InfoSecRadar InfoSecRadar
  • Home
    • Vulnerabilities & Exploits
    • Malware & Ransomware
    • Data Breaches & Leaks
    • Threat Actors & Campaigns
    • Policy & Regulation
    • Industry & Career
    • Tools & Techniques
    • Cloud & Infrastructure
    • AI & Cybersecurity
    • Privacy & Surveillance
    • Signal School
  • Friend
  • Foe
  • Archive
  • About

Archive: March 2026

1299 stories.

← April 2026 All months February 2026 →
FRIEND Mar 31 Bleeping Computer
Proton launches new "Meet" privacy-focused conferencing platform
FOE Mar 31 Bleeping Computer
GIGABYTE Control Center vulnerable to arbitrary file write flaw
FOE Mar 31 Dark Reading
The Forgotten Endpoint: Security Risks of Dormant Devices
FOE Mar 31 Bleeping Computer
Claude AI finds Vim, Emacs RCE bugs that trigger on file open
FOE Mar 31 The Register (Security)
Don't open that WhatsApp message, Microsoft warns
FOE Mar 31 Dark Reading
Axios NPM Package Compromised in Precision Attack
FOE Mar 31 CSO Online
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
FOE Mar 31 Dark Reading
Google's Vertex AI Has an Over-Privileged Problem
FOE Mar 31 Dark Reading
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials
FOE Mar 31 The Register (Security)
Iran targets M365 accounts with password-spraying attacks
FOE Mar 31 CSO Online
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
FRIEND Mar 31 The Hacker News
Android Developer Verification Rollout Begins Ahead of September Enforcement
FOE Mar 31 Ars Technica (Security)
Quantum computers need vastly fewer resources than thought to break vital encryption
FOE Mar 31 Bleeping Computer
Cisco source code stolen in Trivy-linked dev environment breach
FOE Mar 31 The Hacker News
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
FRIEND Mar 31 Dark Reading
Black Hat USA
FRIEND Mar 31 SecurityWeek
Censys Raises $70 Million for Internet Intelligence Platform
FRIEND Mar 31 Dark Reading
Rethinking Vulnerability Management Strategies for Mid-Market Security
FOE Mar 31 SecurityWeek
The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust
FOE Mar 31 Dark Reading
AI and Quantum Are Forcing a Rethink of Digital Trust
FOE Mar 31 SecurityWeek
Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks
FOE Mar 31 SecurityWeek
Venom Stealer Raises Stakes With Continuous Credential Harvesting
FOE Mar 31 Privacy International
Challenging the militarisation of tech: a visual explainer
FOE Mar 31 Bleeping Computer
How to Categorize AI Agents and Prioritize Risk
FOE Mar 31 Bleeping Computer
Hackers compromise Axios npm package to drop cross-platform malware
FOE Mar 31 SecurityWeek
TeamPCP Moves From OSS to AWS Environments
FOE Mar 31 Ars Technica (Security)
Iran's hackers are on the offensive against the US and Israel
FOE Mar 31 SecurityWeek
CrewAI Vulnerabilities Expose Devices to Hacking
FOE Mar 31 Dark Reading
Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations
FOE Mar 31 The Hacker News
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
FOE Mar 31 CSO Online
OpenAI patches twin leaks as Codex slips and ChatGPT spills
FRIEND Mar 31 Bleeping Computer
Microsoft fixes Outlook Classic crashes caused by Teams Meeting add-in
FOE Mar 31 CISA Alerts
Anritsu Remote Spectrum Monitor
FOE Mar 31 CISA Alerts
PX4 Autopilot
FOE Mar 31 SecurityWeek
Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption
FOE Mar 31 The Hacker News
The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority
FOE Mar 31 The Hacker News
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
FOE Mar 31 SecurityWeek
Exploitation of Critical Fortinet FortiClient EMS Flaw Begins
FRIEND Mar 31 Schneier on Security
Inventors of Quantum Cryptography Win Turing Award
FOE Mar 31 The Register (Security)
Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines
FOE Mar 31 SecurityWeek
StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs
FOE Mar 31 SecurityWeek
Lloyds Data Security Incident Impacts 450,000 Individuals
FOE Mar 31 Bleeping Computer
Hacker charged with stealing $53 million from Uranium crypto exchange
FRIEND Mar 31 CSO Online
8 ways to bolster your security posture on the cheap
FOE Mar 31 CSO Online
The external pressures redefining cybersecurity risk
FOE Mar 31 CSO Online
6 key takeaways from RSA Conference 2026
FOE Mar 31 Bleeping Computer
Dutch Finance Ministry takes treasury banking portal offline after breach
FOE Mar 31 SANS Internet Storm Center
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
FOE Mar 31 CSO Online
Fahndung nach Cyberkriminellen – 130 Firmen attackiert
FOE Mar 31 Bleeping Computer
CISA orders feds to patch actively exploited Citrix flaw by Thursday
FOE Mar 31 SecurityWeek
Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
FOE Mar 31 The Hacker News
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
FOE Mar 31 Sophos News
Axios npm package compromised to deploy malware
FOE Mar 31 Sophos News
The High Cost of Low Trust: Our Commitment to Radical Transparency
FOE Mar 31 Sophos News
The Cybersecurity Trust Reality in 2026
FOE Mar 30 CSO Online
Fortinet hit by another exploited cybersecurity flaw
FOE Mar 30 Bleeping Computer
Healthcare tech firm CareCloud says hackers stole patient data
FOE Mar 30 Dark Reading
AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection
FOE Mar 30 Bleeping Computer
New RoadK1ll WebSocket implant used to pivot on breached networks
FOE Mar 30 The Intercept (Privacy)
What Would We All Say If Iran Razed MIT Because of Military-Related Research?
FOE Mar 30 The Register (Security)
OpenAI patches ChatGPT flaw that smuggled data over DNS
FRIEND Mar 30 EFF Deeplinks
Welcome, Daily Show Viewers! Learn More About EFF and Privacy's Defender
FRIEND Mar 30 EPIC
Biometric Update: FTC can do better on age assurance, say privacy rights’ groups
FOE Mar 30 Dark Reading
AI-Driven Code Surge Is Forcing a Rethink of AppSec
FOE Mar 30 Bleeping Computer
Critical Citrix NetScaler memory flaw actively exploited in attacks
FOE Mar 30 Dark Reading
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation
FOE Mar 30 Dark Reading
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation
FOE Mar 30 The Hacker News
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
FOE Mar 30 The Register (Security)
Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
FOE Mar 30 Dark Reading
Manufacturing and Healthcare Share Struggles with Passwords
FOE Mar 30 The Hacker News
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
FRIEND Mar 30 EFF Deeplinks
EFF's Cindy Cohn on The Daily Show! Tonight Monday, March 30
FOE Mar 30 Dark Reading
Storm Brews Over Critical, No-Click Telegram Flaw
FOE Mar 30 SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)
FRIEND Mar 30 Bleeping Computer
Apple adds macOS Terminal warning to block ClickFix attacks
FOE Mar 30 SecurityWeek
Healthcare IT Platform CareCloud Probing Potential Data Breach
FOE Mar 30 SecurityWeek
Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control
FRIEND Mar 30 Bleeping Computer
How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
FOE Mar 30 The Hacker News
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
FOE Mar 30 The Register (Security)
Citrix NetScaler bug exploited in days, may be multiple flaws in a trench coat
FRIEND Mar 30 The Hacker News
3 SOC Process Fixes That Unlock Tier 1 Productivity
FRIEND Mar 30 SecurityWeek
Huskeys Emerges From Stealth With $8 Million in Funding
FOE Mar 30 CSO Online
LangChain path traversal bug adds to input validation woes in AI pipelines
FOE Mar 30 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Mar 30 SecurityWeek
Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
FOE Mar 30 CSO Online
Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases
FOE Mar 30 The Hacker News
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
FOE Mar 30 SecurityWeek
European Commission Reports Cyber Intrusion and Data Theft
FOE Mar 30 SecurityWeek
Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare
FRIEND Mar 30 Schneier on Security
Apple’s Camera Indicator Lights
FOE Mar 30 Bleeping Computer
Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
FOE Mar 30 SecurityWeek
Telnyx Targeted in Growing TeamPCP Supply Chain Attack
FOE Mar 30 The Register (Security)
European Commission admits attackers broke into public web systems, but says little else
FOE Mar 30 CSO Online
APIs are the new perimeter: Here’s how CISOs are securing them
FOE Mar 30 The Hacker News
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
FOE Mar 30 Bleeping Computer
Microsoft pulls KB5079391 Windows update over install issues
FOE Mar 30 SecurityWeek
Exploitation of Fresh Citrix NetScaler Vulnerability Begins
FOE Mar 30 CSO Online
Why Kubernetes controllers are the perfect backdoor
FOE Mar 30 SecurityWeek
FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers
FOE Mar 30 Bleeping Computer
Critical Fortinet Forticlient EMS flaw now exploited in attacks
FOE Mar 30 The Register (Security)
Security contractor blew the whistle on support crew's viral indifference
FOE Mar 30 SecurityWeek
F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild
FOE Mar 30 The Hacker News
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
FOE Mar 30 Bleeping Computer
European Commission confirms data breach after Europa.eu hack
FOE Mar 30 The Register (Security)
US foreign router ban criticized for being ‘industrial policy disguised as cybersecurity’
FRIEND Mar 30 Risky Business News
Risky Bulletin: Apple adds ClickFix warning to macOS terminal
FRIEND Mar 30 CSO Online
Data Security Posture Management: Die besten DSPM-Tools
FRIEND Mar 30 SANS Internet Storm Center
DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
FRIEND Mar 30 Sophos News
Where AI in the SOC is actually delivering — and where it isn’t
FOE Mar 30 Sophos News
Incident responders, s'il vous plait: Invites lead to odd malware events
FOE Mar 29 Bleeping Computer
FBI confirms hack of Director Patel's personal email inbox
FOE Mar 29 Bleeping Computer
File read flaw in Smart Slider plugin impacts 500K WordPress sites
FOE Mar 28 The Hacker News
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
FOE Mar 28 SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)
FOE Mar 28 Bleeping Computer
New Infinity Stealer malware grabs macOS data via ClickFix lures
FOE Mar 28 SecurityWeek
Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs
FOE Mar 28 The Intercept (Privacy)
ICE at Airports Trains Us to Accept Being Terrorized in Our Daily Lives
FOE Mar 28 The Hacker News
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
FOE Mar 28 The Hacker News
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
FOE Mar 28 The Hacker News
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
FOE Mar 27 EFF Deeplinks
US Tech Companies Must be Accountable in US Courts for Facilitating Persecution and Torture Abroad, EFF Urges US Supreme Court
FOE Mar 27 Sophos News
Incident responders, s'il vous plait: Invites lead to odd malware events
FOE Mar 27 Bleeping Computer
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
FOE Mar 27 CSO Online
European Commission data stolen in a cyberattack on the infrastructure hosting its web sites
FRIEND Mar 27 EPIC
EPIC Joins Amicus Brief Urging SCOTUS to Hold Wireless Carriers Accountable for Selling Customers’ Location Data
FRIEND Mar 27 EPIC
Reason Magazine: Trump Backs Section 702 Reauthorization After Once Calling To ‘KILL FISA’
FOE Mar 27 CSO Online
Lloyds Bank reveals how IT bug exposed transaction data
FRIEND Mar 27 The Hacker News
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
FOE Mar 27 The Hacker News
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
FOE Mar 27 Bleeping Computer
Fake VS Code alerts on GitHub spread malware to developers
FOE Mar 27 Dark Reading
China Upgrades the Backdoor It Uses to Spy on Telcos Globally
FOE Mar 27 SecurityWeek
Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account
FRIEND Mar 27 EPIC
EPIC Urges Amendments to Maryland Chatbots Bill
FRIEND Mar 27 Privacy International
Are IP addresses personal data?
FOE Mar 27 Dark Reading
Wartime Usage of Compromised IP Cameras Highlight Their Danger
FOE Mar 27 SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)
FOE Mar 27 SecurityWeek
In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
FRIEND Mar 27 Bleeping Computer
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
FOE Mar 27 The Hacker News
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
FRIEND Mar 27 SecurityWeek
OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
FOE Mar 27 The Register (Security)
AFC Ajax drops ball as flaws let hackers play admin with tickets and bans
FOE Mar 27 Bleeping Computer
European Commission investigating breach after Amazon cloud account hack
FOE Mar 27 Bleeping Computer
European Commission investigating breach after Amazon cloud hack
FOE Mar 27 CSO Online
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm
FOE Mar 27 The Hacker News
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
FRIEND Mar 27 Dark Reading
Google Sets 2029 Deadline for Quantum-Safe Cryptography
FOE Mar 27 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Mar 27 SecurityWeek
TP-Link Patches High-Severity Router Vulnerabilities
FOE Mar 27 The Register (Security)
Iran war drives urgent need  to counter underwater attack drones
FOE Mar 27 The Hacker News
We Are At War
FOE Mar 27 CSO Online
Cyberangriff auf die Linke
FOE Mar 27 SecurityWeek
RSAC 2026 Conference Announcements Summary (Days 3-4)
FRIEND Mar 27 Bleeping Computer
Anti-piracy coalition takes down AnimePlay app with 5 million users
FOE Mar 27 SecurityWeek
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
FOE Mar 27 The Hacker News
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
FRIEND Mar 27 CSO Online
8 steps CISOs can take to empower their teams
FOE Mar 27 SecurityWeek
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
FRIEND Mar 27 Bleeping Computer
Windows 11 KB5079391 update rolls out Smart App Control improvements
FOE Mar 27 Bleeping Computer
Dutch Police discloses security breach after phishing attack
FOE Mar 27 The Hacker News
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
FOE Mar 27 The Register (Security)
Security boffins scoured the web and found hundreds of valid API keys
FOE Mar 27 CSO Online
Was ist Social Engineering?
FOE Mar 27 Risky Business News
Risky Bulletin: Russia to use custom crypto-algorithm for its 5G network
FOE Mar 27 CSO Online
Google: The quantum apocalypse is coming sooner than we thought
FOE Mar 26 Ars Technica (Security)
Internet Yiff Machine: We hacked 93GB of "anonymous" crime tips
FOE Mar 26 Bleeping Computer
Ajax football club hack exposed fan data, enabled ticket hijack
FRIEND Mar 26 Dark Reading
Infrastructure Attacks With Physical Consequences Down 25%
FOE Mar 26 EFF Deeplinks
Traffic Violation! License Plate Reader Mission Creep Is Already Here
FOE Mar 26 Dark Reading
Coruna, DarkSword & Democratizing Nation-State Exploit Kits
FOE Mar 26 Dark Reading
Is the FCC's Router Ban the Wrong Fix?
FOE Mar 26 Dark Reading
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
FOE Mar 26 Bleeping Computer
CISA: New Langflow flaw actively exploited to hijack AI workflows
FOE Mar 26 Dark Reading
Critical Flaw in Langflow AI Platform Under Attack
FOE Mar 26 CSO Online
The CISO’s guide to responding to shadow AI
FOE Mar 26 EPIC
Yahoo Tech: I Review Routers for a Living. Don’t Buy a Router Right Now
FOE Mar 26 SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)
FOE Mar 26 The Hacker News
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
FRIEND Mar 26 Sophos News
The High Cost of Low Trust: Our Commitment to Radical Transparency
FRIEND Mar 26 EFF Deeplinks
Supreme Court Agrees With EFF: ISPs Don't Have To Be Copyright Enforcers
FOE Mar 26 Bleeping Computer
UK sanctions Xinbi marketplace linked to Asian scam centers
FRIEND Mar 26 Dark Reading
How Organizations Can Use Blunders to Level Up Their Security Programs
FOE Mar 26 Dark Reading
AI-Powered Dependency Decisions Introduce, Ignore Security Bugs
FOE Mar 26 Bleeping Computer
TikTok for Business accounts targeted in new phishing campaign
FOE Mar 26 SecurityWeek
Hightower Holding Data Breach Impacts 130,000
FRIEND Mar 26 Bleeping Computer
WhatsApp rolls out more AI features, iOS multi-account support
FOE Mar 26 Bleeping Computer
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
FOE Mar 26 SecurityWeek
BIND Updates Patch High-Severity Vulnerabilities
FOE Mar 26 The Hacker News
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
FOE Mar 26 Bleeping Computer
Coruna iOS exploit framework linked to Triangulation attacks
FOE Mar 26 SecurityWeek
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
FRIEND Mar 26 Bleeping Computer
Russia arrests suspected owner of LeakBase cybercrime forum
FRIEND Mar 26 CSO Online
Databricks pitches Lakewatch as a cheaper SIEM — but is it really?
FOE Mar 26 SecurityWeek
Cisco Patches Multiple Vulnerabilities in IOS Software
FOE Mar 26 Dark Reading
Intermediaries Driving Global Spyware Market Expansion
FOE Mar 26 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Mar 26 CISA Alerts
OpenCode Systems OC Messaging and USSD Gateway
FOE Mar 26 CISA Alerts
PTC Windchill Product Lifecycle Management
FOE Mar 26 CISA Alerts
WAGO GmbH & Co. KG Industrial Managed Switches
FOE Mar 26 The Hacker News
Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
FRIEND Mar 26 Bleeping Computer
Suspected RedLine infostealer malware admin extradited to US
FOE Mar 26 The Register (Security)
Brit lawmaker targeted by AI deepfake fails to get answers from US Big Tech
FOE Mar 26 The Hacker News
ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories
FOE Mar 26 CSO Online
GitHub phishers use fake OpenClaw tokens to drain crypto wallets
FOE Mar 26 The Hacker News
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
FOE Mar 26 The Hacker News
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
FOE Mar 26 Schneier on Security
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters
FOE Mar 26 SecurityWeek
Alleged RedLine Malware Administrator Extradited to US
FRIEND Mar 26 SecurityWeek
Dell and HP Roll Out Quantum-Resistant Device Security and AI-Era Cyber Resilience
FOE Mar 26 The Hacker News
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
FRIEND Mar 26 CSO Online
10 essenzielle Maßnahmen für physische Sicherheit
FOE Mar 26 The Register (Security)
Indian government probes CCTV espionage operation linked to Pakistan
FOE Mar 26 Risky Business News
Srsly Risky Biz: FBI Says Why Get a Warrant When You Have Kash
FOE Mar 25 CSO Online
New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
FRIEND Mar 25 Bleeping Computer
GitHub adds AI-powered bug detection to expand security coverage
FRIEND Mar 25 Dark Reading
At RSAC, the EU Leads While US Officials Are Sidelined
FOE Mar 25 Bleeping Computer
PolyShell attacks target 56% of all vulnerable Magento stores
FRIEND Mar 25 SANS Internet Storm Center
Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
FOE Mar 25 The Register (Security)
AI supply chain attacks don’t even require malware…just post poisoned documentation
FOE Mar 25 The Register (Security)
Scammers have virtual smartphones on speed dial for fraud
FOE Mar 25 Bleeping Computer
Bubble AI app builder abused to steal Microsoft account credentials
FRIEND Mar 25 The Register (Security)
Jen Easterly, cybersecurity's 'relentless optimist,' hopes feds come back to RSAC next year
FOE Mar 25 EPIC
Jury Finds Meta and Google Negligent in Landmark Social Media Addiction Case
FOE Mar 25 The Register (Security)
Only Trump can decide when cyberwar turns into real war
FOE Mar 25 Bleeping Computer
New Torg Grabber infostealer malware targets 728 crypto wallets
FOE Mar 25 CSO Online
Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service
FOE Mar 25 EPIC
The 33 Data Brokers Selling US Data to Foreign Actors, According to California
FOE Mar 25 EPIC
NPR: Your data is everywhere. The government is buying it without a warrant
FRIEND Mar 25 The Hacker News
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
FOE Mar 25 EFF Deeplinks
EFF Sues for Answers About Medicare's AI Experiment
FOE Mar 25 Privacy International
PI seeks to inform inquiry of UK Joint Committee on Human Rights on human rights and AI
FOE Mar 25 Sophos News
The Cybersecurity Trust Reality in 2026
FOE Mar 25 Dark Reading
Blame Game: Why Public Cyber Attribution Carries Risks
FRIEND Mar 25 SecurityWeek
Onit Security Raises $11 Million for Exposure Management Platform
FOE Mar 25 Bleeping Computer
Citrix urges admins to patch NetScaler flaws as soon as possible
FOE Mar 25 Ars Technica (Security)
Google bumps up Q Day estimate to 2029, far sooner than previously thought
FOE Mar 25 EFF Deeplinks
👓 Who's Really Watching What Smartglasses See? | EFFector 38.6
FOE Mar 25 Dark Reading
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam
FOE Mar 25 Dark Reading
SANS: Top 5 Most Dangerous New Attack Techniques to Watch
FRIEND Mar 25 SecurityWeek
Russian Cybercriminal Gets 2-Year Prison Sentence in US
FOE Mar 25 The Hacker News
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
FOE Mar 25 SecurityWeek
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link
FRIEND Mar 25 Dark Reading
Why a 'Near Miss' Database Is Key to Improving Information Sharing
FOE Mar 25 Bleeping Computer
Paid AI Accounts Are Now a Hot Underground Commodity
FOE Mar 25 Black Hills Information Security
Lessons From A Chatbot Incident
FRIEND Mar 25 SecurityWeek
iOS, macOS 26.4 Roll Out With Fresh Security Patches
FRIEND Mar 25 SecurityWeek
FCC Bans New Routers Made Outside the US Over National Security Risks
FRIEND Mar 25 Bleeping Computer
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
FOE Mar 25 Dark Reading
AI-Native Security Is a Must to Counter AI-Based Attacks
FRIEND Mar 25 The Intercept (Privacy)
How to Keep ICE Agents Out of Your Devices at Airports
FRIEND Mar 25 SecurityWeek
RSAC 2026 Conference Announcements Summary (Day 2)
FOE Mar 25 CSO Online
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
FOE Mar 25 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Mar 25 The Hacker News
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
FOE Mar 25 Dark Reading
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks
FOE Mar 25 SecurityWeek
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
FOE Mar 25 The Hacker News
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
FOE Mar 25 The Hacker News
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
FOE Mar 25 Bleeping Computer
TP-Link warns users to patch critical router auth bypass flaw
FOE Mar 25 CSO Online
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
FOE Mar 25 EFF Deeplinks
Digital Hopes, Real Power: Reflecting on the Legacy of the Arab Spring
FOE Mar 25 Schneier on Security
Sen. Wyden Warns of Another Section 702 Abuse
FOE Mar 25 Privacy International
Transparency and explainability for algorithmic decisions at work
FRIEND Mar 25 CSO Online
6 key trends reshaping the IAM market
FOE Mar 25 SecurityWeek
US Prisons Russian Access Broker for Aiding Ransomware Attacks
FOE Mar 25 CSO Online
AI is breaking traditional security models — Here’s where they fail first
FRIEND Mar 25 Bleeping Computer
Manager of botnet used in ransomware attacks gets 2 years in prison
FOE Mar 25 SecurityWeek
HackerOne Employee Data Exposed in Massive Navia Breach
FRIEND Mar 25 The Register (Security)
Enterprise PCs are unreliable, unpatched, and unloved compared to Macs
FRIEND Mar 25 The Hacker News
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
FRIEND Mar 25 Dark Reading
Iran Hacktivists Make Noise but Have Little Impact on War
FRIEND Mar 25 CSO Online
Empathie trifft IT-Sicherheit: Der Weg zu gelebter Compliance
FOE Mar 25 Risky Business News
Risky Bulletin: The Intellexa CEO is pissed!!!
FOE Mar 25 SANS Internet Storm Center
SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)
FOE Mar 25 Recorded Future Blog
ClickFix Campaigns Targeting Windows and macOS
FOE Mar 24 Bleeping Computer
PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
FRIEND Mar 24 Dark Reading
CSA Launches CSAI Foundation for AI Security
FOE Mar 24 Bleeping Computer
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
FOE Mar 24 Dark Reading
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit
FOE Mar 24 Dark Reading
How AI Coding Tools Crushed the Endpoint Security Fortress
FRIEND Mar 24 The Register (Security)
EFF has a new boss to lead the fight against privacy-sucking forces of doom
FRIEND Mar 24 EFF Deeplinks
Nicole Ozer Named as Electronic Frontier Foundation’s Executive Director
FRIEND Mar 24 Bleeping Computer
FCC bans new routers made outside the USA over security risks
FOE Mar 24 The Register (Security)
1K+ cloud environments infected following Trivy supply chain attack
FRIEND Mar 24 SecurityWeek
DoE Publishes 5-Year Energy Security Plan
FOE Mar 24 The Register (Security)
LiteLLM loses game of Trivy pursuit, gets compromised
FOE Mar 24 SecurityWeek
Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw
FOE Mar 24 The Hacker News
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
FOE Mar 24 SecurityWeek
Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector
FRIEND Mar 24 Bleeping Computer
Firefox now has a free built-in VPN with 50GB monthly data limit
FOE Mar 24 The Hacker News
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
FOE Mar 24 The Hacker News
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
FRIEND Mar 24 The Intercept (Privacy)
Palantir Will No Longer Profit Off of New Yorkers’ Health Data
FRIEND Mar 24 SecurityWeek
RSAC 2026 Conference Announcements Summary (Day 1)
FRIEND Mar 24 Bleeping Computer
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
FOE Mar 24 Dark Reading
GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead
FOE Mar 24 EFF Deeplinks
Digital Hopes, Real Power: From Revolution to Regulation
FOE Mar 24 Bleeping Computer
Zero Trust: Bridging the Gap Between Authentication and Trust
FOE Mar 24 Bleeping Computer
HackerOne discloses employee data breach after Navia hack
FOE Mar 24 SANS Internet Storm Center
Detecting IP KVMs, (Tue, Mar 24th)
FOE Mar 24 SecurityWeek
Extortion Group Claims It Hacked AstraZeneca
FOE Mar 24 Bleeping Computer
Infinite Campus warns of breach after ShinyHunters claims data theft
FOE Mar 24 CSO Online
DDoS-Angriffe haben sich verdoppelt
FOE Mar 24 EFF Deeplinks
UK Politicians Continue to Miss the Point in Latest Social Media Ban Proposal
FRIEND Mar 24 SecurityWeek
Chrome 146 Update Patches High-Severity Vulnerabilities
FRIEND Mar 24 CSO Online
HP launches TPM Guard to help defeat physical TPM attacks
FOE Mar 24 The Register (Security)
HackerOne slams supplier for delayed breach notice after staff data exposed
FRIEND Mar 24 Dark Reading
How a Large Bank Uses AI Digital Twins for Threat Hunting
FOE Mar 24 Sophos News
The global CISO landscape: A leadership gap too large to ignore
FOE Mar 24 Bleeping Computer
Yanluowang ransomware access broker gets 81 months in prison
FOE Mar 24 Ars Technica (Security)
Self-propagating malware poisons open source software and wipes Iran-based machines
FRIEND Mar 24 SecurityWeek
Webinar Today: Putting CIS Controls and Benchmarks into Practice
FRIEND Mar 24 Dark Reading
Microsoft Proposes Better Identity, Guardrails for AI Agents
FOE Mar 24 SecurityWeek
3.1 Million Impacted by QualDerm Data Breach
FRIEND Mar 24 The Register (Security)
Country that put backdoors into Cisco routers to spy on world bans foreign routers
FOE Mar 24 SecurityWeek
Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool
FOE Mar 24 Bleeping Computer
Dutch Ministry of Finance discloses breach affecting employees
FOE Mar 24 CISA Alerts
Pharos Controls Mosaic Show Controller
FOE Mar 24 CISA Alerts
Grassroots DICOM (GDCM)
FOE Mar 24 CISA Alerts
Schneider Electric EcoStruxure Foxboro DCS
FOE Mar 24 CISA Alerts
Schneider Electric Plant iT/Brewmaxx
FOE Mar 24 The Hacker News
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
FOE Mar 24 CSO Online
New ‘StoatWaffle’ malware auto‑executes attacks on developers
FRIEND Mar 24 The Hacker News
5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
FOE Mar 24 The Register (Security)
Russian initial access broker who fed ransomware crews gets 81 months in US prison
FOE Mar 24 SecurityWeek
Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
FRIEND Mar 24 Schneier on Security
Team Mirai and Democracy
FOE Mar 24 SecurityWeek
Mazda Says Employee, Partner Information Stolen in Cyberattack
FOE Mar 24 The Hacker News
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
FOE Mar 24 SecurityWeek
Stryker Says Malicious File Found During Probe Into Iran-Linked Attack
FOE Mar 24 CSO Online
Autonomous AI adoption is on the rise, but it’s risky
FOE Mar 24 The Hacker News
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
FRIEND Mar 24 CSO Online
Streamline physical security to enable data center growth in the era of AI
FRIEND Mar 24 CSO Online
Why CISOs should embrace AI honeypots
FOE Mar 24 The Hacker News
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
FOE Mar 24 The Hacker News
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
FRIEND Mar 24 CSO Online
ISO und ISMS: Darum gehen Security-Zertifizierungen schief
FRIEND Mar 24 CSO Online
Palo Alto updates security platform to discover AI agents
FRIEND Mar 24 Sophos News
Sophos Firewall ranked the #1 overall firewall solution in G2’s Spring 2026 reports
FRIEND Mar 24 Sophos News
Cybersecurity for Education – Sophos Protected Classroom
FOE Mar 23 Bleeping Computer
OpenAI rolls out ChatGPT Library to store your personal files
FRIEND Mar 23 EPIC
EPIC Testifies in Support of D.C.’s Proposed Personal Health Data Security Amendment Act
FOE Mar 23 The Register (Security)
Claude attacks were 'Rorschach test' for infosec community, scaring former NSA boss
FOE Mar 23 Bleeping Computer
Mazda discloses security breach exposing employee and partner data
FOE Mar 23 Dark Reading
AI in the SOC: What Could Go Wrong?
FRIEND Mar 23 The Register (Security)
Public-private partnerships vital in disrupting China's Typhoons, says RSA panel with no government speakers
FOE Mar 23 Bleeping Computer
Tycoon2FA phishing platform returns after recent police disruption
FOE Mar 23 Dark Reading
Trivy Supply Chain Attack Targets CI/CD Secrets
FOE Mar 23 Dark Reading
Ransomware's New Era: Moving at AI Speed
FOE Mar 23 Ars Technica (Security)
After hackers hit an Iowa company, cars around the country failed to start
FOE Mar 23 The Register (Security)
Lightning-fast exploits make it essential to patch fast, ask questions later
FRIEND Mar 23 SANS Internet Storm Center
Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)
FRIEND Mar 23 Dark Reading
CISOs Debate Human Role in AI-Powered Security
FOE Mar 23 Bleeping Computer
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
FOE Mar 23 Bleeping Computer
Crunchyroll probes breach after hacker claims to steal 6.8M users' data
FOE Mar 23 The Hacker News
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
FOE Mar 23 EPIC
Portland Press Herald: Portland Sea Dogs, Maine Mariners worry about Democratic legislative priority
FOE Mar 23 Bleeping Computer
Trivy supply-chain attack spreads to Docker, GitHub repos
FRIEND Mar 23 SecurityWeek
RSAC 2026 Conference Announcements Summary (Pre-Event)
FOE Mar 23 Krebs on Security
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
FOE Mar 23 CSO Online
Faster attacks and ‘recovery denial’ ransomware reshape threat landscape
FOE Mar 23 Dark Reading
Attackers Hide Infostealer in Copyright Infringement Notices
FRIEND Mar 23 The Register (Security)
Google unleashes Gemini AI agents on the dark web
FOE Mar 23 The Register (Security)
Smooth criminals talking their way into cloud environments, Google says
FOE Mar 23 SecurityWeek
M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds
FOE Mar 23 SecurityWeek
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware
FRIEND Mar 23 Bleeping Computer
Varonis Atlas: Securing AI and the Data That Powers It
FOE Mar 23 SecurityWeek
Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
FOE Mar 23 The Hacker News
⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
FOE Mar 23 The Register (Security)
US chip testing firm shrugged off ransomware hit as minor - then came the data leak
FOE Mar 23 The Register (Security)
RSAC 2026: Uncle Sam backs out, and AI agents are everywhere
FOE Mar 23 Bleeping Computer
Microsoft Exchange Online service change causes email access issues
FRIEND Mar 23 NIST Cybersecurity Insights
Reflections from the Second NIST Cyber AI Profile Workshop
FOE Mar 23 Sophos News
NICKEL ALLEY strategy: Fake it 'til you make it
FOE Mar 23 The Hacker News
We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
FOE Mar 23 CSO Online
Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies
FOE Mar 23 The Register (Security)
Microsoft fixes broken Windows update days after vowing fewer broken updates
FOE Mar 23 SecurityWeek
QNAP Patches Four Vulnerabilities Exploited at Pwn2Own
FOE Mar 23 Schneier on Security
Microsoft Xbox One Hacked
FOE Mar 23 The Hacker News
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
FOE Mar 23 SecurityWeek
Tycoon 2FA Fully Operational Despite Law Enforcement Takedown
FOE Mar 23 The Register (Security)
The drone swarm is coming, and NATO air defenses are too expensive to cope
FOE Mar 23 Bleeping Computer
FBI warns of Handala hackers using Telegram in malware attacks
FOE Mar 23 CSO Online
Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire
FOE Mar 23 The Intercept (Privacy)
Democrats Might Save Mike Johnson’s Push to Give Trump Domestic Spying Power
FOE Mar 23 CSO Online
Why US companies must be ready for quantum by 2030: A practical roadmap
FOE Mar 23 Bleeping Computer
CISA orders feds to patch DarkSword iOS flaws exploited attacks
FOE Mar 23 The Hacker News
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
FRIEND Mar 23 Bleeping Computer
New KB5085516 emergency update fixes Microsoft account sign-in
FOE Mar 23 CSO Online
The insider threat rises again
FOE Mar 23 The Hacker News
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
FOE Mar 23 SecurityWeek
Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability
FOE Mar 23 Risky Business News
Risky Bulletin: GitHub is starting to have a real malware problem
FRIEND Mar 23 Sophos News
High-Five: Sophos Ranked Number 1 Overall in Endpoint, EDR, XDR, MDR, and Firewall in the G2 Spring 2026 Reports
FOE Mar 23 Sophos News
Oracle vulnerability (CVE-2026-21992) impacts core products
FOE Mar 23 Sophos News
NICKEL ALLEY strategy: Fake it ‘til you make it
FOE Mar 22 The Register (Security)
Russians are posing as Signal support to launch phishing attacks
FOE Mar 22 Bleeping Computer
VoidStealer malware steals Chrome master key via debugger trick
FRIEND Mar 22 Dark Reading
AI Dominates RSAC Innovation Sandbox
FOE Mar 21 Bleeping Computer
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
FRIEND Mar 21 Bleeping Computer
Google adds ‘Advanced Flow’ for safe APK sideloading on Android
FOE Mar 21 Bleeping Computer
Microsoft Azure Monitor alerts abused in callback phishing campaigns
FOE Mar 21 The Hacker News
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
FOE Mar 21 SecurityWeek
Critical Quest KACE Vulnerability Potentially Exploited in Attacks
FOE Mar 21 The Hacker News
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
FOE Mar 21 The Hacker News
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
FOE Mar 21 The Hacker News
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
FOE Mar 21 CSO Online
Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
FOE Mar 21 CSO Online
Are nations ready to be the cybersecurity insurers of last resort?
FOE Mar 20 EFF Deeplinks
Congress Is Dropping the Ball with a Clean Extension of FISA
FOE Mar 20 The Register (Security)
Cryptographers engage in war of words over RustSec bug reports and subsequent ban
FRIEND Mar 20 Schneier on Security
Friday Squid Blogging: Jumbo Flying Squid in the South Pacific
FOE Mar 20 Ars Technica (Security)
Widely used Trivy scanner compromised in ongoing supply-chain attack
FOE Mar 20 Bleeping Computer
FBI links Signal phishing attacks to Russian intelligence services
FOE Mar 20 Dark Reading
Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw
FOE Mar 20 Bleeping Computer
Oracle pushes emergency fix for critical Identity Manager RCE flaw
FRIEND Mar 20 CSO Online
Water utilities strengthen cybersecurity through cooperation
FOE Mar 20 The Hacker News
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
FOE Mar 20 EPIC
White House AI Framework Protects AI Companies, Not People
FRIEND Mar 20 Bleeping Computer
Police take down 373,000 fake CSAM sites in Operation Alice
FOE Mar 20 CSO Online
Stop using AI to submit bug reports, says Google
FOE Mar 20 Dark Reading
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
FOE Mar 20 SecurityWeek
In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
FOE Mar 20 The Hacker News
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
FOE Mar 20 Bleeping Computer
CISA orders feds to patch max-severity Cisco flaw by Sunday
FOE Mar 20 SecurityWeek
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
FOE Mar 20 Bleeping Computer
How CISOs Can Survive the Era of Geopolitical Cyberattacks
FOE Mar 20 The Register (Security)
UK police force presses pause on live facial recognition after study finds racial bias
FRIEND Mar 20 SecurityWeek
Eclypsium Raises $25 Million for Device Supply Chain Security
FRIEND Mar 20 The Register (Security)
Feds disrupt monster IoT botnets behind record-breaking DDoS attacks
FOE Mar 20 Dark Reading
Interlock Ransomware Targets Cisco Enterprise Firewalls
FOE Mar 20 The Register (Security)
Jaguar Land Rover's cyber bailout sets worrying precedent, watchdog warns
FOE Mar 20 SecurityWeek
US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
FOE Mar 20 CISA Alerts
Russian Intelligence Services Target Commercial Messaging Application Accounts
FRIEND Mar 20 NIST Cybersecurity Insights
All aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.
FOE Mar 20 CISA Alerts
CISA Adds Five Known Exploited Vulnerabilities to Catalog
FRIEND Mar 20 CSO Online
DDoS-Attacken: Schlag gegen internationale Cyberkriminelle
FRIEND Mar 20 SecurityWeek
Cape Raises $100 Million for Protection Against Cellular Security Threats
FOE Mar 20 Schneier on Security
Proton Mail Shared User Information with the Police
FOE Mar 20 SecurityWeek
Navia Data Breach Impacts 2.7 Million
FRIEND Mar 20 The Hacker News
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
FOE Mar 20 SecurityWeek
Thousands of Magento Sites Hit in Ongoing Defacement Campaign
FOE Mar 20 The Register (Security)
Starmer's digital ID reboot raises same old questions as its Blair-era ancestor
FOE Mar 20 The Hacker News
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
FOE Mar 20 Bleeping Computer
Musician admits to $10M streaming royalty fraud using AI bots
FOE Mar 20 The Hacker News
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
FRIEND Mar 20 SecurityWeek
Allure Security Raises $17 Million for Online Brand Protection
FOE Mar 20 The Intercept (Privacy)
Data Centers Are Military Targets Now
FOE Mar 20 SANS Internet Storm Center
GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
FOE Mar 20 SecurityWeek
Critical Langflow Vulnerability Exploited Hours After Public Disclosure
FRIEND Mar 20 Bleeping Computer
International joint action disrupts world’s largest DDoS botnets
FOE Mar 20 Bleeping Computer
Microsoft: March Windows updates break Teams, OneDrive sign-ins
FRIEND Mar 20 SecurityWeek
Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
FRIEND Mar 20 The Register (Security)
While you're here, could you go out of your way to do an impossible job?
FOE Mar 20 CSO Online
The espionage reality: Your infrastructure is already in the collection path
FOE Mar 20 Bleeping Computer
Ex-data analyst stole company data in $2.5M extortion scheme
FRIEND Mar 20 The Hacker News
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
FOE Mar 20 The Hacker News
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
FRIEND Mar 20 CSO Online
Die besten IAM-Tools
FRIEND Mar 20 Risky Business News
Risky Bulletin: AWS kills bucketsquatting
FRIEND Mar 20 Krebs on Security
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
FOE Mar 20 Sophos News
The global CISO landscape: A leadership gap too large to ignore
FOE Mar 19 CSO Online
CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group
FOE Mar 19 CSO Online
That cheap KVM device could expose your network to remote compromise
FOE Mar 19 Dark Reading
AI Conundrum: Why MCP Security Can't Be Patched Away
FOE Mar 19 Bleeping Computer
Navia discloses data breach impacting 2.7 million people
FRIEND Mar 19 Dark Reading
With Government's Role Uncertain, Businesses Unite to Combat Fraud
FOE Mar 19 Ars Technica (Security)
Millions of iPhones can be hacked with a new tool found in the wild
FRIEND Mar 19 Dark Reading
Native Launches With Security Control Plane for Multicloud
FOE Mar 19 Bleeping Computer
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
FOE Mar 19 The Hacker News
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
FOE Mar 19 The Register (Security)
Unknown attackers exploit yet another critical SharePoint bug
FOE Mar 19 EPIC
EPIC Endorses Bipartisan Government Surveillance Reform Act to Rein in Runaway Warrantless Surveillance
FOE Mar 19 The Hacker News
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
FRIEND Mar 19 EPIC
EPIC Urges House Financial Services Committee to Protect Financial Privacy
FOE Mar 19 The Register (Security)
Google gives Android users a way to install unverified apps if they prove they really, really want to
FOE Mar 19 CSO Online
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
FRIEND Mar 19 SecurityWeek
Oasis Security Raises $120 Million for Agentic Access Management
FRIEND Mar 19 Dark Reading
Post-Quantum Web Could be Safer, Faster
FRIEND Mar 19 SecurityWeek
1stProtect Emerges From Stealth With $20 Million in Funding
FOE Mar 19 SecurityWeek
Critical ScreenConnect Vulnerability Exposes Machine Keys
FRIEND Mar 19 SecurityWeek
Privacy Platform Cloaked Raises $375M to Expand Enterprise Reach
FOE Mar 19 Ars Technica (Security)
Google details new 24-hour process to sideload unverified Android apps
FOE Mar 19 Bleeping Computer
Bitrefill blames North Korean Lazarus group for cyberattack
FOE Mar 19 CSO Online
Beijing wants its own quantum-resistant encryption standards rather than adopt NIST’s
FOE Mar 19 Sophos News
Android devices ship with firmware-level malware
FOE Mar 19 Bleeping Computer
FBI seizes Handala data leak site after Stryker cyberattack
FOE Mar 19 The Register (Security)
Lock down Microsoft Intune, feds warn after Stryker attack
FOE Mar 19 SecurityWeek
Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury
FOE Mar 19 SecurityWeek
Marquis Data Breach Affects 672,000 Individuals
FOE Mar 19 Bleeping Computer
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
FOE Mar 19 CSO Online
Telnet vulnerability opens door to remote code execution as root
FOE Mar 19 The Hacker News
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
FOE Mar 19 SecurityWeek
Security Firm Aura Discloses Data Breach Impacting 900,000 Records
FOE Mar 19 Bleeping Computer
7 Ways to Prevent Privilege Escalation via Password Resets
FRIEND Mar 19 SecurityWeek
Hacker Conversations: Ben Harris, from Unintentional Young Hacker to Intentional Adult CEO
FOE Mar 19 SecurityWeek
Russian APT Exploits Zimbra Vulnerability Against Ukraine
FOE Mar 19 Bleeping Computer
Max severity Ubiquiti UniFi flaw may allow account takeover
FOE Mar 19 CSO Online
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
FOE Mar 19 The Hacker News
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
FOE Mar 19 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Mar 19 CISA Alerts
Schneider Electric EcoStruxure Automation Expert
FOE Mar 19 CISA Alerts
Schneider Electric Modicon M241, M251, and M262
FOE Mar 19 CISA Alerts
Mitsubishi Electric CNC Series
FOE Mar 19 CISA Alerts
CTEK Chargeportal
FOE Mar 19 CISA Alerts
Automated Logic WebCTRL Premium Server
FOE Mar 19 CISA Alerts
IGL-Technologies eParking.fi
FOE Mar 19 CISA Alerts
Schneider Electric EcoStruxure PME and EPO
FOE Mar 19 CISA Alerts
Schneider Electric Modicon Controllers M241, M251, M258, and LMC058
FOE Mar 19 Bleeping Computer
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
FOE Mar 19 The Hacker News
How Ceros Gives Security Teams Visibility and Control in Claude Code
FRIEND Mar 19 SecurityWeek
Raven Emerges From Stealth With $20 Million in Funding
FOE Mar 19 Bleeping Computer
New ‘Perseus’ Android malware checks user notes for secrets
FOE Mar 19 Bleeping Computer
Critical Microsoft SharePoint flaw now exploited in attacks
FOE Mar 19 CSO Online
5 key priorities for your RSAC 2026 agenda
FOE Mar 19 CSO Online
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
FOE Mar 19 Schneier on Security
Hacking a Robot Vacuum
FOE Mar 19 SecurityWeek
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
FOE Mar 19 The Hacker News
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
FOE Mar 19 CSO Online
Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference
FOE Mar 19 SecurityWeek
Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
FOE Mar 19 Dark Reading
EU Sanctions Companies in China, Iran for Cyberattacks
FOE Mar 19 CSO Online
Anthropic ban heralds new era of supply chain risk — with no clear playbook
FOE Mar 19 The Hacker News
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
FRIEND Mar 19 CSO Online
Cloud Access Security Broker – ein Kaufratgeber
FOE Mar 19 Risky Business News
Srsly Risky Biz: Successful War Leaves Iran With One Option, Cyber
FOE Mar 19 SANS Internet Storm Center
Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
FOE Mar 19 Sophos News
Android devices ship with firmware-level malware
FOE Mar 19 Recorded Future Blog
2025 Year in Review: Malicious, Infrastructure
FRIEND Mar 18 The Register (Security)
Okta made a nightmare micromanager for your AI agents
FOE Mar 18 Bleeping Computer
Aura confirms data breach exposing 900,000 marketing contacts
FOE Mar 18 The Register (Security)
State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns
FOE Mar 18 Dark Reading
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
FOE Mar 18 Dark Reading
C2 Implant 'SnappyClient' Targets Crypto Wallets
FOE Mar 18 Bleeping Computer
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
FOE Mar 18 SecurityWeek
The Collapse of Predictive Security in the Age of Machine-Speed Attacks
FOE Mar 18 Bleeping Computer
ConnectWise patches new flaw allowing ScreenConnect hijacking
FRIEND Mar 18 SecurityWeek
Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
FOE Mar 18 The Register (Security)
Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure
FOE Mar 18 The Hacker News
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
FOE Mar 18 Bleeping Computer
Ransomware gang exploits Cisco flaw in zero-day attacks since January
FOE Mar 18 The Hacker News
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
FRIEND Mar 18 SecurityWeek
Cloud Security Startup Native Exits Stealth With $42 Million in Funding
FOE Mar 18 Bleeping Computer
Marquis: Ransomware gang stole data of 672K people in cyberattack
FOE Mar 18 SecurityWeek
‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
FOE Mar 18 Dark Reading
'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft
FOE Mar 18 SecurityWeek
Virtual Summit Today: Supply Chain & Third-Party Risk Summit
FOE Mar 18 SecurityWeek
EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
FOE Mar 18 EPIC
Senators Demand Answers on Meta’s Plans for Facial Recognition ‘Smart’ Glasses, Following NYT Report and EPIC Letters
FOE Mar 18 Bleeping Computer
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
FOE Mar 18 Bleeping Computer
New “Darksword” iOS exploit used in infostealer attack on iPhones
FRIEND Mar 18 Black Hills Information Security
How to Lead Effective Tabletops
FOE Mar 18 SecurityWeek
Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches
FRIEND Mar 18 SecurityWeek
Manifold Raises $8 Million for AI Detection and Response
FOE Mar 18 The Register (Security)
North Korea's 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un
FOE Mar 18 Bleeping Computer
Nordstrom's email system abused to send crypto scams to customers
FOE Mar 18 SANS Internet Storm Center
Scans for "adminer", (Wed, Mar 18th)
FOE Mar 18 Dark Reading
Meta, TikTok Steal Personal & Financial Info When Users Click Ads
FOE Mar 18 Dark Reading
SideWinder Espionage Campaign Expands Across Southeast Asia
FOE Mar 18 SecurityWeek
Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
FRIEND Mar 18 SecurityWeek
Apple Debuts Background Security Improvements With Fresh WebKit Patches
FRIEND Mar 18 The Register (Security)
Britain's satellite-watching gap to be plugged with £17.5M eyeball in Cyprus
FOE Mar 18 CISA Alerts
CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization
FOE Mar 18 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Mar 18 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FRIEND Mar 18 CSO Online
Reco targets AI agent blind spots with new security capability
FOE Mar 18 The Hacker News
Claude Code Security and Magecart: Getting the Threat Model Right
FOE Mar 18 The Hacker News
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
FOE Mar 18 Schneier on Security
Meta’s AI Glasses and Privacy
FOE Mar 18 SecurityWeek
Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch
FOE Mar 18 CSO Online
BSI moniert Software-Sicherheit im Gesundheitswesen
FRIEND Mar 18 The Hacker News
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
FRIEND Mar 18 EPIC
PRESS RELEASE: FTC Should Develop Privacy-Protective Age Assurance Standards, Leading Orgs Say
FOE Mar 18 CSO Online
Can you prove the person on the other side is real?
FOE Mar 18 CSO Online
ClickFix treibt neue Infostealer-Kampagnen an
FOE Mar 18 CSO Online
Cybersecurity and privacy priorities for 2026: The legal risk map
FOE Mar 18 The Hacker News
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
FOE Mar 18 The Register (Security)
Iran's cyberattack against med tech firm is 'just the beginning'
FOE Mar 18 CSO Online
CISOs rethink their data protection strategies
FRIEND Mar 18 The Hacker News
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
FOE Mar 18 The Hacker News
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
FRIEND Mar 18 The Register (Security)
Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
FRIEND Mar 18 CSO Online
Die besten Hacker-Filme
FOE Mar 18 The Register (Security)
Japan to allow ‘proactive cyber-defense’ from October 1st
FOE Mar 18 Risky Business News
Risky Bulletin: EU finally imposes more cyber sanctions
FOE Mar 18 Bleeping Computer
Apple pushes first Background Security Improvements update to fix WebKit flaw
FOE Mar 17 Dark Reading
More Attackers Are Logging In, Not Breaking In
FOE Mar 17 Bleeping Computer
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
FRIEND Mar 17 Dark Reading
Clear Communication: The Missing Link in Cybersecurity Success
FOE Mar 17 Dark Reading
Less Lucrative Ransomware Market Makes Attackers Alter Methods
FRIEND Mar 17 Ars Technica (Security)
How World ID wants to put a unique human identity on every AI agent
FOE Mar 17 The Register (Security)
World<s>Coin</s>'s newest pitch: Scan your eyeballs to prove AI agents really represent you
FOE Mar 17 EPIC
EPIC Joins Coalition to Urge OpenAI to Withdraw California AI Safety Ballot Initiative
FOE Mar 17 Dark Reading
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish
FRIEND Mar 17 CSO Online
Nvidia NemoClaw promises to run OpenClaw agents securely
FOE Mar 17 The Intercept (Privacy)
Trump Wants to Put You in a Massive, Secret Government Database
FOE Mar 17 Bleeping Computer
Europe sanctions Chinese and Iranian firms for cyberattacks
FOE Mar 17 Ars Technica (Security)
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
FOE Mar 17 The Hacker News
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
FOE Mar 17 The Register (Security)
EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach
FRIEND Mar 17 SecurityWeek
Tech Giants Invest $12.5 Million in Open Source Security
FOE Mar 17 SecurityWeek
UK Companies House Exposed Details of Millions of Firms
FOE Mar 17 Dark Reading
Warlock Ransomware Group Augments Post-Exploitation Activities
FOE Mar 17 The Hacker News
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
FRIEND Mar 17 SecurityWeek
Surf AI Raises $57 Million for Agentic Security Operations Platform
FOE Mar 17 Bleeping Computer
Top 5 Things CISOs Need to Do Today to Secure AI Agents
FOE Mar 17 Bleeping Computer
New font-rendering trick hides malicious commands from AI tools
FRIEND Mar 17 Bleeping Computer
Microsoft stops force-installing the Microsoft 365 Copilot app
FOE Mar 17 SecurityWeek
Robotic Surgery Giant Intuitive Discloses Cyberattack
FOE Mar 17 CSO Online
Cyber-Attacken fluten Eon-Netz: Angriffe verzehnfacht
FOE Mar 17 SecurityWeek
174 Vulnerabilities Targeted by RondoDox Botnet
FRIEND Mar 17 SecurityWeek
Google, Meta, Microsoft Among Signatories of Pact to Combat Scams
FOE Mar 17 Bleeping Computer
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
FRIEND Mar 17 Bleeping Computer
Microsoft shares fix for Windows C: drive access issues on Samsung PCs
FOE Mar 17 CISA Alerts
Schneider Electric SCADAPack and RemoteConnect
FOE Mar 17 CISA Alerts
Schneider Electric EcoStruxure Data Center Expert
FOE Mar 17 CISA Alerts
Siemens SICAM SIAPP SDK
FOE Mar 17 CISA Alerts
CODESYS in Festo Automation Suite
FRIEND Mar 17 SecurityWeek
Tracebit Raises $20M for Cloud-Native Deception Technology
FOE Mar 17 SANS Internet Storm Center
IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
FOE Mar 17 The Hacker News
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
FOE Mar 17 CSO Online
AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch
FRIEND Mar 17 Bleeping Computer
New Windows 11 hotpatch fixes Bluetooth device visibility issue
FOE Mar 17 SecurityWeek
CISA Flags Year-Old Wing FTP Vulnerability as Exploited
FOE Mar 17 Bleeping Computer
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
FOE Mar 17 SecurityWeek
AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks
FOE Mar 17 Schneier on Security
South Korean Police Accidentally Post Cryptocurrency Wallet Password
FOE Mar 17 The Hacker News
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
FOE Mar 17 The Register (Security)
Too big to ignore, too small to be served: the midmarket security gap
FRIEND Mar 17 The Register (Security)
Switzerland built a secure alternative to BGP. The rest of the world hasn't noticed yet
FRIEND Mar 17 EFF Deeplinks
Bonus Podcast Episode: Privacy’s Defender - Cindy Cohn with Cory Doctorow
FOE Mar 17 CSO Online
Runtime: The new frontier of AI agent security
FOE Mar 17 The Hacker News
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
FOE Mar 17 The Register (Security)
Gartner suggests Friday afternoon Copilot ban because users may be too lazy to check its mistakes
FRIEND Mar 17 CSO Online
6 Risk-Assessment-Frameworks im Vergleich
FOE Mar 17 CSO Online
Was ist ein Keylogger?
FRIEND Mar 17 The Register (Security)
Bank built its own threat hunting agent because vendors can’t keep pace with new threats
FOE Mar 17 Dark Reading
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
FOE Mar 16 Dark Reading
GlassWorm Malware Evolves to Hide in Dependencies
FOE Mar 16 EPIC
The Associated Press: Tax scams are on the rise. Here’s what to know
FRIEND Mar 16 Dark Reading
Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026
FOE Mar 16 The Register (Security)
Robotics surgical biz Intuitive discloses phishing attack
FOE Mar 16 The Hacker News
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
FRIEND Mar 16 EPIC
EPIC Testifies in Support of Colorado Bill on Surveillance Pricing and Wages
FOE Mar 16 EFF Deeplinks
Blocking the Internet Archive Won’t Stop AI, But It Will Erase the Web’s Historical Record
FOE Mar 16 Bleeping Computer
Stryker attack wiped tens of thousands of devices, no malware needed
FOE Mar 16 The Register (Security)
Cybercrime has skyrocketed 245% since the start of the Iran war
FOE Mar 16 Bleeping Computer
CISA flags Wing FTP Server flaw as actively exploited in attacks
FOE Mar 16 Bleeping Computer
UK’s Companies House confirms security flaw exposed business data
FOE Mar 16 The Register (Security)
AI finally delivers those elusive productivity gains... for cybercriminals
FOE Mar 16 Bleeping Computer
Microsoft Exchange Online outage blocks access to mailboxes
FOE Mar 16 SecurityWeek
Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact
FOE Mar 16 SecurityWeek
Security Firm Executive Targeted in Sophisticated Phishing Attack
FOE Mar 16 The Hacker News
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
FOE Mar 16 Dark Reading
Attackers Abuse LiveChat to Phish Credit Card, Personal Data
FOE Mar 16 Bleeping Computer
Shadow AI is everywhere. Here’s how to find and secure it.
FOE Mar 16 SANS Internet Storm Center
/proxy/ URL scans with IP addresses, (Mon, Mar 16th)
FOE Mar 16 SecurityWeek
China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
FOE Mar 16 SecurityWeek
Threat Actor Targeting VPN Users in New Credential Theft Campaign
FOE Mar 16 The Register (Security)
Flaw in UK's corporate registry let directors rummage through rival records
FOE Mar 16 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FRIEND Mar 16 The Hacker News
Why Security Validation Is Becoming Agentic
FOE Mar 16 SecurityWeek
ForceMemo: Python Repositories Compromised in GlassWorm Aftermath
FOE Mar 16 The Hacker News
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
FOE Mar 16 CSO Online
Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse
FOE Mar 16 CSO Online
Nine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at risk
FOE Mar 16 Schneier on Security
Possible New Result in Quantum Factorization
FOE Mar 16 The Hacker News
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
FOE Mar 16 SecurityWeek
Hacking Attempt Reported at Poland’s Nuclear Research Center
FRIEND Mar 16 CSO Online
What it takes to win that CSO role
FOE Mar 16 CSO Online
ClickFix techniques evolve in new infostealer campaigns
FRIEND Mar 16 The Hacker News
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
FRIEND Mar 16 CSO Online
GenAI-Security als Checkliste
FOE Mar 16 Risky Business News
Risky Bulletin: Meta disrupts Mexican cartels
FOE Mar 16 Recorded Future Blog
2025 Identity Threat Landscape Report: Inside the Infostealer Economy: Credential Threats in 2025
FOE Mar 15 The Register (Security)
Outsourcer Telus admits to attack – may have lost a petabyte of data to ShinyHunters
FRIEND Mar 15 Bleeping Computer
OpenAI says ChatGPT ads are not rolling out globally for now
FOE Mar 15 EPIC
The Guardian: Hacked data shines light on homeland security’s AI surveillance ambitions
FOE Mar 15 EFF Deeplinks
The Foilies 2026
FRIEND Mar 15 Bleeping Computer
Betterleaks, a new open-source secrets scanner to replace Gitleaks
FOE Mar 15 SecurityWeek
Loblaw Data Breach Impacts Customer Information
FOE Mar 15 The Intercept (Privacy)
Crypto Spends Big in Illinois House Races to Say Consumer Rights Supporters Are Corrupt
FRIEND Mar 14 Bleeping Computer
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
FOE Mar 14 The Hacker News
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
FRIEND Mar 14 Schneier on Security
Upcoming Speaking Engagements
FOE Mar 14 Bleeping Computer
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
FOE Mar 14 The Hacker News
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
FOE Mar 14 SecurityWeek
Critical HPE AOS-CX Vulnerability Allows Admin Password Resets
FOE Mar 14 SANS Internet Storm Center
SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)
FOE Mar 13 Bleeping Computer
Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
FRIEND Mar 13 Schneier on Security
Friday Squid Blogging: Increased Squid Population in the Falklands
FOE Mar 13 Bleeping Computer
FBI seeks victims of Steam games used to spread malware
FOE Mar 13 Ars Technica (Security)
Supply-chain attack using invisible code hits GitHub and other repositories
FOE Mar 13 EPIC
League of Women Voters, EPIC Urge Court to Protect Privacy and Voting Rights by Reversing Illegal Overhaul of SAVE System
FOE Mar 13 CSO Online
Google warns of two actively exploited Chrome zero days
FOE Mar 13 Dark Reading
Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos
FRIEND Mar 13 EPIC
EPIC Testifies in Support of Maryland Chatbots Bill
FRIEND Mar 13 EFF Deeplinks
EFF Launches New Fight to Free the Law
FOE Mar 13 Dark Reading
The Data Gap: Why Nonprofit Cyber Incidents Go Underreported
FOE Mar 13 The Hacker News
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
FOE Mar 13 The Register (Security)
Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
FOE Mar 13 Dark Reading
Cyberattackers Don't Care About Good Causes
FRIEND Mar 13 Bleeping Computer
Poland's nuclear research centre targeted by cyberattack
FOE Mar 13 The Hacker News
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
FOE Mar 13 Bleeping Computer
Microsoft investigates classic Outlook sync and connection issues
FOE Mar 13 EPIC
In McCarthy v. Amazon, Ninth Circuit Allows “Suicide Kit” Lawsuits Against Amazon to Proceed
FOE Mar 13 Sophos News
Initial access techniques used by Iran-based threat actors
FOE Mar 13 CSO Online
Cyber criminals too are working from home… your home
FOE Mar 13 Dark Reading
Will AI Save Consumers From Smartphone-Based Phishing Attacks?
FOE Mar 13 SecurityWeek
Starbucks Data Breach Impacts Employees
FRIEND Mar 13 The Hacker News
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
FOE Mar 13 The Intercept (Privacy)
I Wrote a Movie Review. Cops Took It From A Protester’s Home to Make the Case That He’s a Terrorist.
FOE Mar 13 SecurityWeek
In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown
FRIEND Mar 13 Bleeping Computer
From VMware to what’s next: Protecting data during hypervisor migration
FOE Mar 13 EPIC
Bloomberg Law: Complying With California Kids Code Is Suddenly More Complicated
FOE Mar 13 The Hacker News
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
FRIEND Mar 13 Bleeping Computer
Police sinkholes 45,000 IP addresses in cybercrime crackdown
FOE Mar 13 The Hacker News
Investigating a New Click-Fix Variant
FOE Mar 13 Bleeping Computer
Fake enterprise VPN downloads used to steal company credentials
FOE Mar 13 Dark Reading
Most Google Cloud Attacks Start With Bug Exploitation
FOE Mar 13 Dark Reading
Real-Time Banking Trojan Strikes Brazil's Pix Users
FOE Mar 13 The Register (Security)
Interpol cybercrime crackdown leads to 94 arrests, 45,000 IP takedowns
FOE Mar 13 SecurityWeek
Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War
FOE Mar 13 CSO Online
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
FOE Mar 13 CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FRIEND Mar 13 The Register (Security)
NanoClaw latches onto Docker Sandboxes for safer AI agents
FRIEND Mar 13 SecurityWeek
Bold Security Emerges From Stealth With $40 Million in Funding
FOE Mar 13 The Register (Security)
Google rushes Chrome update fixing two zero-days already under attack
FRIEND Mar 13 SecurityWeek
Google Paid Out $17 Million in Bug Bounty Rewards in 2025
FOE Mar 13 Schneier on Security
Academia and the “AI Brain Drain”
FOE Mar 13 SecurityWeek
Iran-Linked Hacker Attack on Stryker Disrupted Manufacturing and Shipping
FOE Mar 13 SecurityWeek
Onyx Security Launches With $40 Million in Funding
FOE Mar 13 The Hacker News
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
FRIEND Mar 13 CSO Online
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
FOE Mar 13 CSO Online
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
FRIEND Mar 13 SecurityWeek
Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet
FOE Mar 13 The Hacker News
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
FOE Mar 13 Bleeping Computer
Starbucks discloses data breach affecting hundreds of employees
FOE Mar 13 SecurityWeek
Chrome 146 Update Patches Two Exploited Zero-Days
FOE Mar 13 SANS Internet Storm Center
A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
FOE Mar 13 CSO Online
The cyber perimeter was never dead. We just abandoned it.
FOE Mar 13 Bleeping Computer
Google fixes two new Chrome zero-days exploited in attacks
FRIEND Mar 13 The Hacker News
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
FOE Mar 13 The Hacker News
Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution
FRIEND Mar 13 CSO Online
10 Kennzahlen, die CISOs weiterbringen
FOE Mar 13 Risky Business News
Risky Bulletin: Another residential proxy provider falls as authorities continue crackdowns
FOE Mar 13 CSO Online
Telus Digital hit with massive data breach
FRIEND Mar 13 Sophos News
March Patch Tuesday visits 15 product families
FOE Mar 13 Sophos News
Initial access techniques used by Iran-based threat actors
FOE Mar 12 The Register (Security)
Rogue AI agents can work together to hack systems and steal secrets
FRIEND Mar 12 EPIC
Ninth Circuit Deals Another Blow to Big Tech’s Campaign for Broad Immunity from Regulation, Allows Parts of California’s Design Code to Go into Effect
FOE Mar 12 Ars Technica (Security)
The who, what, and why of the attack that has shut down Stryker's Windows network"
FRIEND Mar 12 Dark Reading
Why Post-Quantum Cryptography Can't Wait
FOE Mar 12 Bleeping Computer
Canadian retail giant Loblaw notifies customers of data breach
FOE Mar 12 Dark Reading
Iran MOIS Colludes With Criminals to Boost Cyberattacks
FOE Mar 12 Bleeping Computer
England Hockey investigating ransomware data breach
FOE Mar 12 Dark Reading
Commercial Spyware Opponents Fear US Policy Shifting
FOE Mar 12 Bleeping Computer
AI-generated Slopoly malware used in Interlock ransomware attack
FRIEND Mar 12 Schneier on Security
iPhones and iPads Approved for NATO Classified Data
FOE Mar 12 EFF Deeplinks
A.B. 1043’s Internet Age Gates Hurt Everyone
FOE Mar 12 EFF Deeplinks
Rep. Finke Was Right: Age-Gating Isn’t About Kids, It’s About Control
FOE Mar 12 CSO Online
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
FOE Mar 12 The Hacker News
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
FRIEND Mar 12 Dark Reading
Delinea's StrongDM Acquisition Highlights the Changing Role of PAM
FOE Mar 12 The Hacker News
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
FOE Mar 12 Bleeping Computer
Veeam warns of critical flaws exposing backup servers to RCE attacks
FOE Mar 12 Dark Reading
Why Stryker's Outage Is a Disaster Recovery Wake-Up Call
FRIEND Mar 12 The Register (Security)
Operating Lightning takes down SocksEscort proxy network blamed for tens of millions in fraud
FRIEND Mar 12 Bleeping Computer
US disrupts SocksEscort proxy network powered by Linux malware
FRIEND Mar 12 Bleeping Computer
Google paid $17.1 million for vulnerability reports in 2025
FOE Mar 12 SecurityWeek
Apple Updates Legacy iOS Versions to Patch Coruna Exploits
FOE Mar 12 Bleeping Computer
Telus Digital confirms breach after hacker claims 1 petabyte data theft
FOE Mar 12 Dark Reading
What Orgs Can Learn From Olympics, World Cup IR Plans
FOE Mar 12 Bleeping Computer
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
FRIEND Mar 12 BrightTALK InfoSec
Building Resilient Cloud Security Architectures for Today’s Threat Landscape
FRIEND Mar 12 Bleeping Computer
Apple patches older iPhones and iPads against Coruna exploits
FOE Mar 12 The Register (Security)
CISA warns max-severity n8n bug is being exploited in the wild
FOE Mar 12 The Hacker News
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
FRIEND Mar 12 SecurityWeek
Meta Launches New Protection Tools as It Helps Disrupt Scam Centers
FOE Mar 12 The Hacker News
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
FOE Mar 12 EPIC
DOJ Wants Sensitive Voter Data but Can’t Be Bothered to Protect It
FOE Mar 12 SecurityWeek
Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks
FOE Mar 12 SecurityWeek
The Human IOC: Why Security Professionals Struggle with Social Vetting
FOE Mar 12 SecurityWeek
Splunk, Zoom Patch Severe Vulnerabilities
FOE Mar 12 CISA Alerts
Siemens Heliox EV Chargers
FOE Mar 12 CISA Alerts
Inductive Automation Ignition Software
FOE Mar 12 CISA Alerts
Trane Tracer SC, Tracer SC+, and Tracer Concierge
FOE Mar 12 CISA Alerts
Siemens RUGGEDCOM APE1808 Devices
FOE Mar 12 CISA Alerts
Siemens SIMATIC
FOE Mar 12 CISA Alerts
Siemens SIDIS Prime
FOE Mar 12 CSO Online
PhantomRaven returns to npm with 88 bad packages
FOE Mar 12 Bleeping Computer
US charges another ransomware negotiator linked to BlackCat attacks
FOE Mar 12 The Hacker News
Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
FOE Mar 12 SecurityWeek
Cisco Patches High-Severity IOS XR Vulnerabilities
FOE Mar 12 The Hacker News
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
FOE Mar 12 SecurityWeek
Critical N8n Vulnerabilities Allowed Server Takeover
FOE Mar 12 SecurityWeek
Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea
FOE Mar 12 CSO Online
North Korean fake IT worker tradecraft exposed
FOE Mar 12 The Hacker News
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
FOE Mar 12 CSO Online
AI use is changing how much companies pay for cyber insurance
FOE Mar 12 CSO Online
“Zombie ZIP”: Neue Angriffstechnik täuscht Virenscanner
FOE Mar 12 The Hacker News
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
FRIEND Mar 12 CSO Online
Wie CISOs schlechte Angebote enttarnen
FOE Mar 12 Risky Business News
Srsly Risky Biz: Trump's Cyber Strategy… Great, Amazing, The Best Yet
FOE Mar 12 The Register (Security)
China’s CERT warns OpenClaw can inflict nasty wounds
FOE Mar 12 SANS Internet Storm Center
When your IoT Device Logs in as Admin, It&#x3f;s too Late&#x21; &#x5b;Guest Diary&#x5d;, (Wed, Mar 11th)
FRIEND Mar 12 Recorded Future Blog
February 2026 CVE Landscape: 13 Critical Vulnerabilities Mark 43% Drop from January
FOE Mar 11 CSO Online
Resumés with malicious ISO attachments are circulating, says Aryaka
FOE Mar 11 CSO Online
CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws
FRIEND Mar 11 EFF Deeplinks
Certbot and Let's Encrypt Now Support IP Address Certificates
FOE Mar 11 The Register (Security)
Iran plots 'infrastructure warfare' against US tech giants
FOE Mar 11 Dark Reading
A Guy Who Wrote the Code Died in 2005. I Still Have to Secure It
FOE Mar 11 The Intercept (Privacy)
Trump’s AI-Powered World Wars
FOE Mar 11 Dark Reading
INC Ransomware Group Holds Healthcare Hostage in Oceania
FOE Mar 11 Ars Technica (Security)
14,000 routers are infected by malware that's highly resistant to takedowns
FOE Mar 11 The Register (Security)
Iran-linked cyber crew says they hit US med-tech firm
FOE Mar 11 Dark Reading
Xygeni GitHub Action Compromised Via Tag Poison
FRIEND Mar 11 Bleeping Computer
WhatsApp introduces parent-managed accounts for pre-teens
FOE Mar 11 Bleeping Computer
SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
FRIEND Mar 11 SecurityWeek
Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command
FOE Mar 11 Bleeping Computer
CISA orders feds to patch n8n RCE flaw exploited in attacks
FRIEND Mar 11 The Register (Security)
Meta, international cops use handcuffs and AI to stop scammers
FOE Mar 11 Bleeping Computer
Medtech giant Stryker offline after Iran-linked wiper malware attack
FOE Mar 11 Bleeping Computer
New PhantomRaven NPM attack wave steals dev data via 88 packages
FOE Mar 11 The Hacker News
Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes
FOE Mar 11 Krebs on Security
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
FOE Mar 11 SecurityWeek
MedTech Giant Stryker Crippled by Iran-Linked Hacker Attack
FOE Mar 11 The Hacker News
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
FOE Mar 11 EFF Deeplinks
Government Spying 🤝 Targeted Advertising | EFFector 38.5
FOE Mar 11 Dark Reading
Chinese Nexus Actors Shift Focus to Qatar Amid Iranian Conflict
FRIEND Mar 11 SecurityWeek
Wiz Joins Google Cloud as Landmark Acquisition Closes
FOE Mar 11 The Register (Security)
ICO fines Police Scotland over data-sharing debacle in gross misconduct case
FRIEND Mar 11 Black Hills Information Security
Understanding GRC: How to Navigate Risks and Compliance Standards
FRIEND Mar 11 SecurityWeek
CISO Conversations: Aimee Cardwell
FOE Mar 11 SecurityWeek
238,000 Impacted by Bell Ambulance Data Breach
FRIEND Mar 11 Bleeping Computer
Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools
FRIEND Mar 11 SecurityWeek
Scanner Raises $22 Million for AI-Powered Threat Hunting
FRIEND Mar 11 The Hacker News
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
FRIEND Mar 11 CSO Online
AWS expands Security Hub for multicloud security operations
FOE Mar 11 The Register (Security)
Swiss e-voting pilot can't count 2,048 ballots after USB keys fail to decrypt them
FOE Mar 11 The Hacker News
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
FRIEND Mar 11 SecurityWeek
OpenAI to Acquire AI Security Startup Promptfoo
FOE Mar 11 The Register (Security)
Dutch cops bust teen suspected of posing as bank staff to steal cards
FOE Mar 11 SecurityWeek
Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities
FOE Mar 11 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FRIEND Mar 11 SecurityWeek
How to 10x Your Vulnerability Management Program in the Agentic Era
FOE Mar 11 CSO Online
Overly permissive ‘guest’ settings put Salesforce customers at risk
FOE Mar 11 The Hacker News
What Boards Must Demand in the Age of AI-Automated Exploitation
FRIEND Mar 11 The Register (Security)
EU legal eagle says banks should refund cybercrime victims first, argue later
FOE Mar 11 SecurityWeek
Michelin Confirms Data Breach Linked to Oracle EBS Attack
FOE Mar 11 Schneier on Security
Canada Needs Nationalized, Public AI
FOE Mar 11 CSO Online
Why zero trust breaks down in IoT and OT environments
FOE Mar 11 CSO Online
Did cybersecurity recently have its Gatling gun moment?
FRIEND Mar 11 SecurityWeek
Quantro Security Emerges From Stealth With $2.5 Million in Funding
FOE Mar 11 CSO Online
Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials
FRIEND Mar 11 CSO Online
CSO Awards 2026 celebrates world-class security strategies
FRIEND Mar 11 CSO Online
Announcing the 2026 CSO Hall of Fame honorees
FOE Mar 11 CSO Online
A 5-step approach to taming shadow AI
FOE Mar 11 SANS Internet Storm Center
Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)
FOE Mar 11 SecurityWeek
‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload
FOE Mar 11 The Hacker News
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
FRIEND Mar 11 The Register (Security)
Building the UK’s next generation of cyber talent
FOE Mar 11 Privacy International
Privacy International’s remarks at the side event of the 61st Session of the UN Human Rights Council on the Human Rights Impacts of Using Artificial Intelligence in Countering Terrorism
FRIEND Mar 11 SecurityWeek
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric
FOE Mar 11 The Hacker News
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
FOE Mar 11 CSO Online
12 ways attackers abuse cloud services to hack your enterprise
FOE Mar 11 The Hacker News
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
FOE Mar 11 CSO Online
6 Mittel gegen Security-Tool-Wildwuchs
FOE Mar 11 CSO Online
Jack & Jill went up the hill — and an AI tried to hack them
FOE Mar 11 Dark Reading
Middle East Conflict Highlights Cloud Resilience Gaps
FRIEND Mar 11 Dark Reading
Microsoft Patches 83 CVEs in March Update
FRIEND Mar 11 Krebs on Security
Microsoft Patch Tuesday, March 2026 Edition
FOE Mar 11 Sophos News
Evil evolution: ClickFix and macOS infostealers
FOE Mar 10 CSO Online
March Patch Tuesday: Three high severity holes in Microsoft Office
FOE Mar 10 EFF Deeplinks
Copyright Bullying vs. Religious Freedom
FOE Mar 10 Bleeping Computer
New ‘BlackSanta’ EDR killer spotted targeting HR departments
FRIEND Mar 10 Risky Business News
Risky Bulletin: Gen. Joshua Rudd confirmed as next CyberCom and NSA head
FOE Mar 10 EPIC
EPIC Leads Group of Law & Technology Scholars in Rebutting Social Media Companies’ Arguments that Surveillance-Based Feeds Are Constitutionally-Protected Speech
FOE Mar 10 Bleeping Computer
New BeatBanker Android malware poses as Starlink app to hijack devices
FOE Mar 10 Dark Reading
'Overly Permissive' Salesforce Cloud Configs in the Crosshairs
FOE Mar 10 EFF Deeplinks
Think Twice Before Buying or Using Meta’s Ray-Bans
FRIEND Mar 10 EPIC
Maine Senate Passes Strong Privacy Bill
FOE Mar 10 EFF Deeplinks
The Government Must Not Force Companies to Participate in AI-powered Surveillance
FOE Mar 10 The Register (Security)
Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
FOE Mar 10 Bleeping Computer
New 'Zombie ZIP' technique lets malware slip past security tools
FOE Mar 10 CSO Online
Threat intelligence by ESET is a game changer
FRIEND Mar 10 CSO Online
The CSO role is evolving fast with AI in Cyber Defense strategy
FRIEND Mar 10 SecurityWeek
Microsoft Patches 83 Vulnerabilities
FOE Mar 10 Dark Reading
Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit
FOE Mar 10 The Register (Security)
Cybercrime isn't just a cover for Iran's government goons - it's a key part of their operations
FRIEND Mar 10 Bleeping Computer
Microsoft releases Windows 10 KB5078885 extended security update
FOE Mar 10 SecurityWeek
Adobe Patches 80 Vulnerabilities Across Eight Products
FOE Mar 10 Bleeping Computer
Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
FRIEND Mar 10 SecurityWeek
Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP
FRIEND Mar 10 Bleeping Computer
Windows 11 KB5079473 & KB5078883 cumulative updates released
FOE Mar 10 SANS Internet Storm Center
Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
FOE Mar 10 Bleeping Computer
HPE warns of critical AOS-CX flaw allowing admin password resets
FOE Mar 10 The Register (Security)
Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts
FOE Mar 10 The Hacker News
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
FOE Mar 10 The Hacker News
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
FRIEND Mar 10 Bleeping Computer
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
FRIEND Mar 10 SecurityWeek
Kai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT Security
FOE Mar 10 SecurityWeek
Webinar Today: Securing Fragile OT in an Exposed World
FOE Mar 10 Bleeping Computer
New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
FOE Mar 10 Sophos News
Evil evolution: ClickFix and macOS infostealers
FOE Mar 10 SecurityWeek
SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities
FOE Mar 10 SecurityWeek
Thousands Affected by Ericsson Data Breach
FOE Mar 10 EPIC
EPIC Leads Coalition Demanding the Government Reverse Illegal Data Grab… Again
FOE Mar 10 Bleeping Computer
The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
FOE Mar 10 The Register (Security)
Fake job applications pack malware that kills EDR before stealing data
FOE Mar 10 Dark Reading
'BlackSanta' EDR Killer Targets HR Workflows
FRIEND Mar 10 SecurityWeek
OpenAI Rolls Out Codex Security Vulnerability Scanner
FRIEND Mar 10 SecurityWeek
Kevin Mandia’s Armadin Launches With $190 Million in Funding
FOE Mar 10 The Hacker News
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
FOE Mar 10 SecurityWeek
Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign
FOE Mar 10 The Register (Security)
Ericsson blames vendor vishing slip-up for breach exposing thousands of records
FRIEND Mar 10 The Register (Security)
Protecting democracy means democratizing cybersecurity. Bring on the hackers
FOE Mar 10 CISA Alerts
Honeywell IQ4x BMS Controller
FOE Mar 10 CISA Alerts
Ceragon Siklu MultiHaul and EtherHaul Series
FOE Mar 10 CISA Alerts
Apeman Cameras
FOE Mar 10 CISA Alerts
Lantronix EDS3000PS and EDS5000
FRIEND Mar 10 SecurityWeek
Escape Raises $18 Million to Automate Pentesting
FOE Mar 10 SecurityWeek
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
FOE Mar 10 The Hacker News
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
FOE Mar 10 The Register (Security)
Polish cops bust alleged teen DDoS kit sellers – youngest just 12
FOE Mar 10 Bleeping Computer
CISA: Recently patched Ivanti EPM flaw now actively exploited
FOE Mar 10 CSO Online
Devs looking for OpenClaw get served a GhostClaw RAT
FOE Mar 10 SecurityWeek
SIM Swaps Expose a Critical Flaw in Identity Security
FRIEND Mar 10 The Hacker News
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
FOE Mar 10 The Hacker News
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
FRIEND Mar 10 Bleeping Computer
Microsoft to enable Windows hotpatch security updates by default
FOE Mar 10 Bleeping Computer
APT28 hackers deploy customized variant of Covenant open-source tool
FOE Mar 10 CSO Online
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
FOE Mar 10 Schneier on Security
Jailbreaking the F-35 Fighter Jet
FRIEND Mar 10 CSO Online
OpenAI to acquire Promptfoo to strengthen AI agent security testing
FOE Mar 10 CSO Online
Why access decisions are becoming the weakest link in identity security
FRIEND Mar 10 CSO Online
I replaced manual pen tests with automation. Here’s what I learned.
FOE Mar 10 The Hacker News
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
FRIEND Mar 10 SecurityWeek
Cylake Raises $45 Million to Secure Organizations Barred From Cloud
FOE Mar 10 CSO Online
When AI safety constrains defenders more than attackers
FOE Mar 10 The Hacker News
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
FOE Mar 10 CSO Online
Security-Tools für KI-Infrastrukturen – ein Kaufratgeber
FOE Mar 10 CSO Online
Hacker abusing .arpa domain to evade phishing detection, says Infoblox
FOE Mar 09 Bleeping Computer
Microsoft Teams phishing targets employees with A0Backdoor malware
FOE Mar 09 The Register (Security)
AI vs AI: Agent hacked McKinsey's chatbot and gained full read-write access in just two hours
FOE Mar 09 Bleeping Computer
Google: Cloud attacks exploit flaws more than weak credentials
FOE Mar 09 Bleeping Computer
Dutch govt warns of Signal, WhatsApp account hijacking attacks
FOE Mar 09 Dark Reading
White House Cyber Strategy Prioritizes Offense
FOE Mar 09 Dark Reading
'InstallFix' Attacks Spread Fake Claude Code Sites
FOE Mar 09 EFF Deeplinks
The SAFE Act is an Imperfect Vehicle for Real Section 702 Reform
FRIEND Mar 09 EFF Deeplinks
Privacy's Defender: Launch Party in Berkeley
FOE Mar 09 Bleeping Computer
Ericsson US discloses data breach after service provider hack
FOE Mar 09 The Hacker News
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
FOE Mar 09 The Register (Security)
ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
FRIEND Mar 09 CSO Online
CVE program funding secured, easing fears of repeat crisis
FRIEND Mar 09 EFF Deeplinks
EFFecting Change: Privacy's Defender
FRIEND Mar 09 Bleeping Computer
Microsoft Teams will tag third-party bots trying to join meetings
FOE Mar 09 Bleeping Computer
ShinyHunters claims ongoing Salesforce Aura data theft attacks
FOE Mar 09 The Register (Security)
EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen
FRIEND Mar 09 SecurityWeek
Cybersecurity M&A Roundup: 42 Deals Announced in February 2026
FOE Mar 09 Bleeping Computer
FBI warns of phishing attacks impersonating US city, county officials
FRIEND Mar 09 SANS Internet Storm Center
Encrypted Client Hello: Ready for Prime Time&#x3f;, (Mon, Mar 9th)
FOE Mar 09 The Hacker News
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
FOE Mar 09 Bleeping Computer
Why Password Audits Miss the Accounts Attackers Actually Want
FOE Mar 09 Bleeping Computer
Microsoft still working to fix Windows Explorer white flashes
FOE Mar 09 The Hacker News
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
FOE Mar 09 The Register (Security)
Dutch cops warn 100 alleged scammers: Turn yourselves in or we tell Grandma
FOE Mar 09 SecurityWeek
ClickFix Attack Uses Windows Terminal to Evade Detection
FOE Mar 09 The Register (Security)
Russian cybercrims phish their way into officials' Signal and WhatsApp accounts
FOE Mar 09 SecurityWeek
Internet Infrastructure TLD .arpa Abused in Phishing Attacks
FOE Mar 09 Dark Reading
Chinese Cyber Threat Lurks In Critical Asian Sectors for Years
FOE Mar 09 CISA Alerts
CISA Adds Three Known Exploited Vulnerabilities to Catalog
FOE Mar 09 The Register (Security)
Microsoft Azure CTO set Claude on his 1986 Apple II code, says it found vulns
FRIEND Mar 09 CSO Online
OpenAI says Codex Security found 11,000 high-impact bugs in a month
FRIEND Mar 09 The Hacker News
Can the Security Platform Finally Deliver for the Mid-Market?
FOE Mar 09 SecurityWeek
Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign
FOE Mar 09 Schneier on Security
New Attack Against Wi-Fi
FRIEND Mar 09 CSO Online
NIS-2: Tausende reißen BSI-Frist und riskieren Strafen
FOE Mar 09 The Hacker News
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
FOE Mar 09 The Register (Security)
Royal Navy races to arm ships against drone threat
FOE Mar 09 CSO Online
Rogues gallery: 15 worst ransomware groups active today
FOE Mar 09 The Hacker News
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
FRIEND Mar 09 CSO Online
4 ways to prepare your SOC for agentic AI
FOE Mar 09 CSO Online
PQC roadmap remains hazy as vendors race for early advantage
FOE Mar 09 CSO Online
Tarnung als Taktik: Warum Ransomware-Angriffe raffinierter werden
FOE Mar 09 The Register (Security)
Iran is the first out-loud cyberwar the US has fought
FRIEND Mar 09 Risky Business News
Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime
FOE Mar 08 Krebs on Security
How AI Assistants are Moving the Security Goalposts
FOE Mar 08 The Register (Security)
FBI is investigating breach that may have hit its wiretapping tools
FRIEND Mar 08 Bleeping Computer
EU court adviser says banks must immediately refund phishing victims
FOE Mar 08 Bleeping Computer
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
FOE Mar 08 SecurityWeek
Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited
FOE Mar 08 The Intercept (Privacy)
OpenAI on Surveillance and Autonomous Killings: You’re Going to Have to Trust Us
FOE Mar 08 The Register (Security)
AI agents now help attackers, including North Korea, manage their drudge work
FOE Mar 08 The Intercept (Privacy)
Columbia Flouted Its Own Policies and Let ICE Into University Buildings
FRIEND Mar 07 The Hacker News
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
FOE Mar 07 Bleeping Computer
Termite ransomware breaches linked to ClickFix CastleRAT attacks
FRIEND Mar 07 SecurityWeek
US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies
FOE Mar 07 Bleeping Computer
Microsoft: Hackers abusing AI at every stage of cyberattacks
FOE Mar 07 SecurityWeek
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
FOE Mar 07 SecurityWeek
Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare
FOE Mar 07 Ars Technica (Security)
From Iran to Ukraine, everyone's trying to hack security cameras
FRIEND Mar 07 The Hacker News
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
FRIEND Mar 07 SANS Internet Storm Center
YARA-X 1.14.0 Release, (Sat, Mar 7th)
FOE Mar 07 SecurityWeek
FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information
FRIEND Mar 07 EFF Deeplinks
Admiring Our Heroes for International Women’s Day: Celebrating Women Who Have Received EFF Awards
FOE Mar 06 CSO Online
Trump’s cyber strategy emphasizes offensive operations, deregulation, AI
FRIEND Mar 06 EFF Deeplinks
Admiring Our Heroes for International Women’s Day: Five Women In Tech That EFF Admires
FOE Mar 06 CSO Online
ClickFix attackers using new tactic to evade detection, says Microsoft
FRIEND Mar 06 The Register (Security)
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
FOE Mar 06 Bleeping Computer
Cognizant TriZetto breach exposes health data of 3.4 million patients
FOE Mar 06 Ars Technica (Security)
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
FRIEND Mar 06 Dark Reading
Cylake Offers AI-Native Security Without Relying on Cloud Services
FOE Mar 06 The Register (Security)
Spyware disguised as emergency-alert app sent to Israeli smartphones
FOE Mar 06 The Intercept (Privacy)
Dems Need to Wise Up: ICE Is a Threat to Our Elections
FOE Mar 06 CSO Online
Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short
FOE Mar 06 Dark Reading
North Korean APTs Use AI to Enhance IT Worker Scams
FOE Mar 06 Schneier on Security
Anthropic and the Pentagon
FOE Mar 06 CSO Online
FBI wiretap system tapped by hackers
FOE Mar 06 CSO Online
OAuth vulnerability in n8n automation platform could lead to system compromise
FRIEND Mar 06 SecurityWeek
ArmorCode Raises $16 Million for Exposure Management Platform
FOE Mar 06 EFF Deeplinks
Weasel Words: OpenAI’s Pentagon Deal Won’t Stop AI‑Powered Surveillance
FOE Mar 06 EFF Deeplinks
Weasel Words: OpenAI’s Pentagon Deal Won’t Stop AI‑Powered Surveillance
FOE Mar 06 Bleeping Computer
CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
FOE Mar 06 SecurityWeek
In Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Cameras Used in Khamenei Strike
FOE Mar 06 The Hacker News
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
FRIEND Mar 06 Dark Reading
EU Auto Rules Shift Gears on Cybersecurity Standards
FOE Mar 06 The Register (Security)
Cisco warns of two more SD-WAN bugs under active attack
FRIEND Mar 06 Bleeping Computer
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
FOE Mar 06 Bleeping Computer
Fake Claude Code install guides push infostealers in InstallFix attacks
FOE Mar 06 The Hacker News
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
FRIEND Mar 06 Bleeping Computer
Microsoft 365 Backup to add file-level restore for faster recovery
FOE Mar 06 Privacy International
What does it mean when Big Tech goes to war?
FOE Mar 06 Dark Reading
Iran's Cyber-Kinetic War Doctrine Takes Shape
FOE Mar 06 Dark Reading
Cyberattack on Mexico's Gov't Agencies Highlight AI Threat
FOE Mar 06 The Register (Security)
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal
FOE Mar 06 CSO Online
Targeted advertising is also targeting malware
FOE Mar 06 SecurityWeek
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List
FRIEND Mar 06 Privacy International
Privacy International & Women on Web - Securing Reproductive Justice: A Guide to Digital Privacy for Sexual and Reproductive Justice Activists
FOE Mar 06 SecurityWeek
Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks
FOE Mar 06 The Register (Security)
Son of government contractor arrested after alleged $46M crypto heist from US Marshals
FOE Mar 06 Schneier on Security
Claude Used to Hack Mexican Government
FRIEND Mar 06 SecurityWeek
James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO
FRIEND Mar 06 The Register (Security)
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
FOE Mar 06 SecurityWeek
Iranian APT Hacked US Airport, Bank, Software Company
FRIEND Mar 06 The Hacker News
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
FOE Mar 06 The Hacker News
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
FOE Mar 06 The Register (Security)
Transport for London says 2024 breach affected 7M customers, not 5,000
FOE Mar 06 Bleeping Computer
Ghanain man pleads guilty to role in $100 million fraud ring
FRIEND Mar 06 SecurityWeek
Data Security Firm Evervault Raises $25 Million in Series B Funding
FOE Mar 06 CSO Online
Teenage hacker myth primed for a middle-age criminal makeover
FOE Mar 06 Bleeping Computer
FBI investigates breach of surveillance and wiretap systems
FOE Mar 06 The Hacker News
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
FOE Mar 06 CSO Online
Challenges and projects for the CISO in 2026
FOE Mar 06 CSO Online
Zero-day exploits hit enterprises faster and harder
FOE Mar 06 The Hacker News
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
FOE Mar 06 The Hacker News
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
FOE Mar 06 CSO Online
Europa im Visier von Cyber-Identitätsdieben
FRIEND Mar 06 CSO Online
7 Anzeichen für akuten MSSP-Bedarf
FOE Mar 06 Risky Business News
Risky Bulletin: Iranian hackers are scanning for security cameras to aid missile strikes
FRIEND Mar 06 CSO Online
LeakBase marketplace unplugged by cops in 14 countries
FOE Mar 05 The Register (Security)
Google says spyware makers and China-linked groups dominated zero-day attacks last year
FOE Mar 05 Bleeping Computer
Chinese state hackers target telcos with new malware toolkit
FOE Mar 05 Bleeping Computer
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
FOE Mar 05 Dark Reading
Nation-State Actor Embraces AI Malware Assembly Line
FOE Mar 05 Dark Reading
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
FOE Mar 05 Bleeping Computer
Wikipedia hit by self-propagating JavaScript worm that vandalized pages
FRIEND Mar 05 EPIC
EPIC Testifies in Support of Three Tech Policy Bills in Maryland
FOE Mar 05 Dark Reading
Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical
FOE Mar 05 The Register (Security)
Iran intelligence backdoored US bank, airport, software outfit networks
FOE Mar 05 Bleeping Computer
WordPress membership plugin bug exploited to create admin accounts
FOE Mar 05 Bleeping Computer
FBI arrests suspect linked to $46M crypto theft from US Marshals
FRIEND Mar 05 EPIC
EPIC Testifies in Support of Michigan Kids Code
FOE Mar 05 Schneier on Security
Israel Hacked Traffic Cameras in Iran
FOE Mar 05 The Intercept (Privacy)
Congress Is Considering Abolishing Your Right to Be Anonymous Online
FOE Mar 05 CSO Online
Cisco issues emergency patches for critical firewall vulnerabilities
FOE Mar 05 Privacy International
Privacy International's response to the UK Home Office consultation on facial recognition technology
FRIEND Mar 05 Dark Reading
Fig Security Emerges From Stealth to Fix Broken Security Operations
FOE Mar 05 The Intercept (Privacy)
Nida Allam Concedes to Valerie Foushee With Razor-Thin Loss for Progressives in Key Midterm Primary
FRIEND Mar 05 Dark Reading
Software Development Practices Help Enterprises Tackle Real-Life Risks
FOE Mar 05 Privacy International
Privacy International's submission on the impact of digital and AI-assisted surveillance on assembly and association rights
FOE Mar 05 The Hacker News
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
FOE Mar 05 Bleeping Computer
Google says 90 zero-days were exploited in attacks last year
FOE Mar 05 Bleeping Computer
2026 Browser Data Reveals Major Enterprise Security Blind Spots
FOE Mar 05 SecurityWeek
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises
FOE Mar 05 CSO Online
Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year
FOE Mar 05 EFF Deeplinks
The Government Uses Targeted Advertising to Track Your Location. Here's What We Need to Do.
FOE Mar 05 EFF Deeplinks
The Government Uses Targeted Advertising to Track Your Location. Here's What We Need to Do.
FOE Mar 05 Dark Reading
LatAm Now Faces 2x More Cyberattacks Than US
FOE Mar 05 The Hacker News
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
FRIEND Mar 05 CSO Online
Europol: Großer Markt für gestohlene Daten geschlossen
FOE Mar 05 The Hacker News
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
FRIEND Mar 05 SecurityWeek
Russian Ransomware Operator Pleads Guilty in US
FOE Mar 05 Bleeping Computer
Police dismantles online gambling ring exploiting Ukrainian women
FOE Mar 05 The Register (Security)
UK watchdog eyes Meta's smart glasses after workers say they 'see everything'
FOE Mar 05 SecurityWeek
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild
FOE Mar 05 The Hacker News
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
FOE Mar 05 CISA Alerts
CISA Adds Five Known Exploited Vulnerabilities to Catalog
FOE Mar 05 CISA Alerts
Delta Electronics CNCSoft-G2
FRIEND Mar 05 CSO Online
Europol schließt riesigen Markt für gestohlene Daten
FOE Mar 05 Schneier on Security
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
FRIEND Mar 05 SecurityWeek
Reclaim Security Raises $20 Million to Accelerate Remediation
FOE Mar 05 The Hacker News
Where Multi-Factor Authentication Stops and Credential Abuse Starts
FOE Mar 05 The Intercept (Privacy)
Federal Agents Are Intimidating Legal Observers at Their Homes: “They Know Where You Live.”
FRIEND Mar 05 SecurityWeek
LeakBase Cybercrime Forum Shut Down, Suspects Arrested
FOE Mar 05 Bleeping Computer
Cisco flags more SD-WAN flaws as actively exploited in attacks
FOE Mar 05 The Hacker News
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
FOE Mar 05 SecurityWeek
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products
FOE Mar 05 Bleeping Computer
Phobos ransomware admin pleads guilty to wire fraud conspiracy
FRIEND Mar 05 Google Project Zero
On the Effectiveness of Mutational Grammar Fuzzing
FOE Mar 05 CSO Online
State-affiliated hackers set up for critical OT attacks that operators may not detect
FOE Mar 05 The Hacker News
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
FRIEND Mar 05 The Hacker News
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
FOE Mar 05 CSO Online
14 old software bugs that took way too long to squash
FOE Mar 05 CSO Online
Die besten Cyber-Recovery-Lösungen
FOE Mar 05 SecurityWeek
Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks
FOE Mar 05 Risky Business News
Srsly Risky Biz: The Four Hour Cyber War on Iran
FRIEND Mar 05 CSO Online
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
FRIEND Mar 05 SANS Internet Storm Center
Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning &#x5b;Guest Diary&#x5d;, (Wed, Mar 4th)
FRIEND Mar 05 Sophos News
Optimize Your Sophos Firewall Security
FOE Mar 04 The Register (Security)
'Hundreds' of Iranian hacking attempts have hit surveillance cameras since the missile strikes
FRIEND Mar 04 Bleeping Computer
Bitwarden adds support for passkey login on Windows 11
FRIEND Mar 04 EPIC
SCOTUS to Hear Case Over Proper Scope of the Video Privacy Protection Act (VPPA)
FOE Mar 04 Bleeping Computer
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
FOE Mar 04 Dark Reading
VMware Aria Operations Bug Exploited, Cloud Resources at Risk
FRIEND Mar 04 Bleeping Computer
Windows 10 KB5075039 update fixes broken Recovery Environment
FOE Mar 04 The Register (Security)
Malware-laced OpenClaw installers get Bing AI search boost
FOE Mar 04 Bleeping Computer
Fake LastPass support email threads try to steal vault passwords
FRIEND Mar 04 EPIC
EPIC Urges Virginia Governor to Sign Bill Banning Sale of Location Data
FRIEND Mar 04 EFF Deeplinks
Speaking Freely: Shin Yang
FRIEND Mar 04 EFF Deeplinks
Speaking Freely: Shin Yang
FRIEND Mar 04 CSO Online
Why AI, Zero Trust, and modern security require deep visibility
FRIEND Mar 04 CSO Online
The 10-hour problem: How visibility gaps are burning out the SOC
FOE Mar 04 Bleeping Computer
Cisco warns of max severity Secure FMC flaws giving root access
FOE Mar 04 Bleeping Computer
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks
FOE Mar 04 Bleeping Computer
Hacker mass-mails HungerRush extortion emails to restaurant patrons
FRIEND Mar 04 SecurityWeek
Tycoon 2FA Phishing Platform Dismantled in Global Takedown
FRIEND Mar 04 Bleeping Computer
FBI seizes LeakBase cybercrime forum, data of 142,000 members
FOE Mar 04 SecurityWeek
New LexisNexis Data Breach Confirmed After Hackers Leak Files
FOE Mar 04 The Hacker News
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
FRIEND Mar 04 Dark Reading
Stranger Things Meets Cybersecurity: Lessons from the Hive Mind
FRIEND Mar 04 Bleeping Computer
Europol-coordinated action disrupts Tycoon2FA phishing platform
FRIEND Mar 04 Dark Reading
Are We Ready for Auto Remediation With Agentic AI?
FOE Mar 04 The Register (Security)
LexisNexis confirms data breach at Legal &amp; Professional arm, some customer records affected
FRIEND Mar 04 SecurityWeek
Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance
FOE Mar 04 Bleeping Computer
Mississippi medical center reopens clinics hit by ransomware attack
FOE Mar 04 Bleeping Computer
How a Brute Force Attack Unmasked a Ransomware Infrastructure Network
FOE Mar 04 SecurityWeek
Hacker Conversations: Inti De Ceukelaire, Raging Against the Machine Creatively
FRIEND Mar 04 EPIC
EPIC Tells Supreme Court that Geofence Searches Need a Warrant with Particularized Probable Cause
FOE Mar 04 The Register (Security)
Kaspersky dismisses claims Coruna iPhone exploit kit is connected to NSA-linked operation
FOE Mar 04 Black Hills Information Security
The “P” in PAM is for Persistence: Linux Persistence Technique
FOE Mar 04 The Hacker News
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
FOE Mar 04 CSO Online
Iranian cyberattacks fail to materialize but threat remains acute
FOE Mar 04 SecurityWeek
How Pirated Software Turns Helpful Employees Into Malware Delivery Agents
FRIEND Mar 04 SecurityWeek
AI Security Firm JetStream Launches With $34 Million in Seed Funding
FOE Mar 04 Schneier on Security
Manipulating AI Summarization Features
FOE Mar 04 SecurityWeek
LastPass Warns of New Phishing Campaign
FRIEND Mar 04 SecurityWeek
Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity
FOE Mar 04 SecurityWeek
Google Plans Two-Week Release Schedule for Chrome
FRIEND Mar 04 The Hacker News
New RFP Template for AI Usage Control and AI Governance
FOE Mar 04 Dark Reading
China's Silver Dragon Razes Governments in EU, SE Asia
FRIEND Mar 04 SecurityWeek
Global Coalition Publishes 6G Security and Resilience Principles
FOE Mar 04 SANS Internet Storm Center
Want More XWorm&#x3f;, (Wed, Mar 4th)
FOE Mar 04 The Hacker News
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
FOE Mar 04 CSO Online
Anthropic AI ultimatums and IP theft: The unspoken risk
FOE Mar 04 SecurityWeek
Critical FreeScout Vulnerability Leads to Full Server Compromise
FOE Mar 04 The Hacker News
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
FOE Mar 04 SecurityWeek
VMware Aria Operations Vulnerability Exploited in the Wild
FRIEND Mar 04 CSO Online
How to know you’re a real-deal CSO — and whether that job opening truly seeks one
FOE Mar 04 The Hacker News
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
FOE Mar 04 CSO Online
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
FRIEND Mar 04 The Register (Security)
Google feels the need for security speed, so will ship Chrome updates every two weeks
FRIEND Mar 04 Dark Reading
Dark Reading Confidential: This Threat Hunter Helped Cops Bust Up An African Cybercrime Syndicate
FOE Mar 04 Recorded Future Blog
Ongoing Iran Conflict: What You Need to Know
FRIEND Mar 03 EFF Deeplinks
EFF to Third Circuit: Electronic Device Searches at the Border Require a Warrant
FRIEND Mar 03 EFF Deeplinks
EFF to Third Circuit: Electronic Device Searches at the Border Require a Warrant
FOE Mar 03 Bleeping Computer
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
FOE Mar 03 The Register (Security)
Dev stunned by $82K Gemini bill after unknown API key thief goes to town
FOE Mar 03 Risky Business News
Risky Bulletin: Cyber Command conducted cyberattacks ahead of Iran strikes
FOE Mar 03 Bleeping Computer
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
FOE Mar 03 Bleeping Computer
Facebook accounts unavailable in worldwide outage
FOE Mar 03 Dark Reading
Indian APT 'Sloppy Lemming' Targets Defense, Critical Infrastructure
FRIEND Mar 03 EFF Deeplinks
The Anthropic-DOD Conflict: Privacy Protections Shouldn’t Depend On the Decisions of a Few Powerful People
FRIEND Mar 03 EFF Deeplinks
The Anthropic-DOD Conflict: Privacy Protections Shouldn’t Depend On the Decisions of a Few Powerful People
FOE Mar 03 Bleeping Computer
Microsoft: Hackers abuse OAuth error flows to spread malware
FOE Mar 03 The Register (Security)
Chat at your own risk! Data brokers are selling deeply personal bot transcripts
FOE Mar 03 Dark Reading
Vehicle Tire Pressure Sensors Enable Silent Tracking
FOE Mar 03 Dark Reading
Qualcomm Zero-Day Exploited in Targeted Android Attacks
FOE Mar 03 SecurityWeek
Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters
FOE Mar 03 Sophos News
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
FOE Mar 03 The Register (Security)
Cyberwarriors elevated to big leagues in US war with Iran
FOE Mar 03 Dark Reading
Speakeasies to Shadow AI: Banning AI Browsers Will Fail
FOE Mar 03 The Hacker News
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
FRIEND Mar 03 Bleeping Computer
Google Chrome shifts to two-week release cycle for increased stability
FRIEND Mar 03 SecurityWeek
Fig Security Launches With $38 Million to Bolster SecOps Resilience
FRIEND Mar 03 EFF Deeplinks
EFF to Supreme Court: Shut Down Unconstitutional Geofence Searches
FRIEND Mar 03 EFF Deeplinks
EFF to Supreme Court: Shut Down Unconstitutional Geofence Searches
FOE Mar 03 Bleeping Computer
LexisNexis confirms data breach as hackers leak stolen files
FOE Mar 03 SecurityWeek
Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability
FOE Mar 03 The Register (Security)
Turns out most cybercriminals are old enough to know better
FOE Mar 03 SANS Internet Storm Center
Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
FOE Mar 03 Bleeping Computer
Compromised Site Management Panels are a Hot Item in Cybercrime Markets
FRIEND Mar 03 The Hacker News
Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
FOE Mar 03 The Hacker News
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
FOE Mar 03 The Register (Security)
Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite
FOE Mar 03 SecurityWeek
Quantum Decryption of RSA is Much Closer than Expected
FOE Mar 03 SecurityWeek
New ‘AirSnitch’ Attack Shows Wi-Fi Client Isolation Could be a False Sense of Security
FOE Mar 03 SecurityWeek
1.2 Million Affected by University of Hawaii Cancer Center Data Breach
FOE Mar 03 CSO Online
OAuth phishers make ‘check where the link points’ advice ineffective
FOE Mar 03 Dark Reading
AI Agent Overload: How to Solve the Workload Identity Crisis
FOE Mar 03 CSO Online
Jetzt Staats-CISO werden – für unter 160.000 Euro
FOE Mar 03 SecurityWeek
Android Update Patches Exploited Qualcomm Zero-Day
FOE Mar 03 Ars Technica (Security)
LLMs can unmask pseudonymous users at scale with surprising accuracy
FRIEND Mar 03 SecurityWeek
Iran Cyber Front: Hacktivist Activity Rises, but State-Sponsored Attacks Stay Low
FRIEND Mar 03 Schneier on Security
On Moltbook
FOE Mar 03 CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE Mar 03 CISA Alerts
Hitachi Energy Relion REB500 Product
FOE Mar 03 CISA Alerts
Portwell Engineering Toolkits
FOE Mar 03 CISA Alerts
Labkotec LID-3300IP
FOE Mar 03 CISA Alerts
Everon OCPP Backends
FOE Mar 03 CISA Alerts
ePower epower.ie
FOE Mar 03 CISA Alerts
Mobiliti e-mobi.hu
FOE Mar 03 CISA Alerts
Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module
FOE Mar 03 CISA Alerts
Hitachi Energy RTU500 Product
FOE Mar 03 Bleeping Computer
Amazon: Drone strikes damaged AWS data centers in Middle East
FOE Mar 03 The Register (Security)
Chrome Gemini panel became privilege escalator for rogue extensions
FOE Mar 03 Dark Reading
As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks
FOE Mar 03 The Hacker News
AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
FOE Mar 03 The Hacker News
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
FOE Mar 03 The Register (Security)
Cybercriminals swipe 15.8M medical records from French doctors ministry
FOE Mar 03 Bleeping Computer
Star Citizen game dev discloses breach affecting user data
FOE Mar 03 SecurityWeek
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise
FOE Mar 03 CSO Online
Studie: Hacker legen Betrieb bei vielen Unternehmen lahm
FOE Mar 03 CSO Online
Epic Fury introduces new layer of enterprise risk
FOE Mar 03 Bleeping Computer
UH Cancer Center data breach affects nearly 1.2 million people
FOE Mar 03 SecurityWeek
Researchers Uncover Method to Track Cars via Tire Sensors
FOE Mar 03 The Hacker News
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
FOE Mar 03 Bleeping Computer
Android gets patches for Qualcomm zero-day exploited in attacks
FOE Mar 03 The Hacker News
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
FOE Mar 03 CSO Online
7 factors impacting the cyber skills gap
FOE Mar 03 The Hacker News
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
FOE Mar 03 The Register (Security)
Gamers furious as Brit studio Cloud Imperium quietly admits to data breach
FRIEND Mar 03 CSO Online
Das gehört in Ihr Security-Toolset
FOE Mar 03 The Register (Security)
Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery
FOE Mar 03 Bleeping Computer
CyberStrikeAI tool adopted by hackers for AI-powered attacks
FOE Mar 03 Sophos News
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
FRIEND Mar 02 EFF Deeplinks
EFF to Court: Don’t Make Embedding Illegal
FRIEND Mar 02 EFF Deeplinks
EFF to Court: Don’t Make Embedding Illegal
FOE Mar 02 Dark Reading
Critical OpenClaw Vulnerability Exposes AI Agent Risks
FOE Mar 02 Dark Reading
The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era
FOE Mar 02 The Register (Security)
Iran's cyberwar has begun
FOE Mar 02 Dark Reading
30 Alleged Members of 'The Com' Arrested in Project Compass
FOE Mar 02 Bleeping Computer
Fake Google Security site uses PWA app to steal credentials, MFA codes
FRIEND Mar 02 EPIC
EPIC Urges HHS to Prioritize Patient Privacy in Clinical Care AI Uses
FRIEND Mar 02 CSO Online
Vulnerability monitoring service secures public-sector websites faster
FOE Mar 02 Bleeping Computer
Alabama man pleads guilty to hacking, extorting hundreds of women
FOE Mar 02 The Register (Security)
UK Businesses told to brace cyber defenses amid Iran conflict risk
FOE Mar 02 Bleeping Computer
Florida woman imprisoned for massive Microsoft license fraud scheme
FOE Mar 02 The Hacker News
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
FRIEND Mar 02 The Hacker News
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
FRIEND Mar 02 EFF Deeplinks
National Book Tour for Cindy Cohn’s Memoir, ‘Privacy’s Defender’
FRIEND Mar 02 EFF Deeplinks
National Book Tour for Cindy Cohn’s Memoir, ‘Privacy’s Defender’
FOE Mar 02 Bleeping Computer
UK warns of Iranian cyberattack risks amid Middle-East conflict
FOE Mar 02 SecurityWeek
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant
FOE Mar 02 Bleeping Computer
How Deepfakes and Injection Attacks Are Breaking Identity Verification
FOE Mar 02 SecurityWeek
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
FOE Mar 02 The Register (Security)
Memory scalpers hunt scarce DRAM with bot blitz
FOE Mar 02 SecurityWeek
Madison Square Garden Data Breach Confirmed Months After Hacker Attack
FOE Mar 02 The Register (Security)
Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
FOE Mar 02 The Hacker News
⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
FRIEND Mar 02 Dark Reading
Quantum-Resistant Data Diode Secures Sensitive Data on Edge Devices, Critical Systems
FRIEND Mar 02 SecurityWeek
Nick Andersen Appointed Acting Director of CISA
FRIEND Mar 02 SecurityWeek
AWS Expands Security Hub Into a Cross-Domain Security Platform
FOE Mar 02 Bleeping Computer
Anthropic confirms Claude is down in a worldwide outage
FOE Mar 02 Schneier on Security
LLM-Assisted Deanonymization
FOE Mar 02 The Hacker News
How to Protect Your SaaS from Bot Attacks with SafeLine WAF
FOE Mar 02 SecurityWeek
North Korean APT Targets Air-Gapped Systems in Recent Campaign
FRIEND Mar 02 SecurityWeek
Google Working Towards Quantum-Safe Chrome HTTPS Certificates
FRIEND Mar 02 SANS Internet Storm Center
Quick Howto: ZIP Files Inside RTF, (Mon, Mar 2nd)
FRIEND Mar 02 SANS Internet Storm Center
Wireshark 4.6.4 Released, (Mon, Mar 2nd)
FOE Mar 02 SecurityWeek
US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates
FRIEND Mar 02 CSO Online
Innovation without exposure: A CISO’s secure-by-design framework for business outcomes
FOE Mar 02 The Hacker News
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
FOE Mar 02 Dark Reading
Bug in Google's Gemini AI Panel Opens Door to Hijacking
FRIEND Mar 02 CSO Online
A scorecard for cyber and risk culture
FOE Mar 02 The Hacker News
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
FRIEND Mar 02 CSO Online
Hacker erpressen weniger Lösegeld
FRIEND Mar 02 CSO Online
How CISOs can build a resilient workforce
FRIEND Mar 02 CSO Online
Im Fokus: RZ-Modernisierung
FRIEND Mar 02 CSO Online
Im Fokus: RZ-Modernisierung
FOE Mar 02 CSO Online
Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern
FRIEND Mar 02 The Register (Security)
UK government's Vulnerability Monitoring System is working - fixes flow far faster
FOE Mar 02 Risky Business News
Risky Bulletin: LLMs can deanonymize internet users based on their past comments
FOE Mar 02 The Register (Security)
South Korea’s tax office apologizes for leaking seed phrase to seized crypto
FOE Mar 02 Recorded Future Blog
Latin America's Cybersecurity Turning Point: From Reactive Defense to Threat Intelligence
FOE Mar 02 Recorded Future Blog
Ongoing Iran Conflict: What You Need to Know
FOE Mar 01 Bleeping Computer
ClawJacked attack let malicious websites hijack OpenClaw to steal data
FRIEND Mar 01 Bleeping Computer
Samsung TVs to stop collecting Texans’ data without express consent
FOE Mar 01 SecurityWeek
Hackers Weaponize Claude Code in Mexican Government Cyberattack
FOE Mar 01 Sophos News
Cyber Advisory: Increased Cyber Risk Amid U.S.–Israel–Iran Escalation
About Methodology Fair Use Privacy Contact RSS

Scanning the threat landscape.