
|---|
| 104 | Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse | Mar 16, 6:10 am |
|---|
| 105 | ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th) | Mar 16, 2:10 am |
|---|
| 106 | OpenAI says ChatGPT ads are not rolling out globally for now | Mar 16, 12:10 am |
|---|
| 107 | Betterleaks, a new open-source secrets scanner to replace Gitleaks | Mar 15, 3:10 pm |
|---|
| 108 | Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw | Mar 14, 10:10 pm |
|---|
| 109 | OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration | Mar 14, 6:10 pm |
|---|
| 110 | AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code | Mar 14, 3:10 pm |
|---|
| 111 | GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers | Mar 14, 2:10 pm |
|---|
| 112 | SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th) | Mar 14, 2:10 am |
|---|
| 113 | Microsoft: Windows 11 users can't access C: drive on some Samsung PCs | Mar 13, 11:10 pm |
|---|
| 114 | FBI seeks victims of Steam games used to spread malware | Mar 13, 9:10 pm |
|---|
| 115 | Fake enterprise VPN sites used to steal company credentials | Mar 13, 6:10 pm |
|---|
| 116 | Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026 | Mar 13, 6:10 pm |
|---|
| 117 | Poland's nuclear research centre targeted by cyberattack | Mar 13, 6:10 pm |
|---|
| 118 | Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware | Mar 13, 6:10 pm |
|---|
| 119 | Microsoft investigates classic Outlook sync and connection issues | Mar 13, 5:10 pm |
|---|
| 120 | INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime | Mar 13, 4:10 pm |
|---|
| 121 | Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials | Mar 13, 3:10 pm |
|---|
| 122 | From VMware to what’s next: Protecting data during hypervisor migration | Mar 13, 3:10 pm |
|---|
| 123 | Fake enterprise VPN downloads used to steal company credentials | Mar 13, 2:10 pm |
|---|
| 124 | Investigating a New Click-Fix Variant | Mar 13, 2:10 pm |
|---|
| 125 | Police sinkholes 45,000 IP addresses in cybercrime crackdown | Mar 13, 2:10 pm |
|---|
| 126 | Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation | Mar 13, 10:10 am |
|---|
| 127 | Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8 | Mar 13, 10:10 am |
|---|
| 128 | Starbucks discloses data breach affecting hundreds of employees | Mar 13, 9:10 am |
|---|
| 129 | A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) | Mar 13, 8:10 am |
|---|
| 130 | Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries | Mar 13, 7:10 am |
|---|
| 131 | Google fixes two new Chrome zero-days exploited in attacks | Mar 13, 7:10 am |
|---|
| 132 | Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution | Mar 13, 6:10 am |
|---|
| 133 | ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848, (Fri, Mar 13th) | Mar 13, 2:10 am |
|---|
| 134 | Canadian retail giant Loblaw notifies customers of data breach | Mar 12, 10:10 pm |
|---|
| 135 | England Hockey investigating ransomware data breach | Mar 12, 9:10 pm |
|---|
| 136 | AI-generated Slopoly malware used in Interlock ransomware attack | Mar 12, 8:10 pm |
|---|
| 137 | Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks | Mar 12, 6:10 pm |
|---|
| 138 | Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays | Mar 12, 6:10 pm |
|---|
| 139 | US disrupts SocksEscort proxy network powered by Linux malware | Mar 12, 5:10 pm |
|---|
| 140 | Veeam warns of critical flaws exposing backup servers to RCE attacks | Mar 12, 5:10 pm |
|---|
| 141 | Google paid $17.1 million for vulnerability reports in 2025 | Mar 12, 4:10 pm |
|---|
| 142 | ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More | Mar 12, 3:10 pm |
|---|
| 143 | How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs | Mar 12, 3:10 pm |
|---|
| 144 | Going the Extra Mile: Travel Rewards Turn into Underground Currency. | Mar 12, 3:10 pm |
|---|
| 145 | Telus Digital confirms breach after hacker claims 1 petabyte data theft | Mar 12, 3:10 pm |
|---|
| 146 | Apple patches older iPhones and iPads against Coruna exploits | Mar 12, 2:10 pm |
|---|
| 147 | Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload | Mar 12, 12:10 pm |
|---|
| 148 | US charges another ransomware negotiator linked to BlackCat attacks | Mar 12, 12:10 pm |
|---|
| 149 | Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit | Mar 12, 11:10 am |
|---|
| 150 | Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets | Mar 12, 9:10 am |
|---|
| 151 | CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed | Mar 12, 6:10 am |
|---|
| 152 | When your IoT Device Logs in as Admin, It?s too Late! [Guest Diary], (Wed, Mar 11th) | Mar 12, 2:10 am |
|---|
| 153 | ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846, (Thu, Mar 12th) | Mar 12, 2:10 am |
|---|
| 154 | SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites | Mar 11, 8:10 pm |
|---|
| 155 | WhatsApp introduces parent-managed accounts for pre-teens | Mar 11, 8:10 pm |
|---|
| 156 | CISA orders feds to patch n8n RCE flaw exploited in attacks | Mar 11, 7:10 pm |
|---|
| 157 | Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes | Mar 11, 6:10 pm |
|---|
| 158 | Medtech giant Stryker offline after Iran-linked wiper malware attack | Mar 11, 6:10 pm |
|---|
| 159 | Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker | Mar 11, 5:10 pm |
|---|
| 160 | New PhantomRaven NPM attack wave steals dev data via 88 packages | Mar 11, 5:10 pm |
|---|
| 161 | Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials | Mar 11, 4:10 pm |
|---|
| 162 | Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown | Mar 11, 2:10 pm |
|---|
| 163 | Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools | Mar 11, 2:10 pm |
|---|
| 164 | What Boards Must Demand in the Age of AI-Automated Exploitation | Mar 11, 1:10 pm |
|---|
| 165 | Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices | Mar 11, 1:10 pm |
|---|
| 166 | Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days | Mar 11, 10:10 am |
|---|
| 167 | Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th) | Mar 11, 10:10 am |
|---|
| 168 | UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours | Mar 11, 9:10 am |
|---|
| 169 | Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets | Mar 11, 6:10 am |
|---|
| 170 | Microsoft Patch Tuesday, March 2026 Edition | Mar 11, 2:10 am |
|---|
| 171 | ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844, (Wed, Mar 11th) | Mar 11, 2:10 am |
|---|
| 172 | New ‘BlackSanta’ EDR killer spotted targeting HR departments | Mar 10, 11:10 pm |
|---|
| 173 | New BeatBanker Android malware poses as Starlink app to hijack devices | Mar 10, 10:10 pm |
|---|
| 174 | New 'Zombie ZIP' technique lets malware slip past security tools | Mar 10, 8:10 pm |
|---|
| 175 | Microsoft releases Windows 10 KB5078885 extended security update | Mar 10, 7:10 pm |
|---|
| 176 | FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials | Mar 10, 6:10 pm |
|---|
| 177 | HPE warns of critical AOS-CX flaw allowing admin password resets | Mar 10, 6:10 pm |
|---|
| 178 | Microsoft Patch Tuesday March 2026, (Tue, Mar 10th) | Mar 10, 6:10 pm |
|---|
| 179 | Windows 11 KB5079473 & KB5078883 cumulative updates released | Mar 10, 6:10 pm |
|---|
| 180 | Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws | Mar 10, 6:10 pm |
|---|
| 181 | KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet | Mar 10, 5:10 pm |
|---|
| 182 | Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys | Mar 10, 4:10 pm |
|---|
| 183 | The New Turing Test: How Threats Use Geometry to Prove 'Humanness' | Mar 10, 3:10 pm |
|---|
| 184 | New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network | Mar 10, 3:10 pm |
|---|
| 185 | New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries | Mar 10, 2:10 pm |
|---|
| 186 | APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military | Mar 10, 12:10 pm |
|---|
| 187 | The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction | Mar 10, 12:10 pm |
|---|
| 188 | CISA: Recently patched Ivanti EPM flaw now actively exploited | Mar 10, 12:10 pm |
|---|
| 189 | How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows | Mar 10, 12:10 pm |
|---|
| 190 | Microsoft to enable Windows hotpatch security updates by default | Mar 10, 11:10 am |
|---|
| 191 | APT28 hackers deploy customized variant of Covenant open-source tool | Mar 10, 10:10 am |
|---|
| 192 | Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool | Mar 10, 9:10 am |
|---|
| 193 | CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited | Mar 10, 8:10 am |
|---|
| 194 | ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th) | Mar 10, 2:10 am |
|---|
| 195 | Microsoft Teams phishing targets employees with A0Backdoor malware | Mar 10, 12:10 am |
|---|
| 196 | Microsoft Teams phishing targets employees with backdoors | Mar 9, 11:10 pm |
|---|
| 197 | Dutch govt warns of Signal, WhatsApp account hijacking attacks | Mar 9, 10:10 pm |
|---|
| 198 | Google: Cloud attacks exploit flaws more than weak credentials | Mar 9, 10:10 pm |
|---|
| 199 | Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials | Mar 9, 7:10 pm |
|---|
| 200 | Ericsson US discloses data breach after service provider hack | Mar 9, 7:10 pm |
|---|
| 201 | ShinyHunters claims ongoing Salesforce Aura data theft attacks | Mar 9, 6:10 pm |
|---|
| 202 | Microsoft Teams will tag third-party bots trying to join meetings | Mar 9, 6:10 pm |
|---|
| 203 | UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device | Mar 9, 4:10 pm |
|---|
| 204 | FBI warns of phishing attacks impersonating US city, county officials | Mar 9, 4:10 pm |
|---|
| 205 | ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware | Mar 9, 3:10 pm |
|---|
| 206 | Microsoft still working to fix Windows Explorer white flashes | Mar 9, 3:10 pm |
|---|
| 207 | Why Password Audits Miss the Accounts Attackers Actually Want | Mar 9, 3:10 pm |
|---|
| 208 | Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th) | Mar 9, 3:10 pm |
|---|
| 209 | Can the Security Platform Finally Deliver for the Mid-Market? | Mar 9, 12:10 pm |
|---|
| 210 | Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft | Mar 9, 11:10 am |
|---|
| 211 | Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure | Mar 9, 8:10 am |
|---|
| 212 | ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th) | Mar 9, 2:10 am |
|---|
| 213 | How AI Assistants are Moving the Security Goalposts | Mar 9, 12:10 am |
|---|
| 214 | EU court adviser says banks must immediately refund phishing victims | Mar 8, 4:10 pm |
|---|
| 215 | Hackers abuse .arpa DNS and ipv6 to evade phishing defenses | Mar 8, 3:10 pm |
|---|
| 216 | OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues | Mar 7, 6:10 pm |
|---|
| 217 | Termite ransomware breaches linked to ClickFix CastleRAT attacks | Mar 7, 5:10 pm |
|---|
| 218 | Microsoft: Hackers abusing AI at every stage of cyberattacks | Mar 7, 4:10 pm |
|---|
| 219 | Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model | Mar 7, 1:10 pm |
|---|
| 220 | YARA-X 1.14.0 Release, (Sat, Mar 7th) | Mar 7, 10:10 am |
|---|
| 221 | Cognizant TriZetto breach exposes health data of 3.4 million patients | Mar 6, 8:10 pm |
|---|
| 222 | CISA warns feds to patch iOS flaws exploited in crypto-theft attacks | Mar 6, 5:10 pm |
|---|
| 223 | Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT | Mar 6, 4:10 pm |
|---|
| 224 | Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India | Mar 6, 4:10 pm |
|---|
| 225 | CISA warns of Apple flaws exploited in spyware, crypto-theft attacks | Mar 6, 4:10 pm |
|---|
| 226 | Microsoft 365 Backup to add file-level restore for faster recovery | Mar 6, 3:10 pm |
|---|
| 227 | Fake Claude Code install guides push infostealers in InstallFix attacks | Mar 6, 3:10 pm |
|---|
| 228 | EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security | Mar 6, 3:10 pm |
|---|
| 229 | Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor | Mar 6, 11:10 am |
|---|
| 230 | The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity | Mar 6, 11:10 am |
|---|
| 231 | China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks | Mar 6, 10:10 am |
|---|
| 232 | Ghanain man pleads guilty to role in $100 million fraud ring | Mar 6, 10:10 am |
|---|
| 233 | FBI investigates breach of surveillance and wiretap systems | Mar 6, 9:10 am |
|---|
| 234 | Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog | Mar 6, 8:10 am |
|---|
| 235 | Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer | Mar 6, 8:10 am |
|---|
| 236 | ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838, (Fri, Mar 6th) | Mar 6, 2:10 am |
|---|
| 237 | Chinese state hackers target telcos with new malware toolkit | Mar 6, 12:10 am |
|---|
| 238 | Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware | Mar 5, 11:10 pm |
|---|
| 239 | Wikipedia hit by self-propagating JavaScript worm that vandalized pages | Mar 5, 9:10 pm |
|---|
| 240 | FBI arrests suspect linked to $46M crypto theft from US Marshals | Mar 5, 7:10 pm |
|---|
| 241 | WordPress membership plugin bug exploited to create admin accounts | Mar 5, 7:10 pm |
|---|
| 242 | Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities | Mar 5, 5:10 pm |
|---|
| 243 | 2026 Browser Data Reveals Major Enterprise Security Blind Spots | Mar 5, 3:10 pm |
|---|
| 244 | Google says 90 zero-days were exploited in attacks last year | Mar 5, 3:10 pm |
|---|
| 245 | Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders | Mar 5, 2:10 pm |
|---|
| 246 | ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More | Mar 5, 2:10 pm |
|---|
| 247 | Police dismantles online gambling ring exploiting Ukrainian women | Mar 5, 1:10 pm |
|---|
| 248 | Where Multi-Factor Authentication Stops and Credential Abuse Starts | Mar 5, 12:10 pm |
|---|
| 249 | ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836, (Thu, Mar 5th) | Mar 5, 12:10 pm |
|---|
| 250 | Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware | Mar 5, 12:10 pm |
|---|
| 251 | APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine | Mar 5, 11:10 am |
|---|
| 252 | Cisco flags more SD-WAN flaws as actively exploited in attacks | Mar 5, 11:10 am |
|---|
| 253 | Phobos ransomware admin pleads guilty to wire fraud conspiracy | Mar 5, 9:10 am |
|---|
| 254 | FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials | Mar 5, 8:10 am |
|---|
| 255 | Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks | Mar 5, 8:10 am |
|---|
| 256 | Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th) | Mar 5, 3:10 am |
|---|
| 257 | Bitwarden adds support for passkey login on Windows 11 | Mar 4, 11:10 pm |
|---|
| 258 | Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers | Mar 4, 10:10 pm |
|---|
| 259 | Fake LastPass support email threads try to steal vault passwords | Mar 4, 9:10 pm |
|---|
| 260 | Windows 10 KB5075039 update fixes broken Recovery Environment | Mar 4, 9:10 pm |
|---|
| 261 | Cisco warns of max severity Secure FMC flaws giving root access | Mar 4, 8:10 pm |
|---|
| 262 | Hacker mass-mails HungerRush extortion emails to restaurant patrons | Mar 4, 7:10 pm |
|---|
| 263 | Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks | Mar 4, 7:10 pm |
|---|
| 264 | 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict | Mar 4, 6:10 pm |
|---|
| 265 | FBI seizes LeakBase cybercrime forum, data of 142,000 members | Mar 4, 6:10 pm |
|---|
| 266 | Europol-coordinated action disrupts Tycoon2FA phishing platform | Mar 4, 5:10 pm |
|---|
| 267 | Mississippi medical center reopens clinics hit by ransomware attack | Mar 4, 4:10 pm |
|---|
| 268 | How a Brute Force Attack Unmasked a Ransomware Infrastructure Network | Mar 4, 3:10 pm |
|---|
| 269 | Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1 | Mar 4, 2:10 pm |
|---|
| 270 | New RFP Template for AI Usage Control and AI Governance | Mar 4, 1:10 pm |
|---|
| 271 | Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux | Mar 4, 10:10 am |
|---|
| 272 | Want More XWorm?, (Wed, Mar 4th) | Mar 4, 10:10 am |
|---|
| 273 | APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2 | Mar 4, 9:10 am |
|---|
| 274 | CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog | Mar 4, 6:10 am |
|---|
| 275 | ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th) | Mar 4, 2:10 am |
|---|
| 276 | CISA flags VMware Aria Operations RCE flaw as exploited in attacks | Mar 4, 12:10 am |
|---|
| 277 | Facebook accounts unavailable in worldwide outage | Mar 3, 11:10 pm |
|---|
| 278 | Paint maker giant AkzoNobel confirms cyberattack on U.S. site | Mar 3, 11:10 pm |
|---|
| 279 | Microsoft: Hackers abuse OAuth error flows to spread malware | Mar 3, 9:10 pm |
|---|
| 280 | Google Chrome shifts to two-week release cycle for increased stability | Mar 3, 6:10 pm |
|---|
| 281 | Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations | Mar 3, 6:10 pm |
|---|
| 282 | LexisNexis confirms data breach as hackers leak stolen files | Mar 3, 4:10 pm |
|---|
| 283 | Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries | Mar 3, 3:10 pm |
|---|
| 284 | Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow | Mar 3, 3:10 pm |
|---|
| 285 | Compromised Site Management Panels are a Hot Item in Cybercrime Markets | Mar 3, 3:10 pm |
|---|
| 286 | Bruteforce Scans for CrushFTP , (Tue, Mar 3rd) | Mar 3, 3:10 pm |
|---|
| 287 | Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication | Mar 3, 12:10 pm |
|---|
| 288 | AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged | Mar 3, 12:10 pm |
|---|
| 289 | Amazon: Drone strikes damaged AWS data centers in Middle East | Mar 3, 12:10 pm |
|---|
| 290 | Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets | Mar 3, 11:10 am |
|---|
| 291 | Star Citizen game dev discloses breach affecting user data | Mar 3, 11:10 am |
|---|
| 292 | UH Cancer Center data breach affects nearly 1.2 million people | Mar 3, 10:10 am |
|---|
| 293 | SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains | Mar 3, 9:10 am |
|---|
| 294 | Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited | Mar 3, 9:10 am |
|---|
| 295 | Android gets patches for Qualcomm zero-day exploited in attacks | Mar 3, 9:10 am |
|---|
| 296 | ⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More | Mar 3, 6:42 am |
|---|
| 297 | How Deepfakes and Injection Attacks Are Breaking Identity Verification | Mar 3, 6:42 am |
|---|
| 298 | UK warns of Iranian cyberattack risks amid Middle-East conflict | Mar 3, 6:42 am |
|---|
| 299 | Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome | Mar 3, 6:42 am |
|---|
| 300 | New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel | Mar 3, 6:42 am |
|---|
| 301 | Florida woman imprisoned for massive Microsoft license fraud scheme | Mar 3, 6:42 am |
|---|
| 302 | Alabama man pleads guilty to hacking, extorting hundreds of women | Mar 3, 6:42 am |
|---|
| 303 | Fake Google Security site uses PWA app to steal credentials, MFA codes | Mar 3, 6:42 am |
|---|
| 304 | CyberStrikeAI tool adopted by hackers for AI-powered attacks | Mar 3, 6:42 am |
|---|
| 305 | ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd) | Mar 3, 6:42 am |
|---|
