96Articles
8Categories
2026-03-06Date
🚨 CISA KEV 2[−]
6 Mar KEVHikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV CatalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The critical-severity vulnerabi…THEHACKERNEWS.COM
6 Mar KEVCISA Adds iOS Flaws From Coruna Exploit Kit to KEV ListThe nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek .SECURITYWEEK.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 24[−]
6 MarWordPress Membership Plugin Flaw Lets Attackers Create Admin AccountsA critical security vulnerability in the popular WordPress User Registration & Membership plugin allows unauthenticated attackers to easily create administrator accounts. The severe flaw, officially tracked as CVE-2026-1492, currently affects all plugin versions up to and inc…GBHACKERS.COM
6 MarZero-day exploits hit enterprises faster and harderGoogle tracked 90 vulnerabilities exploited as zero-days last year, with Chinese cyberespionage groups doubling their count from 2024 and commercial surveillance vendors overtaking state-sponsored hackers for the first time. Nearly half of the recorded zero-days targeted enterpri…CSOONLINE.COM
6 MarApache ActiveMQ Flaw Enables DoS Attacks via Malformed Network PacketsSecurity researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker beha…GBHACKERS.COM
6 MarAVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command InjectionA highly critical security flaw has been disclosed in the AVideo platform, leaving media servers exposed to complete system takeover. Tracked as CVE-2026-29058, this zero-click, unauthenticated operating system command injection vulnerability allows hackers to hijack streams and …GBHACKERS.COM
6 MarZDI-26-170: GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-169: GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-168: GStreamer RIFF Palette Integer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-167: GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-166: GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-165: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-164: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-163: GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-162: GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-161: GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
6 MarZDI-26-160: (Pwn2Own) Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.3. The following CVEs are assigned: CVE-2026-3562.ZERODAYINITIATIVE.COM
6 MarZDI-26-159: (Pwn2Own) Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS ra…ZERODAYINITIATIVE.COM
6 MarZDI-26-158: (Pwn2Own) Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-3560.ZERODAYINITIATIVE.COM
6 MarZDI-26-157: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass VulnerabilityThis vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2026-3559.ZERODAYINITIATIVE.COM
6 MarZDI-26-156: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass VulnerabilityThis vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2026-3558.ZERODAYINITIATIVE.COM
6 MarZDI-26-155: (Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS ra…ZERODAYINITIATIVE.COM
6 MarZDI-26-154: (Pwn2Own) Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-3556.ZERODAYINITIATIVE.COM
6 MarZDI-26-153: (Pwn2Own) Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to exploit this vulnerability in that the user must initiate the device pairing process. The ZDI has assigned a CVSS rating…ZERODAYINITIATIVE.COM
6 MarZDI-26-152: Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating o…ZERODAYINITIATIVE.COM
6 MarZDI-26-151: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned…ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
6 MarLeakBase marketplace unplugged by cops in 14 countriesThe LeakBase cyberforum, considered one of the world’s largest online marketplaces for cybercriminals to buy and sell stolen data and cybercrime tools, has been seized by the US, and arrests have also been made in other countries. The US Department of Justice said Thursday that e…CSOONLINE.COM
6 MarEuropa im Visier von Cyber-IdentitätsdiebenDeutsche Unternehmen müssen sich warm anziehen: Sowohl staatliche als auch „private“ Akteure haben es auf sie abgesehen. Shutterstock Wie die Experten von Darktrace in ihrem aktuellen Threat Report 2026 darstellen, bleiben Cloud- und E-Mail-Konten das Einfallstor Nummer Eins in E…CSOONLINE.COM
6 Mar KEVGoogle Uncovers 90 Zero-Day Vulnerabilities Under Active Exploitation in 2025Google Threat Intelligence Group (GTIG) reported 90 zero-day vulnerabilities actively exploited in the wild during 2025. While this total is slightly below the 2023 peak, it highlights a critical shift in the cybersecurity landscape, as attackers are increasingly abandoning gener…GBHACKERS.COM
6 MarFBI Detains U.S. Government Contractor in Massive $46 Million Fraud SchemeIn a major law enforcement operation, authorities have arrested a U.S. government contractor accused of executing a massive cryptocurrency theft. John Daghita allegedly stole over $46 million in digital assets from the United States Marshals Service (USMS). This successful appreh…GBHACKERS.COM
6 MarMicrosoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma StealerMicrosoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use …THEHACKERNEWS.COM
6 MarChallenges and projects for the CISO in 2026Sophisticated attacks and the incorporation of AI tools, talent shortages, and tight budgets are some of the challenges commonly cited when it comes to managing cybersecurity in organizations. In a changing environment, the key is no longer to stay one step ahead, but to maintain…CSOONLINE.COM
6 MarAWS-LC Flaw Exposes Amazon Users to Attacks by Bypassing Certificate Chain ValidationAmazon issued a critical security bulletin (2026-005-AWS) detailing three high-severity vulnerabilities in AWS-LC, its open-source cryptographic library. Discovered through a coordinated disclosure process with the AISLE Research Team, these flaws pose a serious risk to cloud inf…GBHACKERS.COM
6 MarTeenage hacker myth primed for a middle-age criminal makeoverThe Hollywood image of criminal hackers being largely teenage ne’er do wells is due for an update. That’s because profit-seeking career criminals — often approaching middle age — make up the largest cohort of today’s cybercriminals, according to an analysis of criminal cases carr…CSOONLINE.COM
6 MarClaude Used to Hack Mexican GovernmentAn unknown hacker used Anthropic’s LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite hacker, finding vulnerabilities in government networks, writing computer scripts to exploit them and determining …SCHNEIER.COM
6 MarRockwell Vulnerability Allowing Remote ICS Hacking Exploited in AttacksThe vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
6 MarGoogle: Half of 2025's 90 Exploited Zero-Days Aimed at Enterprises - SecurityWeeksubmitted by kid to cybersecurity 2 points | 1 comments https://www.securityweek.com/google-half-of-2025s-90-exploited-zero-days-aimed-at-enterprises/SH.ITJUST.WORKS
6 MarRMM Tools Crucial for IT Operations, But Growing Threat as Attackers Weaponize ThemThreat actors are increasingly weaponizing trusted administrative software to bypass security defenses. By exploiting legitimate software, cybercriminals gain persistent, hands-on-keyboard (HOK) access while hiding within normal network activity. Initial Access and Attack Methods…GBHACKERS.COM
6 MarTargeted advertising is also targeting malwareOnline ads are increasingly being used a means of introducing malware into organizations, according to The Media Trust. “Malvertising surpassed both email and direct hacks as the leading vector for malware delivery worldwide,” said Chris Olson, CEO of The Media Trust, an ad scann…CSOONLINE.COM
6 MarCisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilitiessubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/03/cisco-confirms-active-exploitation-of.htmlSH.ITJUST.WORKS
6 MarWordPress membership plugin bug exploited to create admin accountssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/wordpress-membership-plugin-bug-exploited-to-create-admin-accounts/SH.ITJUST.WORKS
6 MarYour KnowBe4 Fresh Content Updates from February 2026“A very timely and important topic. Thank you!” “More people need to take this training!”  Training Module, Document and Poster Identify disinformation before it impacts your decisions. Learn to verify AI-generated content, strengthen your media literacy and use practical fa…KNOWBE4.COM
6 MarWhat Tools Do Hackers Use to Weaponize Emails?Email attacks have become one of the key ways for hackers to target organizations and individuals. The sheer number of tools available has made it easier than ever for non-technical cybercriminals to launch sophisticated cyber attacks. As a result, many resources are available fo…KNOWBE4.COM
6 MarEC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and SecurityEC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite, with four new role-based AI certifications debuting alongside Certified CISO v4, an overh…BLEEPINGCOMPUTER.COM
6 MarMulti-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RATCybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed…THEHACKERNEWS.COM
6 MarCISA warns of Apple flaws exploited in spyware, crypto-theft attacksCISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. [...]BLEEPINGCOMPUTER.COM
6 MarOAuth vulnerability in n8n automation platform could lead to system compromiseA weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, researchers at Imperva have discovered. Setting up OAuth allows n8n to connect to services such as Google Workspace, Microsoft 365, Slack, or GitHub without ha…CSOONLINE.COM
6 MarHow hackers bypassed MFA with a $120 phishing kit – until a global takedown shut it downIn a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA - one of the world's most prolific phishing-as-a-service platforms - has been dismantled. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
6 MarOnly 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling shortCybersecurity is, as it should be in this era of AI-driven cyberattacks , a regular item on enterprise board agendas. However, the ways in which CISOs and boards interact, and the depth of those discussions, remain brief and superficial. According to a new report from IANS, Artic…CSOONLINE.COM
6 MarClickFix attackers using new tactic to evade detection, says MicrosoftThreat actors are trying a different tactic to sucker employees into falling for ClickFix phishing attacks that install malware, says Microsoft. Rather than asking potential victims to copy and paste a (malicious) command into the Run dialog, launched by hitting the Windows butto…CSOONLINE.COM
6 MarIran vs Everyone: 2FA-Bypass Phish, APT41 Drive, iOS 0days, Josh Marpet, and More - SWN #561Iran vs Everyone: 2FA-Bypass Phish, APT41 Drive, iOS 0days, Josh Marpet, and More on the Security Weekly News Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-561YOUTUBE.COM
6 MarTrump’s cyber strategy emphasizes offensive operations, deregulation, AIThe White House released President Donald Trump’s long-awaited cybersecurity strategy , a lean seven-page blueprint that breaks from past approaches by placing offensive cyber operations at the center of US policy. Developed by the Office of the National Cyber Director (ONCD), th…CSOONLINE.COM
6 MarProactive Preparation and Hardening Against Destructive Attacks: 2026 EditionWritten by: Matthew McWhirt, Bhavesh Dhake, Emilio Oropeza, Gautam Krishnan, Stuart Carrera, Greg Blaum, Michael Rudden UPDATE (March 13): Added guidance around abuse or misuse of endpoint / MDM platforms . Background Threat actors leverage destructive malware to destroy data, el…CLOUD.GOOGLE.COM
6 MarHow to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered frameworkGitHub Security Lab Taskflow Agent is very effective at finding Auth Bypasses, IDORs, Token Leaks, and other high-impact vulnerabilities. The post How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework appeared first on The GitHub Blog .GITHUB.BLOG
📢 SECURITY ADVISORIES 6[−]
6 MarFrance's health ministry has confirmed a data breach involving the exposure of administrative information for 15.8 million patients and sensitive doctors' notes for approximately 165,000 individualssubmitted by Innerworld to security 2 points | 0 comments https://www.france24.com/en/live-news/20260227-hackers-steal-medical-details-of-15-million-in-francePROGRAMMING.DEV
6 MarFrance's health ministry has confirmed a data breach involving the exposure of administrative information for 15.8 million patients and sensitive doctors' notes for approximately 165,000 individualssubmitted by Innerworld to cybersecurity 2 points | 0 comments https://www.france24.com/en/live-news/20260227-hackers-steal-medical-details-of-15-million-in-franceSH.ITJUST.WORKS
6 MarWikipedia Hit By JavaScript Worm, ICE Contractor Data Base Leaked and more...Wikipedia JavaScript Worm, ICE Contractor Data Leak Claim, and Leak Base Takedown Wikipedia admins contained a self-propagating JavaScript worm that spread via infected user script files, executing in logged-in editors' browsers and using authenticated sessions to copy itself int…CYBERSECURITYTODAY.LIBSYN.COM
6 MarMicrosoft 365 Backup to add file-level restore for faster recoveryMicrosoft will soon begin rolling out a significant upgrade to Microsoft 365 Backup to speed up recovery by allowing administrators to restore individual files and folders. [...]BLEEPINGCOMPUTER.COM
6 MarFBI wiretap system tapped by hackersThe US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported . The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed …CSOONLINE.COM
6 MarFriday Squid Blogging: Squid in Byzantine Monk CookingThis is a very weird story about how squid stayed on the menu of Byzantine monks by falling between the cracks of dietary rules. At Constantinople’s Monastery of Stoudios, the kitchen didn’t answer to appetite. It answered to the “typikon”: a manual for en…SCHNEIER.COM
🔥 INCIDENT REPORTING 11[−]
6 MarA ransomware attack on August 31, 2025, compromised the data of 1.2 million at the University of Hawaiʻi Cancer Center, targeting research servers but sparing clinical operationssubmitted by Innerworld to security 3 points | 0 comments https://www.securityweek.com/1-2-million-affected-by-university-of-hawaii-cancer-center-data-breach/PROGRAMMING.DEV
6 MarA ransomware attack on August 31, 2025, compromised the data of 1.2 million at the University of Hawaiʻi Cancer Center, targeting research servers but sparing clinical operationssubmitted by Innerworld to cybersecurity 3 points | 0 comments https://www.securityweek.com/1-2-million-affected-by-university-of-hawaii-cancer-center-data-breach/SH.ITJUST.WORKS
6 MarFBI investigates breach of surveillance and wiretap systemsThe U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it's investigating a breach that affected systems used to manage surveillance and wiretap warrants. [...]BLEEPINGCOMPUTER.COM
6 MarIranian APT Hacked US Airport, Bank, Software CompanyThe attacks, observed since February, show that Iranian hackers already have a presence in the networks of US organizations. The post Iranian APT Hacked US Airport, Bank, Software Company appeared first on SecurityWeek .SECURITYWEEK.COM
6 MarFBI investigating ‘suspicious’ cyber activities on critical surveillance network | CNN Politicssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://edition.cnn.com/2026/03/05/politics/fbi-investigating-cyber-breach-critical-surveillance-networkINFOSEC.PUB
6 MarTriZetto confirms 3.4M people’s health and personal data was stolen during breachHealth tech giant TriZetto has confirmed that more than 3.4 million people had personal and health information stolen in a 2024 cyberattack, which the company failed to detect for almost a year.TECHCRUNCH.COM
6 MarRansomware Before Windows Even StartsMost security defenses focus on protecting the operating system and the software running on it. But the boot process happens before the operating system even loads, which creates a different security challenge. In this clip, Paul describes a demonstration where ransomware runs di…YOUTUBE.COM
6 MarIn Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Cameras Used in Khamenei StrikeOther noteworthy stories that might have slipped under the radar: Avira antivirus vulnerabilities, Transport for London data breach affects 10 million, Gaming cheat exposes North Korean hacker. The post In Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Camer…SECURITYWEEK.COM
6 MarCognizant TriZetto breach exposes health data of 3.4 million patientsTriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive information of over 3.4 million people. [...]BLEEPINGCOMPUTER.COM
6 MarData Loss Prevention (DLP): What It Is, Types, and SolutionsMost data breaches don’t happen because systems fail. They happen because people make routine errors.KNOWBE4.COM
6 MarRansomware attacks on schools and colleges | Kaspersky official blogWhy educational institutions are increasingly falling victim to ransomware, the risks phishing and USB drives pose, and how to secure the digital infrastructure of schools and universities.KASPERSKY.COM
🕵️ THREAT INTELLIGENCE 20[−]
6 MarISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838, (Fri, Mar 6th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
6 MarMicrosoft, working with Europol, authorities from 6 countries, and 11 security organizations, disrupted the Tycoon 2FA phishing-as-a-service platform on seizing 330 domainssubmitted by Innerworld to security 1 points | 0 comments https://www.microsoft.com/en-us/security/blog/2026/03/04/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/PROGRAMMING.DEV
6 MarMicrosoft, working with Europol, authorities from 6 countries, and 11 security organizations, disrupted the Tycoon 2FA phishing-as-a-service platform on seizing 330 domainssubmitted by Innerworld to cybersecurity 2 points | 0 comments https://www.microsoft.com/en-us/security/blog/2026/03/04/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/SH.ITJUST.WORKS
6 MarChina-Nexus Hackers Target Telecommunication Providers with New Malware AttackA highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since 2024. Security researchers assess with high confidence that UAT-9244 exhibits close operational overlap with…GBHACKERS.COM
6 MarNew Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy AttacksLinux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Lin…GBHACKERS.COM
6 MarData Security Firm Evervault Raises $25 Million in Series B FundingThe company has raised a total of $46 million in funding for its developer-focused encryption and orchestration platform. The post Data Security Firm Evervault Raises $25 Million in Series B Funding appeared first on SecurityWeek .SECURITYWEEK.COM
6 MarChina-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom AttacksA China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under …THEHACKERNEWS.COM
6 MarJames ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISOBishop replaces David McKeown, who will take on a role in the private sector after 40 years of government service. The post James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO appeared first on SecurityWeek .SECURITYWEEK.COM
6 MarBing AI promoted fake OpenClaw GitHub repo pushing info-stealing malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/bing-ai-promoted-fake-openclaw-github-repo-pushing-info-stealing-malware/SH.ITJUST.WORKS
6 MarPleaseFix Flaw Lets Hackers Access 1Password Vault via Comet AI Browsersubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/pleasefix-flaw-hackers-1password-vault-comet-ai-browser/SH.ITJUST.WORKS
6 Mar2024 TfL hack affected around 10 million people, BBC can revealsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bbc.com/news/articles/cz0ggkr2g77oSH.ITJUST.WORKS
6 MarOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
6 MarFake Claude Code install guides push infostealers in InstallFix attacksThreat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate command line interface (CLI) tools. [...]BLEEPINGCOMPUTER.COM
6 MarTransparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting IndiaThe Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a "high-volume, mediocre mass of implants" th…THEHACKERNEWS.COM
6 MarArmorCode Raises $16 Million for Exposure Management PlatformThe company will accelerate platform development, expand go-to-market efforts, and invest in product innovation. The post ArmorCode Raises $16 Million for Exposure Management Platform appeared first on SecurityWeek .SECURITYWEEK.COM
6 MarAnthropic and the PentagonOpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US government towards some of the wealthiest titans of the big tech industry, and the overhanging specter of the existe…SCHNEIER.COM
6 MarAI as tradecraft: How threat actors operationalize AIThreat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups such as Jasper Sleet and Coral Sleet (formerly Storm-1877). The post AI as tradecra…MICROSOFT.COM
6 MarFake Calendar Invitations Move to Microsoft OutlookFake calendar invites have been a problem on Gmail for years. Even though they could appear on other calendar services, I hadn’t seen or read about a lot of it. Gmail had been taking the brunt of the fake calendar invites.KNOWBE4.COM
6 MarHow the National Cyber Strategy Secures Our Digital Way of LifePalo Alto Networks applauds the new National Cyber Strategy. We detail our support for key aspects of its six pillars, to include AI security and quantum readiness. The post How the National Cyber Strategy Secures Our Digital Way of Life appeared first on Palo Alto Networks Blog …PALOALTONETWORKS.COM
6 MarAPT Attack Hiding In Plain SightA campaign linked to the APT-41 ecosystem has targeted government organizations across Europe and Southeast Asia. The attackers use familiar entry points like phishing emails and vulnerable public-facing servers. Instead of relying on obvious malware behavior, the operation blend…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
6 MarIran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor BackdoorNew research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies' networks, including banks, airports, non-profit, and the Israeli arm of a software company. The activity has b…THEHACKERNEWS.COM
📡 INFOSEC NEWS 4[−]
6 MarGhanain man pleads guilty to role in $100 million fraud ringA Ghanaian national pleaded guilty to his role in a massive fraud ring that stole over $100 million from victims across the United States through business email compromise attacks and romance scams. [...]BLEEPINGCOMPUTER.COM
6 MarThe MSP Guide to Using AI-Powered Risk Management to Scale CybersecurityScaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, increases upsell opportunities, and drive…THEHACKERNEWS.COM
6 MarAnthropic’s Claude found 22 vulnerabilities in Firefox over two weeksIn a recent security partnership with Mozilla, Anthropic found 22 separate vulnerabilities in Firefox — fourteen of them classified as "high-severity."TECHCRUNCH.COM
6 MarWhat cybersecurity actually does for your businessThe ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussedWELIVESECURITY.COM