notice: please create a custom view template for the cybersec class view-cybersec.html
FBI warns of Handala hackers using Telegram in malware attacks
The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks. [...]
10:10 am, March 23, 2026
guid
https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
source_url
https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
author_name
Sergiu Gatlan
id: 305
uid: ZoFUD
insdate: 2026-03-23 10:10:05
title: FBI warns of Handala hackers using Telegram in malware attacks
additional: The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks. [...]
category: Cybersecurity
md5:
guid: https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
source_url: https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
updated:
image:
author_name: Sergiu Gatlan
author_link:
uid: ZoFUD
insdate: 2026-03-23 10:10:05
title: FBI warns of Handala hackers using Telegram in malware attacks
additional: The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks. [...]
category: Cybersecurity
md5:
guid: https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
source_url: https://www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
updated:
image:
author_name: Sergiu Gatlan
author_link:
Add Comment
AI Testing
Page Views
This page has been viewed 1 times.
Search cybersec
Category List cybersec
- Cybersecurity
- /proxy/ URL scans with IP addresses, (Mon, Mar 16th)
- 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
- 2026 Browser Data Reveals Major Enterprise Security Blind Spots
- 54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
- 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
- 7 Ways to Prevent Privilege Escalation via Password Resets
- 9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
- A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
- AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
- AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
- AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
- AI-generated Slopoly malware used in Interlock ransomware attack
- APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
- APT28 hackers deploy customized variant of Covenant open-source tool
- APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
- APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
- Alabama man pleads guilty to hacking, extorting hundreds of women
- Amazon: Drone strikes damaged AWS data centers in Middle East
- Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)
- Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
- Android gets patches for Qualcomm zero-day exploited in attacks
- Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
- Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
- Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
- Apple patches older iPhones and iPads against Coruna exploits
- Apple pushes first Background Security Improvements update to fix WebKit flaw
- AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
- Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
- Aura confirms data breach exposing 900,000 marketing contacts
- Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
- Betterleaks, a new open-source secrets scanner to replace Gitleaks
- Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
- Bitrefill blames North Korean Lazarus group for cyberattack
- Bitwarden adds support for passkey login on Windows 11
- Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
- Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
- CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
- CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
- CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
- CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
- CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
- CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
- CISA flags VMware Aria Operations RCE flaw as exploited in attacks
- CISA flags Wing FTP Server flaw as actively exploited in attacks
- CISA orders feds to patch DarkSword iOS flaws exploited attacks
- CISA orders feds to patch Zimbra XSS flaw exploited in attacks
- CISA orders feds to patch max-severity Cisco flaw by Sunday
- CISA orders feds to patch n8n RCE flaw exploited in attacks
- CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
- CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
- CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
- CISA: Recently patched Ivanti EPM flaw now actively exploited
- Can the Security Platform Finally Deliver for the Mid-Market?
- Canadian retail giant Loblaw notifies customers of data breach
- China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
- Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
- Chinese state hackers target telcos with new malware toolkit
- Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
- Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
- Cisco flags more SD-WAN flaws as actively exploited in attacks
- Cisco warns of max severity Secure FMC flaws giving root access
- Claude Code Security and Magecart: Getting the Threat Model Right
- ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
- Cognizant TriZetto breach exposes health data of 3.4 million patients
- Compromised Site Management Panels are a Hot Item in Cybercrime Markets
- ConnectWise patches new flaw allowing ScreenConnect hijacking
- Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
- Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
- Critical Microsoft SharePoint flaw now exploited in attacks
- Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
- Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
- Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
- CyberStrikeAI tool adopted by hackers for AI-powered attacks
- DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
- DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
- Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th)
- DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
- Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
- Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
- Dutch govt warns of Signal, WhatsApp account hijacking attacks
- EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
- EU court adviser says banks must immediately refund phishing victims
- Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th)
- England Hockey investigating ransomware data breach
- Ericsson US discloses data breach after service provider hack
- Europe sanctions Chinese and Iranian firms for cyberattacks
- Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
- Europol-coordinated action disrupts Tycoon2FA phishing platform
- Ex-data analyst stole company data in $2.5M extortion scheme
- FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
- FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
- FBI arrests suspect linked to $46M crypto theft from US Marshals
- FBI investigates breach of surveillance and wiretap systems
- FBI links Signal phishing attacks to Russian intelligence services
- FBI seeks victims of Steam games used to spread malware
- FBI seizes Handala data leak site after Stryker cyberattack
- FBI seizes LeakBase cybercrime forum, data of 142,000 members
- FBI warns of Handala hackers using Telegram in malware attacks
- FBI warns of phishing attacks impersonating US city, county officials
- Facebook accounts unavailable in worldwide outage
- Fake Claude Code install guides push infostealers in InstallFix attacks
- Fake Google Security site uses PWA app to steal credentials, MFA codes
- Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
- Fake LastPass support email threads try to steal vault passwords
- Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
- Fake enterprise VPN downloads used to steal company credentials
- Fake enterprise VPN sites used to steal company credentials
- Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
- Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
- Florida woman imprisoned for massive Microsoft license fraud scheme
- FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
- From VMware to what’s next: Protecting data during hypervisor migration
- GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
- Ghanain man pleads guilty to role in $100 million fraud ring
- GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
- GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
- GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
- Going the Extra Mile: Travel Rewards Turn into Underground Currency.
- Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
- Google Chrome shifts to two-week release cycle for increased stability
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
- Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
- Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
- Google adds ‘Advanced Flow’ for safe APK sideloading on Android
- Google fixes two new Chrome zero-days exploited in attacks
- Google paid $17.1 million for vulnerability reports in 2025
- Google says 90 zero-days were exploited in attacks last year
- Google: Cloud attacks exploit flaws more than weak credentials
- HPE warns of critical AOS-CX flaw allowing admin password resets
- Hacker mass-mails HungerRush extortion emails to restaurant patrons
- Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
- Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
- Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
- Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
- How AI Assistants are Moving the Security Goalposts
- How CISOs Can Survive the Era of Geopolitical Cyberattacks
- How Ceros Gives Security Teams Visibility and Control in Claude Code
- How Deepfakes and Injection Attacks Are Breaking Identity Verification
- How a Brute Force Attack Unmasked a Ransomware Infrastructure Network
- How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
- How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
- INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
- IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
- ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848, (Fri, Mar 13th)
- ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
- ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838, (Fri, Mar 6th)
- ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)
- ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)
- ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th)
- ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846, (Thu, Mar 12th)
- ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
- ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836, (Thu, Mar 5th)
- ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th)
- ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)
- ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd)
- ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844, (Wed, Mar 11th)
- ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
- ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th)
- Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
- Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
- International joint action disrupts world’s largest DDoS botnets
- Investigating a New Click-Fix Variant
- Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
- Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
- KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
- Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
- LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
- LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks
- LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
- LexisNexis confirms data breach as hackers leak stolen files
- Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
- Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
- Marquis: Ransomware gang stole data of 672K people in cyberattack
- Max severity Ubiquiti UniFi flaw may allow account takeover
- Medtech giant Stryker offline after Iran-linked wiper malware attack
- Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
- Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools
- Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
- Microsoft 365 Backup to add file-level restore for faster recovery
- Microsoft Azure Monitor alerts abused for callback phishing attacks
- Microsoft Azure Monitor alerts abused in callback phishing campaigns
- Microsoft Exchange Online outage blocks access to mailboxes
- Microsoft Exchange Online service change causes email access issues
- Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
- Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
- Microsoft Patch Tuesday, March 2026 Edition
- Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
- Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
- Microsoft Teams phishing targets employees with A0Backdoor malware
- Microsoft Teams phishing targets employees with backdoors
- Microsoft Teams will tag third-party bots trying to join meetings
- Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
- Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
- Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
- Microsoft investigates classic Outlook sync and connection issues
- Microsoft pulls Samsung app blocking Windows C: drive from Store
- Microsoft releases Windows 10 KB5078885 extended security update
- Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
- Microsoft shares fix for Windows C: drive access issues on Samsung PCs
- Microsoft still working to fix Windows Explorer white flashes
- Microsoft stops force-installing the Microsoft 365 Copilot app
- Microsoft to enable Windows hotpatch security updates by default
- Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
- Microsoft: Hackers abuse OAuth error flows to spread malware
- Microsoft: Hackers abusing AI at every stage of cyberattacks
- Microsoft: March Windows updates break Teams, OneDrive sign-ins
- Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
- Mississippi medical center reopens clinics hit by ransomware attack
- Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
- Musician admits to $10M streaming royalty fraud using AI bots
- Navia discloses data breach impacting 2.7 million people
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
- New 'Zombie ZIP' technique lets malware slip past security tools
- New BeatBanker Android malware poses as Starlink app to hijack devices
- New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
- New KB5085516 emergency update fixes Microsoft account sign-in
- New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
- New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
- New PhantomRaven NPM attack wave steals dev data via 88 packages
- New RFP Template for AI Usage Control and AI Governance
- New Windows 11 hotpatch fixes Bluetooth device visibility issue
- New font-rendering trick hides malicious commands from AI tools
- New ‘BlackSanta’ EDR killer spotted targeting HR departments
- New ‘Perseus’ Android malware checks user notes for secrets
- New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
- New “Darksword” iOS exploit used in infostealer attack on iPhones
- Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
- Nordstrom's email system abused to send crypto scams to customers
- OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
- Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
- OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
- OpenAI says ChatGPT ads are not rolling out globally for now
- OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
- Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
- Oracle pushes emergency fix for critical Identity Manager RCE flaw
- Paint maker giant AkzoNobel confirms cyberattack on U.S. site
- Phobos ransomware admin pleads guilty to wire fraud conspiracy
- Poland's nuclear research centre targeted by cyberattack
- Police dismantles online gambling ring exploiting Ukrainian women
- Police sinkholes 45,000 IP addresses in cybercrime crackdown
- Police take down 373,000 fake CSAM sites in Operation Alice
- Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
- Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
- Ransomware gang exploits Cisco flaw in zero-day attacks since January
- Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes
- Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
- Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
- SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
- Scans for "adminer", (Wed, Mar 18th)
- Shadow AI is everywhere. Here’s how to find and secure it.
- ShinyHunters claims ongoing Salesforce Aura data theft attacks
- Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
- SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
- SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)
- Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
- Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks
- Star Citizen game dev discloses breach affecting user data
- Starbucks discloses data breach affecting hundreds of employees
- Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
- Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
- Stryker attack wiped tens of thousands of devices, no malware needed
- Telus Digital confirms breach after hacker claims 1 petabyte data theft
- Termite ransomware breaches linked to ClickFix CastleRAT attacks
- The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
- The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
- The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
- The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
- The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
- Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
- ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
- ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
- ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
- Top 5 Things CISOs Need to Do Today to Secure AI Agents
- Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
- Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
- Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
- Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
- Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
- UH Cancer Center data breach affects nearly 1.2 million people
- UK warns of Iranian cyberattack risks amid Middle-East conflict
- UK’s Companies House confirms security flaw exposed business data
- UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
- UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
- US charges another ransomware negotiator linked to BlackCat attacks
- US disrupts SocksEscort proxy network powered by Linux malware
- Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
- Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution
- Veeam warns of critical flaws exposing backup servers to RCE attacks
- VoidStealer malware steals Chrome master key via debugger trick
- Want More XWorm?, (Wed, Mar 4th)
- We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
- Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
- What Boards Must Demand in the Age of AI-Automated Exploitation
- WhatsApp introduces parent-managed accounts for pre-teens
- When your IoT Device Logs in as Admin, It?s too Late! [Guest Diary], (Wed, Mar 11th)
- Where Multi-Factor Authentication Stops and Credential Abuse Starts
- Why Password Audits Miss the Accounts Attackers Actually Want
- Why Security Validation Is Becoming Agentic
- Wikipedia hit by self-propagating JavaScript worm that vandalized pages
- Windows 10 KB5075039 update fixes broken Recovery Environment
- Windows 11 KB5079473 & KB5078883 cumulative updates released
- WordPress membership plugin bug exploited to create admin accounts
- YARA-X 1.14.0 Release, (Sat, Mar 7th)
- ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
- ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
- ⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More