88Articles
8Categories
2026-03-02Date
🚨 CISA KEV 1[−]
2 Mar KEVVulnerability Report - February 2026submitted by cm0002 to cybersecurity 1 points | 0 comments https://www.vulnerability-lookup.org/2026/03/02/vulnerability-report-february-2026/ Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup , with contributions from the pla…INFOSEC.PUB
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
2 MarAngular SSR Flaw Enables Unauthorized Server-Side Requests in Web AppsA critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to perform Server-Side Request Forgery (SSRF) and Header Injection attacks. Tracked as CVE-2026-27739, this flaw enables unauthorized server-side requests in web applica…GBHACKERS.COM
2 MarAPT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch TuesdayA recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 (CVSS score: 8.8), a high-severity security fea…THEHACKERNEWS.COM
2 MarLangflow CSV Agent Flaw Could Let Attackers Execute Arbitrary CodeA critical vulnerability has been discovered in Langflow, a popular low-code tool used for building applications with Large Language Models (LLMs). The flaw, tracked as CVE-2026-27966, resides in the software’s CSV Agent node and could allow malicious actors to execute unau…GBHACKERS.COM
2 MarOneUptime Command Injection Vulnerability Poses Major Risk of Full System TakeoverA critical command injection vulnerability, identified as CVE-2026-27728, has been discovered in OneUptime, a platform for monitoring and managing online services. This flaw allows authenticated users to execute arbitrary operating system commands on the Probe server, posing a si…GBHACKERS.COM
2 MarProof-of-Concept Released for Windows ALPC Privilege Escalation via Error ReportingA critical local privilege escalation (LPE) vulnerability, identified as CVE-2026-20817, has been publicly documented following the release of a proof-of-concept (PoC) exploit. Discovered in the Windows Error Reporting (WER) service, the flaw allows an authenticated, low-privileg…GBHACKERS.COM
2 Mar KEVMSHTML Zero-Day in Windows Exploited by APT28 Prior to Feb 2026 Security UpdateMicrosoft released its Patch Tuesday updates, addressing 59 vulnerabilities, including a critical zero-day flaw in the Windows MSHTML framework. Tracked as CVE-2026-21513, this actively exploited vulnerability allows attackers to bypass security features and execute arbitrary cod…GBHACKERS.COM
2 MarCVE-2026-3102: macOS ExifTool image-processing vulnerability | Kaspersky official blogA comprehensive guide to mitigating the dangerous ExifTool vulnerability affecting image metadata processing on macOS.KASPERSKY.COM
2 MarNew Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini PanelCybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the system. The vulnerability, tracked as CVE-2026-0628 (CVSS score: 8.8), has been descri…THEHACKERNEWS.COM
2 MarVU#431821: MS-Agent does not properly sanitize commands sent to its shell tool, allowing for RCEOverview A command injection vulnerability was identified in the MS-Agent framework that can be triggered through unsanitized prompt-derived input. An attacker can craft untrusted input introduced via a chat prompt or other external content sources, resulting in arbitrary command…KB.CERT.ORG
⚠️ VULNERABILITY DISCLOSURE 21[−]
2 MarOpenClaw 0-Click Flaw Lets Malicious Websites Hijack Developer AI AgentsOpenClaw, a highly popular open-source AI personal assistant with over 100,000 GitHub stars, recently faced a critical security flaw. This AI tool, which autonomously manages developer workflows across laptops, messaging apps, and dev tools, was found to be vulnerable to a 0-clic…GBHACKERS.COM
2 MarPixel Perfect Browser Extension Exploited for Stealth Script Injection and Security Header StrippingA popular Chrome add-on, “QuickLens – Search Screen with Google Lens,” has quietly morphed from a legitimate productivity tool into a full‑fledged remote code-execution platform that abuses browser trust, security headers, and silent auto‑updates. What began as a simple Google Le…GBHACKERS.COM
2 MarHow CISOs can build a resilient workforceWith ongoing skills gaps, AI reshaping roles and workforce stress as standing concerns for many CISOs, ensuring the resilience of the workforce has become top of mind. But due to budget constraints, return to office mandates and teams struggling to keep up with the threat landsca…CSOONLINE.COM
2 MarCISA Leadership Shakeup, OpenClaw Hijack, Robot Vacuums and MoreOpenClaw AI Agent Hijack, CISA Leadership Shakeup, Iran Cyber Campaign, Air-Gap Malware, and Robot Vacuum Flaw Jim Love covers multiple cybersecurity stories: Oasis Security revealed "ClawJacked," a high-severity OpenClaw AI agent framework flaw caused by missing rate limiting on…CYBERSECURITYTODAY.LIBSYN.COM
2 MarMiddle East AWS Outage Sends Shockwaves Through Cloud Infrastructure ServiceA severe infrastructure incident in the Middle East has triggered a massive Amazon Web Services (AWS) outage, disrupting critical cloud operations across the region. The event, which aggressively impacted the ME-CENTRAL-1 (United Arab Emirates) and ME-SOUTH-1 (Bahrain) regions, l…GBHACKERS.COM
2 MarCISA Alerts on RESURGE Malware Exploiting Ivanti Connect Secure Zero-DaysThe Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a new malware family dubbed RESURGE, which is actively exploiting a zero-day vulnerability in Ivanti Connect Secure devices. According to CISA, RESURGE builds upon t…GBHACKERS.COM
2 MarHackers Launch Massive SonicWall Firewall Attack Using 4,000+ IP AddressesHackers are actively mapping SonicWall firewalls worldwide, launching more than 84,000 SonicOS scanning sessions from over 4,000 unique IP addresses in just four days to identify SSL VPN targets for future credential and vulnerability attacks. Three operationally distinct infrast…GBHACKERS.COM
2 MarNorth Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RATCybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry. The packages masquerade as developer tools, but contain functionality to …THEHACKERNEWS.COM
2 MarProject Compass Operation Cracks Down on “The Com” Cybercrime Collective – 30 Arrested, 179 Suspects IdentifiedAn international law enforcement operation named Project Compass has launched a major offensive against “The Com,” a dangerous transnational virtual network (TVN). The operation, which began in January 2025, has successfully led to the arrest of 30 suspects and the id…GBHACKERS.COM
2 MarA scorecard for cyber and risk cultureHave you once watched a leadership team clap for their “security culture month” like they’d landed a rover? Posters everywhere. Quizzes. A prize draw. Someone baked cupcakes with padlocks iced on top. Cute. Two weeks later, a product manager asked an engineer to “just share the a…CSOONLINE.COM
2 MarInnovation without exposure: A CISO’s secure-by-design framework for business outcomesThe brief for security leaders has changed. It used to be enough to reduce risk and keep the lights on. Now you are expected to enable AI adoption, connect more “things” to the network, modernize cloud at pace and still demonstrably reduce exposure, often without the comfort of e…CSOONLINE.COM
2 MarGTFire Phishing Campaign Exploits Google Services to Bypass Detection and Harvest CredentialsGTFire is a large-scale phishing scheme that abuses multiple Google services to hide malicious infrastructure, evade security tools, and steal credentials from organizations worldwide. GTFire is a credential-harvesting operation that chains Google Firebase Hosting and Google Tran…GBHACKERS.COM
2 MarUXSS Vulnerability in DuckDuckGo Browser’s AutoConsent JS Bridge Allows Cross-Origin AttacksA critical vulnerability was recently discovered in the DuckDuckGo browser for Android, exposing users to Universal Cross-Site Scripting (UXSS) attacks. This flaw, found in the browser’s AutoConsent JS bridge, allows malicious code from an untrusted source to run on a trust…GBHACKERS.COM
2 MarTPMS Flaw in Toyota, Mercedes, and Other Major Brands Enables Covert Vehicle TrackingTire pressure monitoring systems (TPMS) in popular brands like Toyota, Mercedes, and many others quietly broadcast radio signals that can be turned into a powerful vehicle‑tracking tool. New research shows that these routine safety messages can be harvested at scale, allowing any…GBHACKERS.COM
2 Mar⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and MoreThis week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all being pushed in different ways. Small gaps in access control, exposed keys, and normal features are being used as entry points. The pattern bec…THEHACKERNEWS.COM
2 MarOpenClaw Vulnerability Allowed Websites to Hijack AI AgentsMalicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek .SECURITYWEEK.COM
2 Marhackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actionssubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation?=0INFOSEC.PUB
2 MarVulnerability Allowed Hijacking Chrome’s Gemini Live AI AssistantMalicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarVulnerability monitoring service secures public-sector websites fasterAn automated scanning system has cut the time it takes to fix cybersecurity vulnerabilities across public sector IT systems, reducing median remediation time for general cyber vulnerabilities from 53 days to 32, and slashing DNS-specific average fix times from 50 days to eight. T…CSOONLINE.COM
2 MarNew AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprisessubmitted by cm0002 to cybersecurity 2 points | 0 comments https://arstechnica.com/security/2026/02/new-airsnitch-attack-breaks-wi-fi-encryption-in-homes-offices-and-enterprises/ New research shows that behaviors that occur at the very lowest levels of the network stack make encr…INFOSEC.PUB
2 MarCyberStrikeAI tool adopted by hackers for AI-powered attacksResearchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 13[−]
2 MarOT Security/business resilience, lack of incentives for securing software & the news - ESW #448Interview - Ben Worthy from Airbus Protect The current state of OT security and business resilience In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in sa…YOUTUBE.COM
2 MarNick Andersen Appointed Acting Director of CISAMadhu Gottumukkala has been assigned to a new role within the Department of Homeland Security. The post Nick Andersen Appointed Acting Director of CISA appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarCISA warns that RESURGE malware can be dormant on Ivanti devicessubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/cisa-warns-that-resurge-malware-can-be-dormant-on-ivanti-devices/SH.ITJUST.WORKS
2 MarUK warns of Iranian cyberattack risks amid Middle-East conflictThe United Kingdom's National Cyber Security Centre (NCSC) alerted British organizations to a heightened risk of Iranian cyberattacks amid the ongoing conflict in the Middle East. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 16[−]
2 MarKomikoAI - 1,060,191 breached accountsIn February, the AI-powered comic generation platform KomikoAI suffered a data breach . The incident exposed 1M unique email addresses along with names, user posts and the AI prompts used to generate content. The exposed data enables the mapping of individual AI prompts to specif…HAVEIBEENPWNED.COM
2 MarIsrael hacked BadeSaba, a popular Iranian prayer app with 5M+ installs on Google Play, to send messages urging Iranian military personnel to defectsubmitted by Innerworld to security 2 points | 0 comments https://www.wsj.com/livecoverage/iran-strikes-2026/card/israel-hacked-popular-iranian-prayer-app-to-urge-defections-resistance-wtYyb29CmKrTXoJBIV3CPROGRAMMING.DEV
2 MarIsrael hacked BadeSaba, a popular Iranian prayer app with 5M+ installs on Google Play, to send messages urging Iranian military personnel to defectsubmitted by Innerworld to cybersecurity 0 points | 0 comments https://www.wsj.com/livecoverage/iran-strikes-2026/card/israel-hacked-popular-iranian-prayer-app-to-urge-defections-resistance-wtYyb29CmKrTXoJBIV3CSH.ITJUST.WORKS
2 MarQuitbro - 22,874 breached accountsIn February 2026, the porn addiction app Quitbro allegedly suffered a data breach that exposed 23k unique email addresses. The data also included users’ years of birth, responses to questions within the app and their last recorded relapse time. The app’s maker, Plantake, did not …HAVEIBEENPWNED.COM
2 MarPrayer App Used by Millions Hacked to Broadcast Defection Messages Amid U.S.-Israel Strikes on IranA popular Iranian prayer timing application, BadeSaba Calendar, was hacked to deliver anti-government push notifications to millions of users. This cyber incident occurred early Saturday morning, coinciding with joint U.S. and Israeli military strikes on Iran. While the kinetic s…GBHACKERS.COM
2 MarWeekly Update 493Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite The Odido breach leaks were towards the beginning during this week's update. I recorded it the day after the second dump of data h…TROYHUNT.COM
2 MarHacker erpressen weniger Lösegeldimmer mehr betroffene Unternehmen und Organisationen folgen dem Rat, kein Lösegeld zu zahlen . fadfebrian – shutterstock.com Laut einem neuen Bericht des Analyseunternehmens Chainalysis konnten Hacker im Jahr 2025 im Zusammenhang mit Ransomware-Angriffen insgesamt 820 Millionen D…CSOONLINE.COM
2 MarLovora - 495,556 breached accountsIn February 2026, the couples and relationship app Lovora allegedly suffered a data breach that exposed 496k unique email addresses. The data also included users’ display names and profile photos, along with other personal information collected through use of the app. The app’s m…HAVEIBEENPWNED.COM
2 MarGUEST ESSAY: Real cyber risks arise when small flaws combine and alerts are viewed in isolationSecurity teams are drowning in signals. Alerts fire. Logs accumulate. Dashboards light up. Yet breaches still unfold quietly, often through a series of low-level actions that never trigger a single catastrophic alarm. Related: How ‘observability’ drives security Attac…LASTWATCHDOG.COM
2 MarUS-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran RetaliatesBoth sides conduct hacking and other attacks, including the deployment of wiper malware, DDoS, and disruptions to critical infrastructure. The post US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarCanadian Tire Data Breach Impacts 38 Million Accounts - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/canadian-tire-data-breach-impacts-38-million-accounts/SH.ITJUST.WORKS
2 Mar900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/02/900-sangoma-freepbx-instances.htmlSH.ITJUST.WORKS
2 MarHackers Weaponize Claude Code in Mexican Government Cyberattack - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/hackers-weaponize-claude-code-in-mexican-government-cyberattack/SH.ITJUST.WORKS
2 MarMadison Square Garden Data Breach Confirmed Months After Hacker AttackThe company is one of the many victims of the 2025 Oracle E-Business Suite (EBS) hacking campaign. The post Madison Square Garden Data Breach Confirmed Months After Hacker Attack appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarWhen the Worst Actually HappensOrganizations are encouraged to maintain documented incident response plans, test them regularly, involve necessary third parties, and continuously refine those plans as the business changes. An untested plan provides a false sense of security. Without validation through exercise…YOUTUBE.COM
2 MarHacktivists claim to have hacked Homeland Security to release ICE contract dataA hacking group called Department of Peace said they hacked a specific office within Homeland Security to protest ICE’s mass deportation campaign, and the companies aiding it.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 18[−]
2 MarISC Stormcast For Monday, March 2nd, 2026 https://isc.sans.edu/podcastdetail/9830, (Mon, Mar 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 MarOCRFix Botnet Uses ClickFix Phishing and EtherHiding to Mask Blockchain C2 InfrastructureOCRFix is a multi-stage botnet Trojan campaign that abuses a fake Tesseract OCR download site, ClickFix-style PowerShell execution, and EtherHiding on BNB Smart Chain to conceal a rotating blockchain-backed command infrastructure. The fake site gates content behind a bogus CAPTCH…GBHACKERS.COM
2 MarQuick Howto: ZIP Files Inside RTF, (Mon, Mar 2nd)In diary entry " Quick Howto: Extract URLs from RTF files " I mentioned ZIP files. ISC.SANS.EDU
2 MarWireshark 4.6.4 Released, (Mon, Mar 2nd)Wireshark release 4.6.4 fixes 3 vulnerabilities and 15 bugs. ISC.SANS.EDU
2 MarGoogle Working Towards Quantum-Safe Chrome HTTPS CertificatesThe internet giant is developing an evolution of the certificates based on Merkle Tree Certificates (MTCs). The post Google Working Towards Quantum-Safe Chrome HTTPS Certificates appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarNorth Korean APT Targets Air-Gapped Systems in Recent CampaignUsing Windows shortcut files, the APT deployed a new implant, a loader, a propagation tool, and two backdoors. The post North Korean APT Targets Air-Gapped Systems in Recent Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarLLM-Assisted DeanonymizationTurns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, LinkedIn, and anonymized interview transcripts, our method identifies users with high precision ­ and scales to tens …SCHNEIER.COM
2 MarHackers Use 1Campaign to Hide Malicious Ads From Google Reviewerssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/hackers-1campaign-hide-malicious-ads-google-reviewers/SH.ITJUST.WORKS
2 MarAWS Expands Security Hub Into a Cross-Domain Security PlatformThe AWS Security Hub Extended plan aims to reduce security tool sprawl by correlating findings across multiple security domains. The post AWS Expands Security Hub Into a Cross-Domain Security Platform appeared first on SecurityWeek .SECURITYWEEK.COM
2 MarThe Case for Behavioral AI in Legal Email SecurityFor legal organizations, the integrity of communication isn't just a business requirement, it’s a foundational pillar of the profession. Whether it’s a sensitive case strategy, a confidential merger agreement, or personal client data, the information contained within firm emails …KNOWBE4.COM
2 MarClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocketsubmitted by kid to cybersecurity 3 points | 0 comments https://thehackernews.com/2026/02/clawjacked-flaw-lets-malicious-sites.htmlSH.ITJUST.WORKS
2 MarMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
2 MarLink11 Releases European Cyber Report 2026: DDoS Attacks Become a Constant ThreatFrankfurt am Main, Germany, March 2nd, 2026, CyberNewswire Link11 has published its European Cyber Report 2026, revealing that DDoS attacks reached a new level in 2025 and have become a permanent stress factor for digital infrastructures. The report shows that the number of docum…GBHACKERS.COM
2 MarGoogle Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in ChromeGoogle has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers. "To ensure the scalability and efficiency of the ecosystem, Chrome has no immediate plan to add traditional X.509 certificates…THEHACKERNEWS.COM
2 MarAn App That Detects Smart GlassesA new app claims to detect nearby smart glasses by scanning for Bluetooth Low Energy (BLE) announcement frames. The demand appears driven by privacy concerns around camera-enabled wearables, including devices like Meta Ray-Bans. In testing, detection worked primarily when the gla…YOUTUBE.COM
2 MarOAuth redirection abuse enables phishing and malware deliveryOAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure. The post OAuth redirection abuse enables phishing and malware delivery appeared first …MICROSOFT.COM
2 MarNews alert: DDoS attacks surge 75% in 2025; Link11 says attacks now sustained, not sporadicFRANKFURT, Mar. 2, 2026, CyberNewswire — Link11 has published its European Cyber Report 2026 , revealing that DDoS attacks reached a new level in 2025 and have become a permanent stress factor for digital infrastructures. The report shows that the … (more…) The post News al…LASTWATCHDOG.COM
2 MarWhy Service Providers Must Become Secure AI FactoriesDiscover AI factories – the next evolution in data centers powering AI models. Understand their role, challenges and deployment best practices for 2026. The post Why Service Providers Must Become Secure AI Factories appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
📡 INFOSEC NEWS 9[−]
2 MarIm Fokus: RZ-ModernisierungWHITEPAPER.COMPUTERWOCHE.DE
2 MarAnthropic confirms Claude is down in a worldwide outageClaude appears to be having a major outage right now, with elevated errors reported across all platforms. [...]BLEEPINGCOMPUTER.COM
2 MarHow to Protect Your SaaS from Bot Attacks with SafeLine WAFMost SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API calls. But in reality, something feels off: Sign-ups increase, but users aren’t activ…THEHACKERNEWS.COM
2 MarHackers and internet outages hit Iran amid U.S. air strikesUsers of a popular Iranian prayer app were flooded with phone notifications as U.S. air strikes hit Iran's biggest cities, killing the country's leader.TECHCRUNCH.COM
2 MarHow Deepfakes and Injection Attacks Are Breaking Identity VerificationDeepfakes and injection attacks are targeting identity verification moments, from onboarding to account recovery. Incode explains why enterprises must validate the full session—media, device integrity, and behavior—to stop synthetic and injected attacks in real time. [...]BLEEPINGCOMPUTER.COM
2 MarFlorida woman imprisoned for massive Microsoft license fraud schemeA Florida woman was sentenced to 22 months in prison for running a massive years-long scheme to traffic thousands of stolen Microsoft Certificate of Authenticity (COA) labels. [...]BLEEPINGCOMPUTER.COM
2 MarAlabama man pleads guilty to hacking, extorting hundreds of womenA 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social media accounts of hundreds of young women (including minors). [...]BLEEPINGCOMPUTER.COM
2 MarFake Google Security site uses PWA app to steal credentials, MFA codesA phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims' browsers. [...]BLEEPINGCOMPUTER.COM
2 MarA new app alerts you if someone nearby is wearing smart glassesA hobbyist developer's new app, which can detect nearby smart glasses, comes amid resistance to always-on recording and listening devices that invade people's privacy.TECHCRUNCH.COM