113Articles
9Categories
2026-03-11Date
🚨 CISA KEV 2[−]
11 Mar KEVCritical flaw in HPE Aruba CX switches lets attackers seize admin control without credentialsHPE Aruba Networking has released patches for five vulnerabilities in its AOS-CX switch software, the most severe of which could let a remote attacker take administrative control of enterprise network switches without any credentials. The critical flaw, CVE-2026-23813, scored 9.8…CSOONLINE.COM
11 Mar KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-68613 n8n Improper Control of Dynamically-Managed Code Resources Vulnerability This type of vulnerability is a frequent attack vector for…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 30[−]
11 MarFake Claude Code Installs, Arpa Phishing, Iranian and Russian Teams Mount Cyber RetaliationFake Claude Code Installs, Arpa Phishing, Zombie ZIP Malware Evasion, and Iran/Israel Cyber Retaliation This episode covers four major security stories: the "InstaFix" campaign using Google sponsored ads and cloned Claude Code install pages to trick developers into pasting termin…CYBERSECURITYTODAY.LIBSYN.COM
11 MarMicrosoft SQL Server Zero-Day Exposes Privilege Escalation Risk for UsersMicrosoft has disclosed a critical security flaw affecting SQL Server, officially tracked as CVE-2026-21262. Released on March 10, 2026, this elevation of privilege vulnerability exposes organizations to significant risks by allowing malicious actors to gain unauthorized control …GBHACKERS.COM
11 MarFortinet FortiManager fgtupdates Flaw Enables Attackers to Execute Malicious Commands RemotelyFortinet has issued a security alert regarding a high-severity vulnerability affecting its FortiManager platform. Tracked as CVE-2025-54820 and carrying a CVSS score of 7.0, this flaw allows remote, unauthenticated attackers to execute unauthorized commands. Because FortiManager …GBHACKERS.COM
11 MarMicrosoft .NET 0-Day Flaw Opens Doors for Denial of Service AttacksMicrosoft’s March 2026 Patch Tuesday has addressed a zero-day vulnerability in the .NET framework, officially tracked as CVE-2026-26127. Disclosed publicly before a patch was available, this flaw allows unauthenticated remote attackers to trigger a denial of service (DoS) c…GBHACKERS.COM
11 MarCVE-2026-26017 CoreDNS ACL BypassInformation published.MSRC.MICROSOFT.COM
11 MarCVE-2026-26018 CoreDNS Loop Detection Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 MarCVE-2026-27139 FileInfo can escape from a Root in osInformation published.MSRC.MICROSOFT.COM
11 MarCVE-2024-14027 xattr: switch to CLASS(fd)Information published.MSRC.MICROSOFT.COM
11 MarMicrosoft Active Directory Flaw Allows Attackers to Escalate PrivilegesMicrosoft has released a critical security update addressing a high-severity elevation of privilege vulnerability in Active Directory Domain Services (AD DS). This flaw, patched during the March 10, 2026, Patch Tuesday rollout, poses a significant threat to enterprise identity in…GBHACKERS.COM
11 MarAnalyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)A new vulnerability (CVE-2026-0866) has been published : Zombie Zip . ISC.SANS.EDU
11 MarCritical Vulnerability in Microsoft Office Allows Malicious Code to Run RemotelyMicrosoft has disclosed a critical security flaw in its Microsoft Office suite, officially tracked as CVE-2026-26110. Released on March 10, 2026, this Remote Code Execution (RCE) vulnerability poses a significant threat to organizations and individuals relying on the widely used …GBHACKERS.COM
11 MarDozens of Vendors Patch Security Flaws Across Enterprise Software and Network DevicesSAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed below - CVE-2019-17571 (CVSS score: 9.8) - A code injection vulnerability in SAP Quotat…THEHACKERNEWS.COM
11 MarCritical n8n Flaws Allow Remote Code Execution and Exposure of Stored CredentialsCybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The vulnerabilities are listed below - CVE-2026-27577 (CVSS score: 9.4) - Expr…THEHACKERNEWS.COM
11 MarPageJack in Action: CVE-2022-0995 exploitPageJack is a Linux kernel exploitation technique useful to generate a User After Free (UAF) in the page allocator. In this article we provide a detailed example of how to use it to exploit a Linux kernel vulnerability from 2022.QUARKSLAB.COM
11 MarChromium: CVE-2026-3537 Object lifecycle issue in PowerVRThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
11 Mar KEVCISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flawsThe US Cybersecurity and Infrastructure Security Agency (CISA) has warned that an authentication bypass vulnerability patched in Ivanti Endpoint Manager (EPM) last month is now being exploited in the wild. The agency has also updated its directive related to two Cisco Catalyst SD…CSOONLINE.COM
11 MarSix mistakes in ERC-4337 smart accountsAccount abstraction transforms fixed “private key can do anything” models into programmable systems that enable batching, recovery and spending limits, and flexible gas payment. But that programmability introduces risks: a single bug can be as catastrophic as leaking a private ke…TRAILOFBITS.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
11 MarMicrosoft Patch Tuesday, March 2026 EditionMicrosoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid a…KREBSONSECURITY.COM
11 MarJack & Jill went up the hill — and an AI tried to hack themWhat happens when an autonomous AI agent is turned loose on another autonomous AI agent? It chains together bugs that humans would consider benign, easily bypasses authentication controls, and even unexpectedly masquerades as Donald Trump to get its way. This was what CodeWall fo…CSOONLINE.COM
11 MarMicrosoft Fixes 79 Vulnerabilities in March 2026 Patch Tuesday, Mitigating Two Exploited 0-DaysMicrosoft has released its March 2026 Patch Tuesday updates, successfully addressing 79 security vulnerabilities across various products and mitigating two publicly disclosed zero-day flaws. These critical security updates provide essential fixes for enterprise systems, including…GBHACKERS.COM
11 MarFive Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer SecretsCybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below - chrono_anchor dnp3times time_calibrator time_calibrators t…THEHACKERNEWS.COM
11 MarHR Departments Targeted by Multi-Layered BlackSanta EDR Killer MalwareThreat actors are increasingly targeting human resources (HR) departments by disguising malware as job application documents. The attack begins with what appears to be a legitimate job application. HR professionals receive a resume hosted on a well-known cloud storage platform, m…GBHACKERS.COM
11 Mar12 ways attackers abuse cloud services to hack your enterpriseAttackers are increasingly abusing trusted SaaS platforms, cloud infrastructure, and identity systems to blend malicious activity into legitimate enterprise traffic. Adversaries are pushing command and control (C2) through high-reputation services, including OpenAI and AWS, to bl…CSOONLINE.COM
11 MarUNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 HoursA threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours. The attack started with the theft of a developer's GitHub token, which the thre…THEHACKERNEWS.COM
11 MarBeing Exploitable While Your Risk Tolerance Changes and You Unblock Innovation - BSW #438AI has created a dilemma for security teams. Attackers are using AI to develop exploits to newly disclosed vulnerabilities faster than security teams can patch them. Security teams have not fully leveraged the capabilities of AI to autonomously prevent these attacks. Without a ra…YOUTUBE.COM
11 MarMicrosoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-DaysMicrosoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vu…THEHACKERNEWS.COM
11 MarA 5-step approach to taming shadow AIAI is being leveraged across organizations to boost productivity, accelerate innovation and optimize business processes. The problem is that adoption has outpaced discipline. Only a minority ( 23.8% ) of organizations have formal AI risk frameworks in place, which is precisely ho…CSOONLINE.COM
11 MarWhy zero trust breaks down in IoT and OT environmentsZero trust solves the wrong problem in OT Zero trust has become the dominant security narrative of the past decade, and rightly so. Its core principles, never trust, always verify; assume breach; enforce least privilege, have reshaped how organizations think about identity, acces…CSOONLINE.COM
11 MarDid cybersecurity recently have its Gatling gun moment?On the James River, Petersburg, VA, June of 1864, during the American Civil War, General Benjamin Butler, of the US Army, deployed a new weapon into the field that effectively altered the nature of kinetic battles. The later named “Siege of Petersburg, ” was the first recorded in…CSOONLINE.COM
11 MarSalesforce confirms ShinyHunters exploited Experience Cloud sites | news | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/salesforce-confirms-shinyhunters-exploited-experience-cloud-sitesSH.ITJUST.WORKS
11 MarOverly permissive ‘guest’ settings put Salesforce customers at riskSalesforce is urging its customers to review their Experience Cloud ‘guest’ configurations as cybercrime group ShinyHunters claims a new campaign involving data theft and extortion tied to exposed Salesforce environments. The group recently posted screenshots on its leak site cla…CSOONLINE.COM
11 MarFortiGate Devices Exploited to Breach Networks and Steal Service Account Credentialssubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2026/03/fortigate-devices-exploited-to-breach.htmlSH.ITJUST.WORKS
11 MarFortinet, Ivanti, Intel Patch High-Severity VulnerabilitiesThe bugs could lead to arbitrary code execution, privilege escalation, or authentication rate-limit bypass. The post Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarHow to 10x Your Vulnerability Management Program in the Agentic EraThe evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. The post How to 10x Your Vulnerability Management Program in the Agentic Era appeared first on SecurityWe…SECURITYWEEK.COM
11 Mar KEVCISA: Recently patched Ivanti EPM flaw now actively exploitedsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/cisa-recently-patched-ivanti-epm-flaw-now-actively-exploited/SH.ITJUST.WORKS
11 MarWhat Boards Must Demand in the Age of AI-Automated Exploitation“You knew, and you could have acted. Why didn’t you?”  This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, many executive teams and boards have treated a large vulnerability backlog …THEHACKERNEWS.COM
11 MarAWS expands Security Hub for multicloud security operationsAmazon Web Services is expanding AWS Security Hub to function as a centralized security operations platform capable of aggregating risk signals across multicloud environments. With the updated Security Hub, the company said it will introduce a unified operations layer that provid…CSOONLINE.COM
11 MarUNC6426 Hackers Exploit NPM Package to Gain AWS Admin Access in 72 HoursUNC6426 hackers turned a routine NPM update into a direct path to full AWS administrator access in under 72 hours, highlighting how fragile CI/CD-to-cloud trust can become when roles are overly permissive.​ When a developer at the victim organization updated or installed the affe…GBHACKERS.COM
11 MarManaging Python on ServersPython running on servers can be exploited by attackers leveraging living-off-the-land techniques. Simple hash blocking won’t catch tunneling tools or unexpected DLL loads. Without advanced detection methods like heuristics, canary secrets, and tripwires, malicious activity may g…YOUTUBE.COM
11 Mar KEVCISA orders feds to patch n8n RCE flaw exploited in attacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability. [...]BLEEPINGCOMPUTER.COM
11 MarSQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sitesAn SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without authentication. [...]BLEEPINGCOMPUTER.COM
11 MarContagious Interview: Malware delivered through fake developer job interviewsThe Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and FlexibleFerret through fake coding assessments. The malware then steals API tokens, cloud…MICROSOFT.COM
11 MarResumés with malicious ISO attachments are circulating, says AryakaThreat actors are still having success tricking human resources staff into opening malware-infected phishing emails. The latest example is detailed by researchers at Aryaka, who this week described a campaign by an unnamed threat actor who is distributing resumés containing a mal…CSOONLINE.COM
11 MarRisky Business #828 -- The Coruna exploits are truly exquisiteOn this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: The Coruna exploits were L3 Harris, but it seems Triangulation… was not! Iran’s cyber HQ hit by Israeli (kinetic) strikes Trump’s cyber “strategy” is … well, all we…RISKY.BIZ
📋 SECURITY BULLETINS 1[−]
11 MarICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi ElectricIndustrial giants Siemens, Schneider Electric, Mitsubishi Electric, and Moxa have published new ICS Patch Tuesday advisories. The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 11[−]
11 MarCanada Needs Nationalized, Public AICanada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute Strategy . Will any value generated by “sovereign AI” be captured in Canada, making a difference in the …SCHNEIER.COM
11 MarCanadian retailer Loblaw investigates data breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.reuters.com/sustainability/boards-policy-regulation/canadian-retailer-loblaw-investigates-data-breach-2026-03-10/SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 9[−]
11 MarTrojanized Red Alert App Targets Israeli Users in SMS Scam to Steal Sensitive DataA mobile spyware campaign abusing a trojanized version of the Red Alert rocket warning Android app to target Israeli users via SMS smishing messages that impersonate official Home Front Command alerts. The fake app keeps full rocket alert functionality so it looks and behaves lik…GBHACKERS.COM
11 Mar‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating PayloadThe malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. The post ‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload appeared fir…SECURITYWEEK.COM
11 MarMichelin Confirms Data Breach Linked to Oracle EBS AttackThe cybercriminals have leaked more than 300GB of files allegedly stolen from the tire giant. The post Michelin Confirms Data Breach Linked to Oracle EBS Attack appeared first on SecurityWeek .SECURITYWEEK.COM
11 Mar238,000 Impacted by Bell Ambulance Data BreachHackers stole personal information such as names, Social Security numbers, and driver’s license numbers. The post 238,000 Impacted by Bell Ambulance Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarHacker broke into FBI and compromised Epstein files, report saysAccording to a Reuters report, a foreign hacker broke into a server that was part of the FBI’s investigation into Jeffrey Epstein — without realizing they had hacked an FBI server.TECHCRUNCH.COM
11 MarNew PhantomRaven NPM attack wave steals dev data via 88 packagesNew attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. [...]BLEEPINGCOMPUTER.COM
11 MarRansomware Attacks Surge by 50% Even as Payments DropThe number of ransomware attacks increased by 50% in 2025, even though the number of victims who decided to pay the ransom fell to an all-time low, according to a new report from Chainalysis.KNOWBE4.COM
11 MarCork Stryker plants hit by suspected global Iranian-linked cyberattack | Cork Beosubmitted by kid to cybersecurity 1 points | 0 comments https://www.corkbeo.ie/news/local-news/cork-stryker-plants-hit-suspected-33571864SH.ITJUST.WORKS
11 MarAI Agent Hacks McKinseysubmitted by cm0002 to cybersecurity 1 points | 0 comments https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platformINFOSEC.PUB
🕵️ THREAT INTELLIGENCE 22[−]
11 MarISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844, (Wed, Mar 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 MarPhantomRaven Malware Resurfaces, Targets npm Supply Chain to Steal Developer SecretsA large-scale malware campaign known as PhantomRaven has resurfaced, targeting the npm software supply chain and attempting to steal sensitive developer credentials. The newly identified packages belong to three new phases of the campaign Wave 2, Wave 3, and Wave 4 distributed be…GBHACKERS.COM
11 MarWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
11 MarBeatBanker Trojan Spreads via Phishing, Deploys Crypto Miner and RAT on Targeted DevicesBeatBanker is a new Android malware campaign targeting users in Brazil, combining banking fraud, crypto‑mining, and, in its latest wave, full device takeover via a RAT. It spreads almost entirely through phishing pages that mimic the Google Play Store and trick victims into insta…GBHACKERS.COM
11 MarGoogle Warns of AI‑Driven Adaptive Malware Rewriting Its Own CodeThe cybersecurity landscape experienced a major shift in 2025 as threat actors transitioned from experimenting with artificial intelligence to fully integrating it into real-world cyber operations. According to new insights from the Google Threat Intelligence Group (GTIG) and Man…GBHACKERS.COM
11 MarQuantro Security Emerges From Stealth With $2.5 Million in FundingThe startup integrates with existing cybersecurity stacks, ingests and normalizes data, and delivers intelligence to reduce risks. The post Quantro Security Emerges From Stealth With $2.5 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarInstagram Down: Global Outage Prevents Users from Posting and MessagingA widespread technical outage has struck Instagram, leaving thousands of users globally unable to access the popular social media application. The disruption, which primarily impacted users in the United States, represents a significant service degradation for Meta’s infras…GBHACKERS.COM
11 MarUK plans to shift fraud fight onto telecoms, tech companies | The Record from Recorded Future Newssubmitted by kid to cybersecurity 1 points | 0 comments https://therecord.media/uk-plans-to-shift-fraud-fight-to-telecoms-techSH.ITJUST.WORKS
11 MarOpenAI to Acquire AI Security Startup PromptfooPromptfoo has raised more than $23 million in funding for a platform that helps developers secure LLMs and AI agents. The post OpenAI to Acquire AI Security Startup Promptfoo appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarScanner Raises $22 Million for AI-Powered Threat HuntingThe company connects AI agents to security data lakes for interactive investigations, detection engineering, and autonomous response. The post Scanner Raises $22 Million for AI-Powered Threat Hunting appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarNew 'Zombie ZIP' technique lets malware slip past security toolssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/new-zombie-zip-technique-lets-malware-slip-past-security-tools/SH.ITJUST.WORKS
11 MarCISO Conversations: Aimee CardwellAimee Cardwell started her career at Netscape, become a VP of engineering at American Express, CISO at UnitedHealth Group, and now CISO in Residence at Transcend. The post CISO Conversations: Aimee Cardwell appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarBalancing LLMs and SLMs for Data SecurityLarge language models (LLMs) are powerful for data enrichment but lack precision in prediction and can hallucinate answers. Small language models (SLMs), customized for specific tasks, provide more reliable results. Using both models together leverages the strengths of each—balan…YOUTUBE.COM
11 MarTeen crew caught selling DDoS attack tools - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2026/03/10/poland-minors-identified-distributing-ddos-attack-tools/SH.ITJUST.WORKS
11 MarWiz Joins Google Cloud as Landmark Acquisition ClosesGoogle has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand. The post Wiz Joins Google Cloud as Landmark Acquisition Closes appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarAsus routers hijacked to power dangerous cybercrime proxy networksubmitted by commander to cybersecurity 5 points | 0 comments https://www.techradar.com/pro/security/asus-routers-hijacked-to-power-dangerous-cybercrime-proxy-network-heres-what-we-knowSH.ITJUST.WORKS
11 MarMedTech Giant Stryker Crippled by Iran-Linked Hacker AttackStryker was targeted by the Handala group, which claims to have wiped more than 200,000 of the company’s devices. The post MedTech Giant Stryker Crippled by Iran-Linked Hacker Attack appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarSenate Confirms Joshua Rudd to Lead NSA and US Cyber CommandThe leadership structure, commonly referred to as the “dual-hat” arrangement, assigns a single individual to oversee both organizations. The post Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command appeared first on SecurityWeek .SECURITYWEEK.COM
11 MarMeta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdownsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/03/meta-disables-150k-accounts-linked-to.htmlSH.ITJUST.WORKS
11 MarNew ‘BlackSanta’ EDR killer spotted targeting HR departmentssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-blacksanta-edr-killer-spotted-targeting-hr-departments/SH.ITJUST.WORKS
11 MarNews alert: Qevlar AI raises $30M to turn security alerts into actionable defense insights across SOCsPARIS, March 10, 2026 — Qevlar AI , a leader in AI for transforming security operations centres (SOCs), has raised $30 million in funding for its autonomous AI SOC platform. The funding will support development of technology designed to turn … (more…) The post News alert: Q…LASTWATCHDOG.COM
11 MarCISO Tenure Has DoubledIndustry discussions now estimate the average CISO tenure at around three years—roughly double earlier estimates that were closer to 18 months. Even with longer tenures, security leaders still face the same core challenge: understanding their organization’s environment. Maintaini…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
11 MarBeatBanker and BTMOB trojans: infection techniques and how to stay safe | Kaspersky official blogHow to protect yourself from the BeatBanker Android trojan, which steals cryptocurrency, hijacks your hardware for crypto mining, and swipes all your data.KASPERSKY.COM
11 MarMedtech giant Stryker offline after Iran-linked wiper malware attackLeading medical technology company Stryker has been hit by a wiper malware attack claimed by Handala, an Iranian-linked and pro-Palestinian hacktivist group. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 9[−]
11 MarWeekly Threat Bulletin – March 11th, 2026These are the top threats you should know about this week.F5.COM
11 MarGoogle completes $32B acquisition of WizGoogle has officially acquired Israeli cybersecurity firm Wiz for $32 billion in all-cash, a full year after the companies announced the deal. This marks Google's biggest acquisition in its history.TECHCRUNCH.COM
11 MarMeta adds new WhatsApp, Facebook, and Messenger anti-scam toolsMeta is introducing new anti-scam protections across its platforms, deploying systems and user-facing warnings to protect users against scammers. [...]BLEEPINGCOMPUTER.COM
11 MarMeta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global CrackdownMeta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and…THEHACKERNEWS.COM
11 MarIran-Backed Hackers Claim Wiper Attack on Medtech Firm StrykerA hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the comp…KREBSONSECURITY.COM
11 MarResearchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four MinutesAgentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. The attack, at its core, takes advantage of AI brow…THEHACKERNEWS.COM
11 MarPro-Iran hacktivist group says it is behind attack on medical tech giant StrykerThe hacktivist group claimed the attack was in retaliation for a U.S. strike on a Tehran school that killed more than 175 people, most of them children.TECHCRUNCH.COM
11 MarWhatsApp introduces parent-managed accounts for pre-teensWhatsApp has begun rolling out parent-managed accounts for pre-teens, allowing parents and guardians to decide who can contact them and which groups they can join. [...]BLEEPINGCOMPUTER.COM
11 MarAI Security for Apps is now generally availableCloudflare AI Security for Apps is now generally available, providing a security layer to discover and protect AI-powered applications, regardless of the model or hosting provider. We are also making AI discovery free for all plans, to help teams find and secure shadow AI deploym…CLOUDFLARE.COM