matlock.ca // THREAT INTELLIGENCE — 2026-03-04

90Articles

8Categories

2026-03-04Date

🚨

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV CatalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerabi…

KEVTHEHACKERNEWS.COM — 04 Mar 2026

🐛

VMware Aria Operations Vulnerability Exploited in the Wild

KEVSECURITYWEEK.COM — 04 Mar 2026

🐛

CISA Warns of VMware Aria Operations Vulnerability Actively Exploited in Attacks

KEVGBHACKERS.COM — 04 Mar 2026

🐛

CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve

MSRC.MICROSOFT.COM — 04 Mar 2026

🐛

CISA Warns Qualcomm Chipsets Memory Corruption Vulnerability Is Actively Exploited in Attacks

KEVGBHACKERS.COM — 04 Mar 2026

⚠️

AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

CSOONLINE.COM — 04 Mar 2026

⚠️

Malicious Laravel Packages Deploy PHP RAT, Grant Remote Access to Attackers

GBHACKERS.COM — 04 Mar 2026

⚠️

Thousands of iPhones Compromised in Massive Hack via Coruna Exploit Kit with 23 Vulnerabilities

GBHACKERS.COM — 04 Mar 2026

⚠️

AI Driven Warare

CYBERSECURITYTODAY.LIBSYN.COM — 04 Mar 2026

⚠️

Silver Dragon APT Group Exploits Google Drive for Covert Attacks on Europe, Asia

GBHACKERS.COM — 04 Mar 2026

⚠️

Microsoft Alerts Customers to New Phishing Attack Exploiting OAuth in Entra ID to Bypass Detection

GBHACKERS.COM — 04 Mar 2026

⚠️

How to know you’re a real-deal CSO — and whether that job opening truly seeks one

CSOONLINE.COM — 04 Mar 2026

⚠️

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

THEHACKERNEWS.COM — 04 Mar 2026

⚠️

IPVanish VPN for macOS Flaw Enables Privilege Escalation and Code Execution

GBHACKERS.COM — 04 Mar 2026

⚠️

Critical FreeScout Vulnerability Leads to Full Server Compromise

SECURITYWEEK.COM — 04 Mar 2026

⚠️

Anthropic AI ultimatums and IP theft: The unspoken risk

CSOONLINE.COM — 04 Mar 2026

⚠️

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

THEHACKERNEWS.COM — 04 Mar 2026

⚠️

Want More XWorm?, (Wed, Mar 4th)

ISC.SANS.EDU — 04 Mar 2026

⚠️

Perplexity’s Comet Browser Breached Through Calendar Invite Attack

GBHACKERS.COM — 04 Mar 2026

⚠️

Manipulating AI Summarization Features

SCHNEIER.COM — 2026-03-04

⚠️

New Threat Report: AI Accelerates High-Velocity Cyber Attacks

GBHACKERS.COM — 04 Mar 2026

⚠️

Honeywell Controllers Widely Exposed Without Authentication

GBHACKERS.COM — 04 Mar 2026

⚠️

Iranian cyberattacks fail to materialize but threat remains acute

CSOONLINE.COM — 04 Mar 2026

⚠️

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

THEHACKERNEWS.COM — 04 Mar 2026

⚠️

How a Brute Force Attack Unmasked a Ransomware Infrastructure Network

BLEEPINGCOMPUTER.COM — 04 Mar 2026

⚠️

Europol-coordinated action disrupts Tycoon2FA phishing platform

BLEEPINGCOMPUTER.COM — 04 Mar 2026

⚠️

Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations

TRENDMICRO.COM — 04 Mar 2026

⚠️

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

BLEEPINGCOMPUTER.COM — 04 Mar 2026

⚠️

Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

BLEEPINGCOMPUTER.COM — 04 Mar 2026

⚠️

Enhanced access denied error messages with policy ARNs

AWS.AMAZON.COM — 04 Mar 2026

⚠️

Risky Business #827 -- Iranian cyber threat actors are down but not out

RISKY.BIZ — 04 Mar 2026

📋

Cisco warns of max severity Secure FMC flaws giving root access

BLEEPINGCOMPUTER.COM — 04 Mar 2026

📢

Windows 11 23H2 to 25H2 Upgrade Reportedly Disrupts Internet Connectivity for Users

GBHACKERS.COM — 04 Mar 2026

📢

AzCopy Utility Misused for Data Exfiltration in Ongoing Ransomware Attacks

GBHACKERS.COM — 04 Mar 2026

📢

Iran‑Linked “Dust Specter” APT Deploys AI‑Aided Malware Against Iraqi Officials

GBHACKERS.COM — 04 Mar 2026

📢

Google Chrome security advisory (AV26-194)

CYBER.GC.CA — 2026-03-04

📢

Tenable security advisory (AV26-195)

CYBER.GC.CA — 2026-03-04

📢

HPE security advisory (AV26-196)

CYBER.GC.CA — 2026-03-04

📢

Cisco security advisory (AV26-197)

CYBER.GC.CA — 2026-03-04

📢

Drupal security advisory (AV26-198)

CYBER.GC.CA — 2026-03-04

🔥

Hacktivist group “Department of Peace” claims to have breached a DHS tech‑procurement office, leaking ICE contract records involving over 6,000 vendors, including major defense and surveillance firms

PROGRAMMING.DEV — 4 Mar 2026

🔥

Hacktivist group “Department of Peace” claims to have breached a DHS tech‑procurement office, leaking ICE contract records involving over 6,000 vendors, including major defense and surveillance firms

SH.ITJUST.WORKS — 4 Mar 2026

🔥

LexisNexis Faces Data Breach After 2.04 GB of Data Allegedly Stolen

GBHACKERS.COM — 04 Mar 2026

🔥

Iranian APT Groups Intensify Cyberattacks on Critical Infrastructure Amid Rising Geopolitical Tensions

GBHACKERS.COM — 04 Mar 2026

🔥

VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave

GBHACKERS.COM — 04 Mar 2026

🔥

LastPass Warns of New Phishing Campaign

SECURITYWEEK.COM — 04 Mar 2026

🔥

Ransomware attack exposes 1.2 million University of Hawaii Cancer Center records | news | SC Media

SH.ITJUST.WORKS — 4 Mar 2026

🔥

How Pirated Software Turns Helpful Employees Into Malware Delivery Agents

SECURITYWEEK.COM — 04 Mar 2026

🔥

Paint maker giant AkzoNobel confirms cyberattack on U.S. site

SH.ITJUST.WORKS — 4 Mar 2026

🔥

LexisNexis says hackers accessed legacy data in contained breach | The Record from Recorded Future News

SH.ITJUST.WORKS — 4 Mar 2026

🔥

Mississippi medical center reopens clinics hit by ransomware attack

BLEEPINGCOMPUTER.COM — 04 Mar 2026

🔥

FBI seizes LeakBase cybercrime forum, data of 142,000 members

BLEEPINGCOMPUTER.COM — 04 Mar 2026

🔥

New LexisNexis Data Breach Confirmed After Hackers Leak Files

SECURITYWEEK.COM — 04 Mar 2026

🔥

AI Agents and the Revival of Hacking

YOUTUBE.COM — 2026-03-04

🔥

U.S. and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools

TECHCRUNCH.COM — 04 Mar 2026

🔥

Why AI, Zero Trust, and modern security require deep visibility

CSOONLINE.COM — 04 Mar 2026

🔥

AI Is Supercharging Phishing

YOUTUBE.COM — 2026-03-04

🕵️

ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th)

ISC.SANS.EDU — 04 Mar 2026

🕵️

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals

PROGRAMMING.DEV — 4 Mar 2026

🕵️

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals

SH.ITJUST.WORKS — 4 Mar 2026

🕵️

Phishing Campaign Uses Google Cloud to Host Malicious Redirects via GCS Bucket

GBHACKERS.COM — 04 Mar 2026

🕵️

Building Trusted Automation as Leaders Struggle with AI Adoption and CISOs Hire - BSW #437

YOUTUBE.COM — 2026-03-04

🕵️

Global Coalition Publishes 6G Security and Resilience Principles

SECURITYWEEK.COM — 04 Mar 2026

🕵️

Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity

SECURITYWEEK.COM — 04 Mar 2026

🕵️

Google Plans Two-Week Release Schedule for Chrome

SECURITYWEEK.COM — 04 Mar 2026

🕵️

Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks - Infosecurity Magazine

SH.ITJUST.WORKS — 4 Mar 2026

🕵️

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

SH.ITJUST.WORKS — 4 Mar 2026

🕵️

AI Security Firm JetStream Launches With $34 Million in Seed Funding

SECURITYWEEK.COM — 04 Mar 2026

🕵️

Threat actors weaponize OAuth redirection logic to deliver malware - Help Net Security

SH.ITJUST.WORKS — 4 Mar 2026

🕵️

How to Identify a Phishing Website

KNOWBE4.COM — 04 Mar 2026

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 4 Mar 2026

🕵️

Hacker Conversations: Inti De Ceukelaire, Raging Against the Machine Creatively

SECURITYWEEK.COM — 04 Mar 2026

🕵️

Weird server requests

SH.ITJUST.WORKS — 4 Mar 2026

🕵️

Who’s Really in Control of AI?

YOUTUBE.COM — 2026-03-04

🕵️

Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance

SECURITYWEEK.COM — 04 Mar 2026

🕵️

MY TAKE: ChatGPT is turning into Microsoft Office — and power users are paying the price

LASTWATCHDOG.COM — 04 Mar 2026

🕵️

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

MICROSOFT.COM — 04 Mar 2026

🕵️

Revolutionizing Linux Maintenance with Update Scripts

YOUTUBE.COM — 2026-03-04

🕵️

Phishing Simulation: How It Works to Reduce Risk

KNOWBE4.COM — 04 Mar 2026

🕵️

Hacker mass-mails HungerRush extortion emails to restaurant patrons

BLEEPINGCOMPUTER.COM — 04 Mar 2026

🕵️

Tycoon 2FA Phishing Platform Dismantled in Global Takedown

SECURITYWEEK.COM — 04 Mar 2026

🕵️

The 10-hour problem: How visibility gaps are burning out the SOC

CSOONLINE.COM — 04 Mar 2026

🕵️

TurboTax SMS Scam

KNOWBE4.COM — 04 Mar 2026

🕵️

Protecting education: How MDR can tip the balance in favor of schools

WELIVESECURITY.COM — 04 Mar 2026

📡

New RFP Template for AI Usage Control and AI Governance

THEHACKERNEWS.COM — 04 Mar 2026

📡

What a browser-in-the-browser attack is, and how to spot a fake login window | Kaspersky official blog

KASPERSKY.COM — 04 Mar 2026

📡

149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict

THEHACKERNEWS.COM — 04 Mar 2026

📡

Fake LastPass support email threads try to steal vault passwords

BLEEPINGCOMPUTER.COM — 04 Mar 2026

📡

Windows 10 KB5075039 update fixes broken Recovery Environment

BLEEPINGCOMPUTER.COM — 04 Mar 2026

📡

Bitwarden adds support for passkey login on Windows 11

BLEEPINGCOMPUTER.COM — 04 Mar 2026