126Articles
8Categories
2026-03-03Date
🚨 CISA KEV 2[−]
3 Mar KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-21385 Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719 Broadcom VMware Aria Operations Command Injection Vulne…CISA.GOV
3 Mar KEVCISA flags VMware Aria Operations RCE flaw as exploited in attacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. [...]BLEEPINGCOMPUTER.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 29[−]
3 MarChrome Gemini Vulnerability Lets Attackers Access Victims’ Camera and Microphone RemotelyA newly discovered high-severity vulnerability in Google Chrome’s Gemini Live integration, tracked as CVE-2026-0628, exposed users to significant privacy and security risks. Researchers found that the flaw could allow malicious browser extensions to hijack the Gemini side p…GBHACKERS.COM
3 MarAngular i18n Flaw Lets Hackers Execute Malicious Code via Critical XSS VulnerabilityA high-severity security flaw has been discovered in Angular, one of the most popular web application frameworks. This vulnerability, tracked as CVE-2026-27970, affects the framework’s internationalization (i18n) pipeline. If exploited, it allows attackers to execute malici…GBHACKERS.COM
3 Mar KEVGoogle Confirms CVE-2026-21385 in Qualcomm Android Component ExploitedGoogle on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component. "Memo…THEHACKERNEWS.COM
3 MarMS-Agent Vulnerability Exposes AI Agents to Remote Hijacking, Granting Full System ControlA critical vulnerability has been discovered in the MS-Agent framework, a lightweight software tool used to build and run autonomous AI agents. Tracked as CVE-2026-2256, this command injection flaw allows remote attackers to hijack these AI agents, potentially granting them full …GBHACKERS.COM
3 MarCVE-2026-23217 riscv: trace: fix snapshot deadlock with sbi ecallInformation published.MSRC.MICROSOFT.COM
3 MarHPE AutoPass Vulnerability Allows Remote Attackers to Bypass AuthenticationHewlett Packard Enterprise (HPE) has disclosed a remote authentication-bypass vulnerability in HPE AutoPass License Server (APLS) that could let unauthenticated attackers bypass login controls over the network. The issue is tracked as CVE-2026-23600 and is fixed in APLS 9.19 and …GBHACKERS.COM
3 MarZerobot Malware Exploits Tenda Command Injection Vulnerabilities to Deploy Malicious PayloadsAn active Zerobot campaign abusing two critical vulnerabilities CVE-2025-7544 in Tenda AC1206 routers and CVE-2025-68613 in the n8n workflow automation platform to deploy a Mirai-based payload dubbed Zerobotv9. The campaign uses common download tools and multi-architecture binari…GBHACKERS.COM
3 MarAPT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesdaysubmitted by kid to cybersecurity 3 points | 0 comments https://thehackernews.com/2026/03/apt28-tied-to-cve-2026-21513-mshtml-0.htmlSH.ITJUST.WORKS
3 Mar KEVBruteforce Scans for CrushFTP , (Tue, Mar 3rd)CrushFTP is a Java-based open source file transfer system. It is offered for multiple operating systems. If you run a CrushFTP instance, you may remember that the software has had some serious vulnerabilities: CVE-2024-4040 (the template-injection flaw that let unauthenticated at…ISC.SANS.EDU
3 MarCoruna: The Mysterious Journey of a Powerful iOS Exploit KitIntroduction Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023) . The exploit kit, named “Coruna” by its develop…CLOUD.GOOGLE.COM
3 MarZDI-26-150: Docker Desktop for Mac Docker Model Runner Exposed Dangerous Function Denial-of-Service VulnerabilityThis vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has a…ZERODAYINITIATIVE.COM
3 MarZDI-26-149: Trend Micro Cleaner One Pro Link Following Denial-of-Service VulnerabilityThis vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Cleaner One Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZD…ZERODAYINITIATIVE.COM
3 MarZDI-26-148: Trend Micro Apex Central Improper Authentication Privilege Escalation VulnerabilityThis vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2025-71209.ZERODAYINITIATIVE.COM
3 MarZDI-26-147: Trend Micro Apex Central Improper Authentication Privilege Escalation VulnerabilityThis vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2025-71208.ZERODAYINITIATIVE.COM
3 MarZDI-26-146: Trend Micro Apex Central Manual Update Server-Side Request Forgery VulnerabilityThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.4. The following CVEs are assigned: CVE-2025-71207…ZERODAYINITIATIVE.COM
3 MarZDI-26-145: Trend Micro Apex Central Scheduled Update Server-Side Request Forgery VulnerabilityThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.4. The following CVEs are assigned: CVE-2025-71206…ZERODAYINITIATIVE.COM
3 MarZDI-26-144: Trend Micro Apex Central Hub Server Server-Side Request Forgery VulnerabilityThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.4. The following CVEs are assigned: CVE-2025-71205…ZERODAYINITIATIVE.COM
3 MarZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-141: Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-140: Trend Micro Apex One Origin Validation Error Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-139: Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-138: Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-137: Trend Micro Apex One Console Directory Traversal Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-71211.ZERODAYINITIATIVE.COM
3 MarZDI-26-136: Trend Micro Apex One Console Directory Traversal Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-71210.ZERODAYINITIATIVE.COM
3 MarZDI-26-135: LangChain LangGraph BaseCache Deserialization of Untrusted Data Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of LangChain LangGraph. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2026-27794.ZERODAYINITIATIVE.COM
3 MarZDI-26-134: Hewlett Packard Enterprise AutoPass License Server Authentication Bypass VulnerabilityThis vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are ass…ZERODAYINITIATIVE.COM
3 MarZDI-26-133: (Pwn2Own) Music Assistant _update_library_item External Control of File Path Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Music Assistant. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-26975.ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 35[−]
3 MarCyberattackers Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Coding ToolsThreat actors compromised the Aqua Trivy VS Code extension on OpenVSX by publishing malicious versions 1.8.12 and 1.8.13 on February 27-28, 2026. These versions injected prompts to hijack local AI coding tools for system reconnaissance and data exfiltration. Aqua Trivy is a popul…GBHACKERS.COM
3 Mar KEVAndroid Security Update Fixes 129 Flaws and Tackles Actively Exploited Zero-Day FlawGoogle has rolled out the highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month. The rollout i…GBHACKERS.COM
3 MarGoogle Chrome Introduces Merkle Tree Certificates to Protect HTTPS from Quantum AttacksGoogle Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) “PKI, Logs, And Tree Signatures” (PLANTS)…GBHACKERS.COM
3 MarHackerbot-Claw Bot Exploits GitHub Actions CI/CD Flaw to Attack Microsoft and DataDogHackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full repo compromise in some cases. …GBHACKERS.COM
3 Mar7 factors impacting the cyber skills gapIndividuals with strong cybersecurity skills are in high demand. That’s no secret. What’s most important is the fact that the shortage is preventing many enterprises from building sustainable cybersecurity talent pipelines. According to World Economic Forum statistics , only 14% …CSOONLINE.COM
3 Mar171: Melody FraudWhat if the music charts you see aren’t real? What if the numbers that define success can be manufactured? We talked to Andrew, a man who has spent his career on both sides of this battle. He once profited from the loopholes in streaming platforms, but now, his job is to close th…DARKNETDIARIES.COM
3 Mar KEVAndroid gets patches for Qualcomm zero-day exploited in attacksGoogle has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm display component. [...]BLEEPINGCOMPUTER.COM
3 MarProvecho - 712,904 breached accountsIn early 2026, data purportedly sourced from the recipe and meal planning service Provecho was alleged to have been obtained in a breach. The exposed data included 713k unique email address along with username and the creator account holders followed. Provecho has been notified a…HAVEIBEENPWNED.COM
3 MarEpic Fury introduces new layer of enterprise riskOperation Epic Fury — the US administration’s sustained kinetic pressure on core Iranian regime assets — introduces a new layer of operational risk for every multinational with people, assets, or dependencies in the Middle East region and beyond. The immediate briefings from Wash…CSOONLINE.COM
3 MarHackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud SystemsHackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compromised credentials and full n…GBHACKERS.COM
3 MarVulnerability in MS-Agent AI Framework Can Allow Full System CompromiseImproper input sanitization in the framework can be exploited through the Shell tool, allowing attackers to modify system files and steal data. The post Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarFortinet FortiGate Devices Targeted by CyberStrikeAI, Allowing Hackers to Bypass SecurityThreat intelligence researchers at Team Cymru have uncovered an open-source AI-powered offensive security tool called CyberStrikeAI, actively used to target Fortinet FortiGate devices at scale, with its developer carrying suspected ties to China’s Ministry of State Security…GBHACKERS.COM
3 MarNew ‘StegaBin’ Campaign Deploys Multi-Stage Credential Stealer via 26 Malicious npm PackagesA new supply-chain attack dubbed StegaBin is targeting JavaScript developers through 26 malicious npm packages that appear to be popular open-source libraries but secretly deploy a multi-stage credential-stealing toolkit and a Remote Access Trojan (RAT). The campaign is linked to…GBHACKERS.COM
3 MarStarkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor AuthenticationCybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It's advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting cust…THEHACKERNEWS.COM
3 MarMalicious “RedAlert - Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information | Cloudflaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.cloudflare.com/pt-br/cloudforce-one/research/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/SH.ITJUST.WORKS
3 MarAndroid Update Patches Exploited Qualcomm Zero-DayAn integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarShannon: Autonomous AI Tool with Nmap Integration Can Uncover and Exploit Security FlawsKeygraph has released Shannon, a fully autonomous AI-powered penetration testing tool designed to identify and actively exploit real vulnerabilities in web applications before malicious actors can. Unlike traditional scanners that generate alerts, Shannon delivers proven, reprodu…GBHACKERS.COM
3 MarVulnerability Allowed Hijacking Chrome's Gemini Live AI Assistant - SecurityWeeksubmitted by kid to cybersecurity 3 points | 0 comments https://www.securityweek.com/vulnerability-allowed-hijacking-chromes-gemini-live-ai-assistant/SH.ITJUST.WORKS
3 MarMalvertising Actor ‘D-Shortiez’ Exploits WebKit Back-Button Hijack in Forced-Redirect CampaignA new wave of malvertising activity linked to the threat group “D‑Shortiez” has been observed exploiting a WebKit browser flaw to hijack the back button on Safari and other iOS browsers. This technique revives a classic forced‑redirect approach that traps users on fraudulent land…GBHACKERS.COM
3 MarOAuth phishers make ‘check where the link points’ advice ineffectiveMicrosoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domains such as Microsoft Entra ID and Google Workspace. The links look safe but ultim…CSOONLINE.COM
3 Mar KEVGoogle addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities | CyberScoopsubmitted by kid to cybersecurity 1 points | 0 comments https://cyberscoop.com/android-security-update-march-2026/SH.ITJUST.WORKS
3 MarSloppyLemming Espionage Campaign Targets Pakistan, Bangladesh with BurrowShell Backdoor and Rust RATSloppyLemming, an India-linked espionage group also known as Outrider Tiger and Fishing Elephant, has run a year-long cyber campaign against high‑value targets in Pakistan and Bangladesh using a new BurrowShell backdoor and a Rust-based remote access tool (RAT). This activity bui…GBHACKERS.COM
3 MarNew ‘AirSnitch’ Attack Shows Wi-Fi Client Isolation Could be a False Sense of SecurityResearchers have uncovered a Wi-Fi vulnerability that allows nearby attackers to intercept sensitive data and execute machine-in-the-middle attacks against connected devices. The post New ‘AirSnitch’ Attack Shows Wi-Fi Client Isolation Could be a False Sense of Securi…SECURITYWEEK.COM
3 MarUK reduces cyberattack fix times from two months to eight days - Help Net Securitysubmitted by kid to cybersecurity 3 points | 0 comments https://www.helpnetsecurity.com/2026/03/02/uk-vulnerability-monitoring-service-and-cyber-profession/SH.ITJUST.WORKS
3 MarOpen-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 CountriesThe threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, …THEHACKERNEWS.COM
3 MarWhy AppSec Wastes 70% of Its TimeSecurity testing is often framed as vulnerability hunting. But that’s not where most of the time goes. In this clip, James Wickett breaks down how the majority of a security engagement — as much as 60–70% — is spent on application discovery and understanding system architecture. …YOUTUBE.COM
3 MarHoneywell, Researcher Clash Over Impact of Building Controller VulnerabilityThe researcher says he has identified thousands of internet-exposed IQ4 building management controllers. The post Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarArchipelo and Checkmarx Announce Partnership Connecting AppSec Detection with DevSPMSan Francisco, CA, United States, March 3rd, 2026, CyberNewswire Archipelo and Checkmarx today announced a technical partnership focused on correlating application vulnerability findings with development-origin context within modern software delivery workflows. Application securi…GBHACKERS.COM
3 MarHacked traffic cams and hijacked TVs: How cyber operations supported the war against IranAfter U.S. and Israeli forces started bombing Iran, reports say cyber operations have disrupted communications, supporting surveillance activities, and have been used in psychological operations.TECHCRUNCH.COM
3 MarIranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical DisastersTwo AWS data centers in the United Arab Emirates were “directly struck” and another facility in Bahrain was also damaged after a drone landed nearby. The post Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters appeared first on Securit…SECURITYWEEK.COM
3 MarMalicious NPM Packages Target DevelopersA recent surge of malicious NPM packages has targeted developers with a multi-stage attack designed to steal credentials and secrets. Attackers use pastebin as a dead drop resolver and employ character-level steganography to hide data, making detection challenging. Many developer…YOUTUBE.COM
3 MarA suite of government hacking tools targeting iPhones is now being used by cybercriminalsSecurity researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They warned of an emerging market for "second hand" exploits.TECHCRUNCH.COM
3 MarMultiple Vulnerabilities in Google Android OS Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful …CISECURITY.ORG
3 Mar[webapps] Easy File Sharing Web Server v7.2 - Buffer OverflowEasy File Sharing Web Server v7.2 - Buffer OverflowEXPLOIT-DB.COM
3 Mar2025 FINMA ISAE 3000 Type II attestation report available with 183 services in scopeAmazon Web Services (AWS) is pleased to announce the issuance of the Swiss Financial Market Supervisory Authority (FINMA) Type II attestation report with 183 services in scope. The Swiss Financial Market Supervisory Authority (FINMA) has published several requirements and guideli…AWS.AMAZON.COM
📢 SECURITY ADVISORIES 7[−]
3 MarJetzt Staats-CISO werden – für unter 160.000 Eurowidth="1600" height="900" sizes="auto, (max-width: 1600px) 100vw, 1600px"> Das britische Government Communications Headquarters (GCHQ) in Cheltenham, England. GCHQ Eine aktuelle Stellenausschreibung sorgt in der Branche für Kopfschütteln. Sie legt nahe, dass manche hochrangigen R…CSOONLINE.COM
3 MarCan LLMs Really Prioritize AppSec?Application security isn’t just about generating findings. It’s about prioritizing the right ones. In this clip, Kalyani Pawar highlights a core challenge with LLM-driven security tools: prioritization. Developers rarely fix every issue surfaced by a scanner. When a tool produces…YOUTUBE.COM
🔥 INCIDENT REPORTING 9[−]
3 MarUH Cancer Center data breach affects nearly 1.2 million peopleThe University of Hawaii confirmed that a ransomware gang stole the data of nearly 1.2 million individuals in August 2025 after breaching its Cancer Center's Epidemiology Division. [...]BLEEPINGCOMPUTER.COM
3 MarStar Citizen game dev discloses breach affecting user dataCloud Imperium Games (CIG), the game developer behind Star Citizen and Squadron 42, says attackers breached systems containing some users' personal information in January. [...]BLEEPINGCOMPUTER.COM
3 MarPakistan’s Top News Channels Hacked and Hijacked With Anti-Military Messagessubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/pakistan-news-channels-hacked-anti-military-messages/SH.ITJUST.WORKS
3 Mar1.2 Million Affected by University of Hawaii Cancer Center Data BreachHackers stole names, Social Security numbers, driver’s license information, voter registration records, and health-related information. The post 1.2 Million Affected by University of Hawaii Cancer Center Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarCompromised Site Management Panels are a Hot Item in Cybercrime MarketsCompromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains how analyzing 200,000 underground posts reveals a commoditized market for hacked site management panels. [...]BLEEPINGCOMPUTER.COM
3 MarLexisNexis confirms data breach as hackers leak stolen filesAmerican data analytics company LexisNexis Legal & Professional has confirmed to BleepingComputer that hackers breached its servers and accessed some customer and business information. [...]BLEEPINGCOMPUTER.COM
3 MarFake Tech Support Spam Deploys Customized Havoc C2 Across OrganizationsThreat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month ac…THEHACKERNEWS.COM
3 MarPaint maker giant AkzoNobel confirms cyberattack on U.S. siteThe multinational Dutch paint company AkzoNobel has confirmed to BleepingComputer that hackers breached the network of one of its U.S. sites. [...]BLEEPINGCOMPUTER.COM
3 MarLatin America's Cybersecurity Turning Point: From Reactive Defense to Threat IntelligenceLatin America's threat landscape is evolving fast — and reactive defense is no longer enough. PIX fraud, ransomware, and targeted attacks are outpacing overstretched security teams. Recorded Future provides LATAM-specific intelligence, automation, and seamless integrations to hel…RECORDEDFUTURE.COM
🕵️ THREAT INTELLIGENCE 22[−]
3 MarGoogle quantum-proofs HTTPS by squeezing 15kB of data into 700-byte spacesubmitted by Innerworld to security 1 points | 0 comments https://arstechnica.com/security/2026/02/google-is-using-clever-math-to-quantum-proof-https-certificates/PROGRAMMING.DEV
3 MarISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
3 MarNew AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprisessubmitted by KarnaSubarna to cybersecurity 2 points | 0 comments https://arstechnica.com/security/2026/02/new-airsnitch-attack-breaks-wi-fi-encryption-in-homes-offices-and-enterprises/SH.ITJUST.WORKS
3 MarAuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing CampaignsThreat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2) domains, and multiple ongoing campaigns abusing popular platforms like TikTok and cracked‑software sites. AuraStealer emerged on …GBHACKERS.COM
3 MarMalvertising Campaign Spreads AMOS ‘malext’ macOS Infostealer via Fake Text-Sharing AdsA large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed “malext,” which steals sensitive data such as browser credentials and crypto wallets. Suspic…GBHACKERS.COM
3 MarResearchers Uncover Method to Track Cars via Tire SensorsUsing low-cost receivers deployed along roads, academic researchers tracked drivers and their movement patterns. The post Researchers Uncover Method to Track Cars via Tire Sensors appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarStudie: Hacker legen Betrieb bei vielen Unternehmen lahmHacker hatten auch 2025 deutsche Unternehmen im Visier. Studio-M – shutterstock.com Hacker haben im vergangenen Jahr bei vielen Unternehmen in Deutschland Schäden angerichtet. Das zeigt eine repräsentative Befragung des Zentrums für Europäische Wirtschaftsforschung (ZEW) aus Mann…CSOONLINE.COM
3 MarEpic Fury Cyber Shock: Iran’s Internet Down, Hacktivists Hit BackOn Feb. 28, 2026, the United States and Israel launched coordinated military operations against Iran, codenamed Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel, opening a new phase where cyber operations are tightly coupled with kinetic strikes. In the hours …GBHACKERS.COM
3 MarModern AppSec that keeps pace with AI development - James Wickett - ASW #372As more developers turn to LLMs to generate code, more appsec teams are turning to LLMs to conduct security code reviews. One of the biggest themes in all the discussion around LLMs, agents, and code is speed -- more code created faster. James Wickett shares why speed continues t…YOUTUBE.COM
3 MarOn MoltbookThe MIT Technology Review has a good article on Moltbook, the supposed AI-only social network: Many people have pointed out that a lot of the viral comments were in fact posted by people posing as bots. But even the bot-written posts are ultimately the result of people pulling th…SCHNEIER.COM
3 MarIran Cyber Front: Hacktivist Activity Rises, but State-Sponsored Attacks Stay LowThe cybersecurity industry is monitoring the landscape and says many of the big claims made by hacktivist groups remain unverified. The post Iran Cyber Front: Hacktivist Activity Rises, but State-Sponsored Attacks Stay Low appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarNew Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA SecurityA new phishing framework called Starkiller is raising the bar for “phishing-as-a-service” by serving victims the real login pages of major brands through attacker infrastructure, making pages look authentic and stay up to date. By acting as a live reverse proxy, it can capture cr…GBHACKERS.COM
3 MarNorth Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RATsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/03/north-korean-hackers-publish-26-npm.htmlSH.ITJUST.WORKS
3 MarHow Risky is Sending a Sensitive Work Email to the Wrong Person?Sending a work email to the wrong person – it’s something all of us have done at least once in our working lives. For some people, it’s a regular occurrence. But just how risky is it?KNOWBE4.COM
3 MarQuantum Decryption of RSA is Much Closer than ExpectedFor decades, the quantum threat to RSA and ECC encryption has been tied to Shor’s algorithm and the assumption that we would need million-qubit quantum computers to make it practical. A newly announced algorithm challenges that assumption and suggests the breaking point could arr…SECURITYWEEK.COM
3 MarGeekery: Bookending the COROS Security Debacle of 2025submitted by codeinabox to security 2 points | 0 comments https://www.dcrainmaker.com/2026/03/geekery-bookending-coros-security-vulnerabilities.htmlPROGRAMMING.DEV
3 MarFig Security Launches With $38 Million to Bolster SecOps ResilienceThe company was founded in March 2025 and it has now emerged from stealth mode. The post Fig Security Launches With $38 Million to Bolster SecOps Resilience appeared first on SecurityWeek .SECURITYWEEK.COM
3 MarThe Banality of AI (Hallucination → Bomb School?)submitted by maltfield to cybersecurity 3 points | 0 comments https://tech.michaelaltfield.net/2026/03/03/ai-venezuela-iran/ The Banality of Artificial Intelligence What happens when an AI hallucination leads to bombing an elementary school? By Michael Altfield License: CC BY-SA …SH.ITJUST.WORKS
3 MarLLMs can unmask pseudonymous users at scale with surprising accuracysubmitted by return2ozma to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2026/03/llms-can-unmask-pseudonymous-users-at-scale-with-surprising-accuracy/SH.ITJUST.WORKS
3 MarNorth Korea, DOJ, APT 28, Anthropic, OpenClaw, Supply Chain, Josh Marpet, and More - SWN #560North Korea, DOJ, APT 28, Anthropic, OpenClaw, Supply Chain, Josh Marpet, and More on Security Weekly News Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-560YOUTUBE.COM
3 MarSigned malware impersonating workplace apps deploys RMM backdoorsSigned malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise environments. Organizations must harden certificate controls and monitor RMM activity to reduce exposure. The post Signed malware impersonating workplace app…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
3 MarSloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware ChainsThe threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It inv…THEHACKERNEWS.COM
3 MarMicrosoft Warns OAuth Redirect Abuse Delivers Malware to Government TargetsMicrosoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with th…THEHACKERNEWS.COM
3 MarMicrosoft: Hackers abuse OAuth error flows to spread malwareHackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 19[−]
3 MarCISOs in a Pinch: A Security Analysis of OpenClawLearn how Claude Code Security set Cybersecurity stocks on fire.TRENDMICRO.COM
3 MarAmazon: Drone strikes damaged AWS data centers in Middle EastAmazon has confirmed that three Amazon Web Services (AWS) data centers in the United Arab Emirates (UAE) and one in Bahrain have been damaged by drone strikes, causing an extensive outage that is still affecting dozens of cloud computing services. [...]BLEEPINGCOMPUTER.COM
3 MarWith developer verification, Google's Apple envy threatens to dismantle Android's open legacyQuestions remain as Google prepares to lock down Android app distribution in the name of security.ARSTECHNICA.COM
3 MarAI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and UnmanagedThe Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take…THEHACKERNEWS.COM
3 MarBuilding a High-Impact Tier 1: The 3 Steps CISOs Must FollowEvery CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts sit at the front line of detection, and yet they are also the most vulnerable t…THEHACKERNEWS.COM
3 MarFig Security emerges from stealth with $38M to help security teams deal with changeFig traces data flows in the security stack and then alerts security teams when changes at any point affect detection or response capabilities.TECHCRUNCH.COM
3 MarWeekly Threat Bulletin – March 4th, 2026These are the top threats you should know about this week.F5.COM
3 MarAvira: Deserialize, Delete and Escalate - The Proper Way to Use an AVThree vulnerabilities in Avira Internet Security, from an arbitrary file delete primitive to two distinct paths to SYSTEM privileges.QUARKSLAB.COM
3 MarThey seized $4.8m in crypto… then gave the master key to the internetSouth Korea's National Tax Service (NTS) has found itself in the middle of a deeply embarrassing - and costly - blunder after accidentally handing thieves the master key to a seized cryptocurrency wallet. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
3 MarAI assistant in Kaspersky Container SecurityThe Kaspersky Container Security solution (part of the Kaspersky Cloud Workload Security offering) now has an OpenAI API interface for an LLM.KASPERSKY.COM
3 MarGoogle Chrome shifts to two-week release cycle for increased stabilityGoogle Chrome will shift from a four-week to a two-week release cycle to roll out new features, bug fixes, and performance improvements more frequently. [...]BLEEPINGCOMPUTER.COM
3 MarFacebook accounts unavailable in worldwide outageSocial media giant Facebook is currently experiencing a massive worldwide outage, preventing users from accessing their accounts. [...]BLEEPINGCOMPUTER.COM
3 MarClaude Code Security set the Cybersecurity Stocks on Fire - Here's the Signal in the SmokeLearn how Claude Code Security set Cybersecurity stocks on fire.TRENDMICRO.COM
3 Mar[webapps] WordPress Backup Migration 1.3.7 - Remote Command ExecutionWordPress Backup Migration 1.3.7 - Remote Command ExecutionEXPLOIT-DB.COM
3 Mar[webapps] mailcow 2025-01a - Host Header Password Reset Poisoningmailcow 2025-01a - Host Header Password Reset PoisoningEXPLOIT-DB.COM
3 Mar[webapps] WeGIA 3.5.0 - SQL InjectionWeGIA 3.5.0 - SQL InjectionEXPLOIT-DB.COM
3 Mar[webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)Boss Mini v1.4.0 - Local File Inclusion (LFI)EXPLOIT-DB.COM
3 MarHow Cloudy translates complex security into human actionCloudy is our LLM-powered explanation layer built directly into Cloudflare One. Its explanations, now part of Phishnet and API CASB, can improve user decisions and SOC efficiency.CLOUDFLARE.COM
3 MarFrom reactive to proactive: closing the phishing gap with LLMsEmail security is a constant arms race. Like WWII engineers reinforcing only the planes that returned, survivorship bias hides real gaps. But LLMs can help us find the invisible weaknesses.CLOUDFLARE.COM