List cybersec
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "N/A", "patch_ready": false, "insight": "An active device code phishing campaign is targeting over 340 Micros..
1:10 pm, March 25, 2026 Cybersecurity
Paid AI Accounts Are Now a Hot Underground Commodity
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "AI accounts are being sold as part of the cybercrime supply chain on undergrou..
2:10 pm, March 25, 2026 Cybersecurity
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), ..
3:10 pm, March 25, 2026 Cybersecurity
Citrix urges admins to patch NetScaler flaws as soon as possible
{ "priority": "HIGH", "cve": "N/A", "target": "Citrix NetScaler ADC and NetScaler Gateway", "threat_actor": "N/A", "patch_ready": true, "insight": "Citrix urges admins to patch NetScaler f..
4:10 pm, March 25, 2026 Cybersecurity
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website link..
6:10 pm, March 25, 2026 Cybersecurity
New Torg Grabber infostealer malware targets 728 crypto wallets
{ "priority": "HIGH", "cve": "N/A", "target": "crypto wallets", "threat_actor": "Torg Grabber", "patch_ready": false, "insight": "Torg Grabber malware targets 728 crypto wallets and 850 br..
7:10 pm, March 25, 2026 Cybersecurity
Bubble AI app builder abused to steal Microsoft account credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft accounts", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are abusing Bubble AI app builder to steal Micros..
8:10 pm, March 25, 2026 Cybersecurity
PolyShell attacks target 56% of all vulnerable Magento stores
{ "priority": "HIGH", "cve": "N/A", "target": "Magento Open Source and Adobe Commerce", "threat_actor": "N/A", "patch_ready": false, "insight": "Active attacks exploiting the PolyShell vul..
10:10 pm, March 25, 2026 Cybersecurity
Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
{ "priority": "MEDIUM", "cve": "N/A", "target": "Apple OS", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple patches 85 vulnerabilities across multiple operating systems, with..
10:10 pm, March 25, 2026 Cybersecurity
GitHub adds AI-powered bug detection to expand security coverage
{ "priority": "INFO", "cve": "N/A", "target": "GitHub Code Security", "threat_actor": "N/A", "patch_ready": false, "insight": "GitHub introduces AI-powered bug detection to enhance securit..
12:10 am, March 26, 2026 Cybersecurity
ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, March 26, 2026 Cybersecurity
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
{ "priority": "HIGH", "cve": "N/A", "target": "E-Commerce Sites", "threat_actor": "N/A", "patch_ready": false, "insight": "New WebRTC skimmer bypasses CSP to steal payment data from e-comm..
9:10 am, March 26, 2026 Cybersecurity
Suspected RedLine infostealer malware admin extradited to US
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "RedLine", "patch_ready": false, "insight": "An Armenian suspect was extradited to the US to face charges for allegedly..
12:10 pm, March 26, 2026 Cybersecurity
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Apple iOS", "threat_actor": "N/A", "patch_ready": false, "insight": "Coruna iOS Kit reuses 2023 Triangulation exploit code in new mass attack..
12:10 pm, March 26, 2026 Cybersecurity
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discusses validating security defenses against real attacks" }
12:10 pm, March 26, 2026 Cybersecurity
Russia arrests suspected owner of LeakBase cybercrime forum
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Russian police arrested a suspect believed to be the owner of LeakBase, a cyber..
1:10 pm, March 26, 2026 Cybersecurity
TikTok for Business accounts targeted in new phishing campaign
{ "priority": "HIGH", "cve": "N/A", "target": "TikTok for Business", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are targeting TikTok for Business accounts in a ..
2:10 pm, March 26, 2026 Cybersecurity
WhatsApp rolls out more AI features, iOS multi-account support
WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer ..
2:10 pm, March 26, 2026 Cybersecurity
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it. [...]
2:10 pm, March 26, 2026 Cybersecurity
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
{ "priority": "CRITICAL", "cve": "N/A", "target": "Claude Google Chrome Extension", "threat_actor": "N/A", "patch_ready": true, "insight": "Vulnerability in Claude Google Chrome Extension ..
2:10 pm, March 26, 2026 Cybersecurity
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits. [...]
2:10 pm, March 26, 2026 Cybersecurity
Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how hackers and art forgers use deception techniques, an..
2:10 pm, March 26, 2026 Cybersecurity
ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin covers various security topics, including PQC push, AI vulnerabilit..
2:10 pm, March 26, 2026 Cybersecurity
UK sanctions Xinbi marketplace linked to Asian scam centers
{ "priority": "LOW", "cve": "N/A", "target": "Xinbi marketplace", "threat_actor": "N/A", "patch_ready": false, "insight": "The UK has sanctioned Xinbi, a Chinese-language cryptocurrency ma..
4:10 pm, March 26, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)
{"priority": "CRITICAL", "cve": "N/A", "target": "TeamPCP", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA KEV entry and detection tools available for TeamPCP supply chain campaign."}
6:10 pm, March 26, 2026 Cybersecurity
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
{ "priority": "HIGH", "cve": "N/A", "target": "Telecom Networks", "threat_actor": "Red Menshen", "patch_ready": false, "insight": "China-linked Red Menshen uses stealthy BPFDoor implants t..
6:10 pm, March 26, 2026 Cybersecurity
CISA: New Langflow flaw actively exploited to hijack AI workflows
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framewor..
8:10 pm, March 26, 2026 Cybersecurity
Ajax football club hack exposed fan data, enabled ticket hijack
{ "priority": "MEDIUM", "cve": "N/A", "target": "Ajax Amsterdam (AFC Ajax)", "threat_actor": "N/A", "patch_ready": false, "insight": "A hacker exploited vulnerabilities in Ajax Amsterdam's..
9:10 pm, March 26, 2026 Cybersecurity
ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "SANS Internet Storm Center podcast for Friday, March 27th, 2026." }
2:10 am, March 27, 2026 Cybersecurity
Dutch Police discloses security breach after phishing attack
{ "priority": "INFO", "cve": "N/A", "target": "Dutch National Police (Politie)", "threat_actor": "N/A", "patch_ready": false, "insight": "Dutch Police discloses limited security breach due..
9:10 am, March 27, 2026 Cybersecurity
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
{ "priority": "HIGH", "cve": "N/A", "target": "LangChain, LangGraph", "threat_actor": "N/A", "patch_ready": false, "insight": "Multiple security vulnerabilities in LangChain and LangGraph ..
9:10 am, March 27, 2026 Cybersecurity
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
{ "priority": "HIGH", "cve": "N/A", "target": "Russian Firms", "threat_actor": "Bearlyfy", "patch_ready": false, "insight": "Bearlyfy, a pro-Ukrainian group, has launched over 70 cyber att..
10:10 am, March 27, 2026 Cybersecurity
Windows 11 KB5079391 update rolls out Smart App Control improvements
{ "priority": "INFO", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft releases KB5079391 preview cumulative update for Windows 11 2..
10:10 am, March 27, 2026 Cybersecurity
Anti-piracy coalition takes down AnimePlay app with 5 million users
{ "priority": "INFO", "cve": "N/A", "target": "AnimePlay", "threat_actor": "N/A", "patch_ready": false, "insight": "The Alliance for Creativity and Entertainment shut down AnimePlay, a maj..
11:10 am, March 27, 2026 Cybersecurity
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it. Introduction..
12:10 pm, March 27, 2026 Cybersecurity
European Commission investigating breach after Amazon cloud hack
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure. [...]
1:10 pm, March 27, 2026 Cybersecurity
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
{ "priority": "HIGH", "cve": "N/A", "target": "TikTok Business Accounts", "threat_actor": "AitM", "patch_ready": false, "insight": "AitM phishing campaign targets TikTok Business accounts ..
1:10 pm, March 27, 2026 Cybersecurity
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
{ "priority": "HIGH", "cve": "N/A", "target": "Russian Firms", "threat_actor": "Bearlyfy", "patch_ready": false, "insight": "Bearlyfy, a pro-Ukrainian group, has conducted over 70 cyber at..
1:10 pm, March 27, 2026 Cybersecurity
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from execution to risk leadership. [...]
2:10 pm, March 27, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)
``` { "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "Update on TeamPCP supply chain campaign, including Telnyx PyPI comprom..
3:10 pm, March 27, 2026 Cybersecurity
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
{ "priority": "HIGH", "cve": "N/A", "target": "Open VSX", "threat_actor": "N/A", "patch_ready": true, "insight": "A bug in Open VSX's pre-publish scanning pipeline allowed malicious VS Cod..
3:10 pm, March 27, 2026 Cybersecurity
Fake VS Code alerts on GitHub spread malware to developers
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious actors are spreading malware to developers via fake VS Code secur..
5:10 pm, March 27, 2026 Cybersecurity
European Commission investigating breach after Amazon cloud account hack
{ "priority": "HIGH", "cve": "N/A", "target": "Amazon cloud environment", "threat_actor": "Unknown threat actor", "patch_ready": false, "insight": "The European Commission is investigating..
5:10 pm, March 27, 2026 Cybersecurity
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
{ "priority": "HIGH", "cve": "N/A", "target": "telnyx Python package", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "TeamPCP pushes malicious Telnyx versions to PyPI, hiding..
6:10 pm, March 27, 2026 Cybersecurity
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
{ "priority": "HIGH", "cve": "N/A", "target": "Apple iOS", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple sends Lock Screen alerts to outdated iPhones to warn of active web-..
7:10 pm, March 27, 2026 Cybersecurity
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. [...]
10:10 pm, March 27, 2026 Cybersecurity
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
{ "priority": "HIGH", "cve": "N/A", "target": "iOS devices", "threat_actor": "TA446 (Callisto)", "patch_ready": false, "insight": "Russian state-sponsored threat group TA446 uses leaked Da..
8:10 am, March 28, 2026 Cybersecurity
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
{ "priority": "CRITICAL", "cve": "CVE-2025-53521", "target": "F5 BIG-IP Access Policy Manager (APM)", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA added CVE-2025-53521 to K..
8:10 am, March 28, 2026 Cybersecurity
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity..
9:10 am, March 28, 2026 Cybersecurity
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
{ "priority": "CRITICAL", "cve": "CVE-2026-3055", "target": "Citrix NetScaler ADC and NetScaler Gateway", "threat_actor": "N/A", "patch_ready": false, "insight": "Citrix NetScaler ADC and ..
10:10 am, March 28, 2026 Cybersecurity
AI Testing
