102Articles
8Categories
2026-03-16Date
🚨 CISA KEV 1[−]
16 Mar KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.  CVE-2025-47813 Wing FTP Server Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyb…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 33[−]
16 MarFortiGate Firewall Exploitation Fuels Network Breaches in New Attack WaveCybersecurity defenders identified a surge in network breaches originating from compromised FortiGate Next-Generation Firewalls. According to incident responders at SentinelOne, threat actors exploit recent vulnerabilities to extract configuration files, steal credentials, and es…GBHACKERS.COM
16 MarNine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at riskSecurity researchers at Qualys have disclosed nine vulnerabilities in AppArmor, the Linux Security Module that ships enabled by default across Ubuntu, Debian, and SUSE distributions. An unprivileged local attacker can exploit the flaws to gain full root access, break out of conta…CSOONLINE.COM
16 MarChromium: CVE-2026-3909 Out of bounds write in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information. Google is aware that an exploit for CVE-2026-3909 exists in…MSRC.MICROSOFT.COM
16 MarRansomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat LandscapeWritten by: Bavi Sadayappan, Zach Riddle, Ioana Teaca, Kimberly Goody, Genevieve Stark Introduction Since 2018, when many financially motivated threat actors began shifting their monetization strategy to post-compromise ransomware deployments, ransomware has become one of the mos…CLOUD.GOOGLE.COM
16 MarZDI-26-215: KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3…ZERODAYINITIATIVE.COM
16 MarZDI-26-214: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. T…ZERODAYINITIATIVE.COM
16 MarZDI-26-213: GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. T…ZERODAYINITIATIVE.COM
16 MarZDI-26-212: Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigne…ZERODAYINITIATIVE.COM
16 MarZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned …ZERODAYINITIATIVE.COM
16 MarZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass VulnerabilityThis vulnerability allows remote attackers to bypass a security feature on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.4. The following CVEs are assigned: CVE-2025-21079.ZERODAYINITIATIVE.COM
16 MarZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass VulnerabilityThis vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.0. The following CVEs are assigned: CVE-2025-21079.ZERODAYINITIATIVE.COM
16 MarZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned…ZERODAYINITIATIVE.COM
16 MarZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned…ZERODAYINITIATIVE.COM
16 MarZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned…ZERODAYINITIATIVE.COM
16 MarZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned…ZERODAYINITIATIVE.COM
16 MarZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned…ZERODAYINITIATIVE.COM
16 MarZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned…ZERODAYINITIATIVE.COM
16 MarZDI-26-202: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating o…ZERODAYINITIATIVE.COM
16 MarZDI-26-201: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass VulnerabilityThis vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.3. The following CVEs are assigned: CVE-2025-5938…ZERODAYINITIATIVE.COM
16 MarZDI-26-200: (Pwn2Own) QNAP TS-453E nvrlog_event_add msg SQL Injection Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS …ZERODAYINITIATIVE.COM
16 MarZDI-26-199: (Pwn2Own) QNAP TS-453E conn_log_tool Format String Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS …ZERODAYINITIATIVE.COM
16 MarZDI-26-198: (Pwn2Own) QNAP TS-453E malware_remover Code Injection Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2025-118…ZERODAYINITIATIVE.COM
16 MarZDI-26-197: (Pwn2Own) ChargePoint Home Flex revssh Service Command Injection Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE…ZERODAYINITIATIVE.COM
16 MarZDI-26-196: (Pwn2Own) ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned:…ZERODAYINITIATIVE.COM
16 MarZDI-26-195: (Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure VulnerabilityThis vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assig…ZERODAYINITIATIVE.COM
16 MarZDI-26-194: Microsoft Exchange InterceptorSmtpAgent Improper Input Validation Security Feature Bypass VulnerabilityThis vulnerability allows remote attackers to bypass a security feature on affected installations of Microsoft Exchange. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2026-21527.ZERODAYINITIATIVE.COM
16 MarZDI-26-193: (Pwn2Own) Linux Kernel nf_tables_newset Out-Of-Bounds Write Information Disclosure VulnerabilityThis vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS…ZERODAYINITIATIVE.COM
16 MarZDI-26-192: Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 10.0. The following CVEs are assigned: CVE-2026-4149.ZERODAYINITIATIVE.COM
16 MarZDI-26-191: (Pwn2Own) Linux Kernel nf_tables Use-After-Free Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of …ZERODAYINITIATIVE.COM
16 MarZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CV…ZERODAYINITIATIVE.COM
16 MarZDI-26-189: (Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rati…ZERODAYINITIATIVE.COM
16 MarZDI-26-188: (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rati…ZERODAYINITIATIVE.COM
16 MarZDI-26-187: (Pwn2Own) Synology DiskStation Manager Netatalk Library Buffer Overflow Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2022-45188…ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 21[−]
16 MarNotorious Hacker Group "The Comm," Operation Synergia Takedown, Stryker Cyberattack Update & MoreAlleged Canadian 'The Comm' Hacker Arrested, Interpol's Operation Synergia Takedown, Stryker Cyberattack Update and more.. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and…CYBERSECURITYTODAY.LIBSYN.COM
16 MarMicrosoft Issues Out-of-Band Patch for Critical Windows 11 RRAS RCE FlawsMicrosoft released an urgent out-of-band security update on March 13, 2026, to address a series of critical vulnerabilities in Windows 11. The update, identified as hotpatch KB5084597, specifically resolves Remote Code Execution (RCE) flaws within the Windows Routing and Remote A…GBHACKERS.COM
16 MarAttackers Exploit Teams, Quick Assist to Deploy Stealthy A0BackdoorAttackers are evolving a well-known Microsoft Teams and Quick Assist social-engineering playbook to install a new, stealthy backdoor dubbed A0Backdoor. The campaign closely mirrors activity previously attributed to Blitz Brigantine (also tracked as Storm‑1811), a financially moti…GBHACKERS.COM
16 MarClickFix techniques evolve in new infostealer campaignsCybercriminals are combining compromised websites with increasingly sophisticated ClickFix social engineering lures to deliver new infostealer malware, with one campaign alone weaponizing more than 250 WordPress sites across 12 countries. The campaign leads to stealthy in-memory …CSOONLINE.COM
16 MarWhat it takes to win that CSO roleCSO and CISO roles are among the hardest to fill in IT. Which should be good news for cybersecurity professionals that aspire to leadership positions as the organization’s top security exec. For those that do, the authority, clout, pay, and benefits are increasing significantly. …CSOONLINE.COM
16 MarAI Governance, new book (Code War) from Allie Mellen, and the weekly news! - ESW #450Interview with Jeremy Snyder from FireTail about AI Governance Death by a thousand cuts: the AI shadow IT problem I think the best description of the AI governance problem during this interview was the title of the award-winning movie, __Everything, Everywhere, All At Once__. Gen…YOUTUBE.COM
16 MarDRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth EspionageUkrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior c…THEHACKERNEWS.COM
16 MarMEA Shipment Phishing Scams Surge, Stealing Banking Data in Real TimeEvery day, billions of people rely on postal and courier services to deliver everything from handwritten letters to high value online orders.The rapid growth of global e-commerce has made parcel delivery services a critical part of everyday life. According to the Universal Postal…GBHACKERS.COM
16 MarOpen VSX extensions hijacked: GlassWorm malware spreads via dependency abuseThreat actors are abusing extension dependency relationships in the Open VSX registry to indirectly deliver malware in a new phase of the GlassWorm supply-chain campaign. Researchers at Socket said they have identified at least 72 additional malicious Open VSX extensions linked t…CSOONLINE.COM
16 MarForceMemo: Python Repositories Compromised in GlassWorm AftermathHundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. The post ForceMemo: Python Repositories Compromised in GlassWorm Aftermath appeared first on SecurityWeek .SECURITYWEEK.COM
16 MarBetterleaks Launches as Open-Source Tool for Scanning Files, Directories, and Git RepositoriesZach Rice, the original creator of the widely popular secret scanning tool Gitleaks, has officially launched its successor, Betterleaks. Sponsored by Aikido Security, this new open-source project aims to be a faster, smarter, and highly configurable replacement for finding hardco…GBHACKERS.COM
16 MarRondoDox Botnet Scales Up, Exploiting 174 Vulnerabilities via Residential IPsRondoDox is a Mirai‑style botnet that has quickly evolved into a highly automated exploitation engine, chaining 174 vulnerabilities with large‑scale use of compromised residential IP infrastructure.​ This explosive growth widens the global attack surface, especially as many vendo…GBHACKERS.COM
16 MarWhy Security Validation Is Becoming AgenticIf you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated pentesting product, in another. A vulnerability scanner feeding an attack surface management…THEHACKERNEWS.COM
16 MarClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool InstallersThree different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. "Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executi…THEHACKERNEWS.COM
16 MarChrome 146 Update Patches Two Exploited Zero-Days - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/chrome-146-update-patches-two-exploited-zero-days/SH.ITJUST.WORKS
16 MarHandala Hackers Exploit RDP and NetBird in Coordinated Wiper AttacksHandala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sands…GBHACKERS.COM
16 MarWhy Cyber Attribution Gets ComplicatedCyber attribution—the process of determining who conducted a cyber attack—is one of the hardest problems in cybersecurity. Evidence is often incomplete, indirect, or intentionally misleading. Even when attacks appear to target specific countries, proving which nation carried them…YOUTUBE.COM
16 Mar⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & MoreSome weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling. This week has that energy. Fresh messes, old problems getting sharper, and research that stops feeling theoretical real fast. A few bits hit a little too…THEHACKERNEWS.COM
16 Mar KEVCISA flags Wing FTP Server flaw as actively exploited in attacksCISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks. [...]BLEEPINGCOMPUTER.COM
16 MarTrendAI™ Supports Global Law Enforcement EffortsLearn how TrendAI™ and our researchers contributed threat intelligence and analysis to support INTERPOL against cybercrime.TRENDMICRO.COM
16 MarVU#624941: LibreChat RAG API contains a log-injection vulnerabilityOverview A log-injection vulnerability in the LibreChat RAG API, version 0.7.0, is caused by improper sanitization of user-supplied input written to system logs. An authenticated attacker can forge or manipulate log entries by inserting CRLF characters, compromising the integrity…KB.CERT.ORG
📢 SECURITY ADVISORIES 8[−]
🔥 INCIDENT REPORTING 12[−]
16 MarOpenClaw AI Agents Vulnerable to Indirect Prompt Injection, Causing Data LeaksOpenClaw AI agents are facing significant security scrutiny following a recent CNCERT warning about insecure defaults and prompt-injection vulnerabilities. The most critical risk for defenders is not just abstract model confusion, but the ability of an attacker to turn normal AI …GBHACKERS.COM
16 MarIBM Discovers ‘Slopoly’ AI-Generated Malware Linked to Hive0163 RansomwareRansomware group Hive0163 is experimenting with a likely AI-generated malware framework, dubbed “Slopoly,” marking a visible shift toward AI-assisted tooling in attacks. While the malware itself is simple, its use shows how quickly threat actors can now generate and iterate on cu…GBHACKERS.COM
16 MarWeb Shells, Tunnels, and Ransomware: Dissecting a Warlock AttackWarlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver.TRENDMICRO.COM
16 MarGoogle Unveils Android 17 Advanced Protection Mode to Stop Malicious ServicesGoogle is preparing to launch Android 17, introducing a comprehensive suite of new features aimed at fundamentally improving device security, user privacy, and performance debugging. At the forefront of this release is the highly anticipated Android Advanced Protection Mode (AAPM…GBHACKERS.COM
16 MarGoogle Looker Studio Vulnerabilities Allow Attackers to Exfiltrate Data from Google ServicesTenable Research recently uncovered “LeakyLooker,” a critical set of nine novel cross-tenant vulnerabilities within Google Looker Studio that enabled attackers to silently exfiltrate or modify sensitive data across various Google Cloud Platform services. Following responsible dis…GBHACKERS.COM
16 MarChina-Linked Hackers Hit Asian Militaries in Patient Espionage OperationThe state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months. The post China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation appeared first on SecurityWeek .SECURITYWEEK.COM
16 MarCyberattack Hits Poland’s Nuclear Research CenterPoland’s National Centre for Nuclear Research recently experienced a targeted cyberattack aimed at its IT infrastructure. Security teams successfully thwarted the intrusion before malicious actors could compromise critical systems or access sensitive data. The facility, whi…GBHACKERS.COM
16 MarCamelClone Uses Public File-Sharing Sites in Government CyberattacksA new cyber espionage campaign dubbed Operation CamelClone, targeting government and strategic sectors across several geopolitically significant regions. The campaign abuses legitimate tools and public file‑sharing platforms to deliver malware and steal sensitive data, making it …GBHACKERS.COM
16 MarPoland's nuclear research centre targeted by cyberattacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/polands-nuclear-research-centre-targeted-by-cyberattack/SH.ITJUST.WORKS
16 MarSecurity Firm Executive Targeted in Sophisticated Phishing AttackThe attackers used a DKIM-signed phishing email, trusted redirect infrastructure, compromised servers, and Cloudflare-protected phishing pages. The post Security Firm Executive Targeted in Sophisticated Phishing Attack appeared first on SecurityWeek .SECURITYWEEK.COM
16 MarStryker attack wiped tens of thousands of devices, no malware neededLast week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. [...]BLEEPINGCOMPUTER.COM
16 Mar2025 Identity Threat Landscape Report: Inside the Infostealer Economy: Credential Threats in 2025Recorded Future's 2025 Identity Threat Landscape Report analyzes hundreds of millions of compromised credentials to reveal how infostealer malware is evolving, which systems attackers are targeting, and what security teams must do to get ahead of credential-based breaches.RECORDEDFUTURE.COM
🕵️ THREAT INTELLIGENCE 17[−]
16 MarISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 MarMeta Permanently Disables End-to-End Encryption for Instagram DMsMeta has announced plans to permanently turn off end-to-end encryption for Instagram Direct Messages. Effective May 8, 2026, the social media platform will officially cease support for this critical security feature. This decision marks a significant change in how user communicat…GBHACKERS.COM
16 MarKonni Hijacks KakaoTalk Accounts in Spear-Phishing Malware CampaignKonni APT recently ran a multi-stage malware operation that hijacked KakaoTalk accounts to spread remote access trojans (RATs) through highly targeted spear‑phishing.​ The message used contextual content aligned with the victim’s role to build trust and trick them into opening an…GBHACKERS.COM
16 MarACRStealer Variant Deploys Syscall Evasion, TLS C2, Secondary PayloadsNew research reveals that a new ACRStealer variant is now being actively deployed as a final payload by HijackLoader, using low‑level syscalls, AFD-based networking, TLS C2, and flexible secondary payload delivery to evade detection and maximize data theft. The newly observed sam…GBHACKERS.COM
16 MarHacking Attempt Reported at Poland’s Nuclear Research CenterInitial evidence indicates Iran may be behind the attack, but officials admitted it could be a false flag. The post Hacking Attempt Reported at Poland’s Nuclear Research Center appeared first on SecurityWeek .SECURITYWEEK.COM
16 MarCreating Noise: The Emerging Obfuscation Technique Designed to Evade Email Security NLP Detection CapabilitiesOur Threat Intelligence team has observed an emerging obfuscation technique, specifically used to make Natural Language Processing (NLP) detection capabilities less effective. Broadly, malicious actors are adding additional characters, break lines, and legitimate links to the end…KNOWBE4.COM
16 MarFake FileZilla Downloads Spread RAT via Stealthy Multi-Stage LoaderFake FileZilla downloads are being used to deliver a stealthy Remote Access Trojan (RAT) through a multi‑stage loader, putting careless downloaders at high risk of compromise.​ Attackers have set up a fake website that closely copies the look and layout of the legitimate FileZill…GBHACKERS.COM
16 MarPossible New Result in Quantum FactorizationI’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s a theoretical improvement in the speed of factoring large numbers with a quantum computer.SCHNEIER.COM
16 MarFake enterprise VPN sites used to steal company credentialssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fake-enterprise-vpn-downloads-used-to-steal-company-credentials/SH.ITJUST.WORKS
16 MarNine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolationsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/03/nine-crackarmor-flaws-in-linux-apparmor.htmlSH.ITJUST.WORKS
16 MarThreat Actor Targeting VPN Users in New Credential Theft CampaignStorm-2561 is distributing fake VPN clients through SEO poisoning, deploying trojans, and stealing login information. The post Threat Actor Targeting VPN Users in New Credential Theft Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
16 MarMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
16 MarAppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript codesubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/appsflyer-web-sdk-used-to-spread-crypto-stealer-javascript-code/SH.ITJUST.WORKS
16 MarOracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential ImpactBroadcom, Bechtel, Estée Lauder, and Abbott Technologies are the only major companies that have yet to issue a public statement. The post Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact appeared first on SecurityWeek .SECURITYWEEK.COM
16 MarHelp on the line: How a Microsoft Teams support call led to compromiseA DART investigation into a Microsoft Teams voice phishing attack shows how deception and trusted tools can enable identity-led intrusions and how to stop them. The post Help on the line: How a Microsoft Teams support call led to compromise appeared first on Microsoft Security Bl…MICROSOFT.COM
16 MarNew Microsoft Purview innovations for Fabric to safely accelerate your AI transformationAs organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. The post New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation appeared first on Microsoft Security Blog .TECHCOMMUNITY.MICROSOFT.COM
16 MarAI Hallucinations Become Security’s ProblemMany organizations rely on automated red-teaming tools to test AI systems for security risks. These tools often evaluate more than just security vulnerabilities—they also detect hallucinations and reasoning failures. Because security teams operate these tools, they often gain vis…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
16 MarAndroid 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware AbuseGoogle is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from using the accessibility services API. The change, incorporated in Android 17 Beta 2, was first reported by Android Authority last week. AAPM was in…THEHACKERNEWS.COM
16 MarFree real estate: GoPix, the banking Trojan living off your memoryKaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) files for man-in-the-middle attacks, and malvertising via Google Ads.SECURELIST.COM
📡 INFOSEC NEWS 8[−]
16 MarMicrosoft pulls Samsung app blocking Windows C: drive from Store​Microsoft has removed the Samsung Galaxy Connect app from the Microsoft Store because it was causing issues on specific Samsung Galaxy Book 4 and desktop models running Windows 11. [...]BLEEPINGCOMPUTER.COM
16 Mar/proxy/ URL scans with IP addresses, (Mon, Mar 16th)Attempts to find proxy servers are among the most common scans our honeypots detect. Most of the time, the attacker attempts to use a host header or include the hostname in the URL to trigger the proxy server forwarding the request. In some cases, common URL prefixes like "/proxy…ISC.SANS.EDU
16 MarShadow AI is everywhere. Here’s how to find and secure it.Shadow AI is quietly spreading across SaaS environments as employees adopt new AI tools without IT oversight. Nudge Security explains how security teams can discover AI apps, monitor usage, and govern risky AI activity. [...]BLEEPINGCOMPUTER.COM
16 MarWhen AI hallucinations turn fatal: how to stay grounded in reality | Kaspersky official blogA 36-year-old American man took his own life after two months of interacting with Gemini, with the chatbot reportedly pushing the concept of digital immortality. We explore why scenarios straight from Black Mirror are becoming a reality, and how to push back.KASPERSKY.COM
16 MarMicrosoft Exchange Online outage blocks access to mailboxesMicrosoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars. [...]BLEEPINGCOMPUTER.COM
16 MarUK’s Companies House confirms security flaw exposed business dataCompanies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies' information since October 2025. [...]BLEEPINGCOMPUTER.COM
16 MarFree parking in Russia after Distributed Denial-of-Service attack knocks city’s parking system offlineDrivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking. Not because the city council suddenly decided to embrace generosity - but rather because hackers succeeded in knocking the city's payment system offline. Read more in my article on…BITDEFENDER.COM
16 MarSecuring Autonomous AI Agents with TrendAI & NVIDIA OpenShellLearn how TrendAI and NVIDIA OpenShell help secure autonomous AI agents and build trusted enterprise AI systems with stronger visibility and control.TRENDMICRO.COM