25729
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
📔 Tycoon2FA Phishing Service Resumes Activity Post-Takedown 📔Tycoon2FA phishing platform resumes activity posttakedown, leveraging AITM techniques to bypass MFA.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports 📔High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Trivy Supply Chain Attack Expands With New Compromised Docker Images 📔New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CICD scans.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🦿 Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps 🦿A Windows 11 security update triggered Microsoft app signin failures, prompting an emergency patch and a manual workaround for affected users. The post Windows 11 Patch Triggers SignIn Failures Across Microsoft Apps appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📔 Operation Alice Takes Down 370,000+ Dark Web Sites 📔Germanled policing effort against fraud operation disrupts countless CSAM and cybercrime sites.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems 🖋️Threat actors are suspected to be exploiting a maximumseverity security flaw impacting Quest KACE Systems Management Appliance SMA, according to Arctic Wolf. The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments that's consistent with the exploitation of CVE202532975 on unpatched SMA systems exposed to the internet. It's.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware 🖋️Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and timesensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive recipients into opening.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 The 5 Best VoIP Routers (Wired, Wireless, and Mesh) in 2026 🦿Discover the best VoIP routers for businesses in 2025. Easily compare range, transfer rates, connectivity types, price, and more. The post The 5 Best VoIP Routers Wired, Wireless, and Mesh in 2026 appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦅 The Week in Vulnerabilities: Juniper, Cisco SD-WAN, and Critical ICS Exposure 🦅 Cyble Research Intelligence Labs CRIL tracked 1,641 vulnerabilities between March 04 and March 10, 2026. Of these, 175 vulnerabilities already have publicly available ProofofConcept PoC exploits, significantly increasing the likelihood of realworld attacks. A total of 200 vulnerabilities were rated critical under CVSS v3.1, while 61 received critical severity under CVSS v4.0. Additionally, CISA added multiple vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, highlighting confirmed exploitation in the wild, including legacy flaws still actively weaponized in operational environments. On the industrial side, CISA issued 9 ICS advisories covering 24 vulnerabilities, affecting vendors including Mitsubishi Electric, Hitachi Energy, Mobiliti, ePower, Everon, and ...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
🌊 24/7 Security Monitoring Without Growing Your Team: The Practitioner’s Blueprint from 500+ MDR Deployments 🌊247 security monitoring without hiring more analysts. Practical shift models for teams of 2, 5, and 10 using AI SOC coverage. Explore the blueprint. The post 247 Security Monitoring Without Growing Your Team The Practitioners Blueprint from 500 MDR Deployments appeared first on UnderDefense.
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
📔 Hackers Exploit Critical Langflow Bug in Just 20 Hours 📔Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security 🖋️A new analysis of endpoint detection and response EDR killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver BYOVD by abusing a total of 35 vulnerable drivers. EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security software before deploying fileencrypting malware. This.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks 🖋️Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against webbased attacks carried out via powerful exploit kits like Coruna and DarkSword. These attacks employ malicious web content to target outofdate versions of iOS, triggering an infection chain that leads to the theft of sensitive data. "For example, if you're using an older.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover 🖋️Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that the shortcoming has been exploited in.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams 🖋️Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24hour wait period to install apps from unverified developers in an attempt to balance openness with safety. The new changes come against the backdrop of a developer verification mandate the tech giant announced last year that requires all Android apps to be registered by verified developers to.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
♟️ ‘CanisterWorm’ Springs Wiper Attack Targeting Iran ♟️A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.
📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
🪖 Reflections from the Second NIST Cyber AI Profile Workshop 🪖Thank you to everyone who participated in the Cybersecurity Framework Profile for Artificial Intelligence Cyber AI Profile Workshop in January! The input we received on the Preliminary Draft during this workshop has been invaluable and is informing the development of the next draft of the NIST Cyber AI Profile. We are working toward publishing a full workshop summary soon that captures themes and highlights from the event. In the interim, we would like to share a preview of what we heard Background on the Second Cyber AI Profile Workshop This workshop was a continuation of the past months.
📖 Read more.
🔗 Via "NIST"
----------
👁️ Seen on @cibsecurity
🖋️ ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More 🖋️Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues supply chain attacks hitting CICD setups, longabused IoT devices being shut down, and exploits moving quickly from disclosure to real attacks. There are also new malware tricks.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them 🖋️AWS Bedrock is Amazon's platform for building AIpowered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful but its also what makes Bedrock a target. When an AI agent can query your Salesforce instance, trigger a Lambda function, or pull from a SharePoint.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 CISA Orders US Government to Patch Maximum Severity Cisco Flaw 📔CISA added CVE202620131 to its KEV catalog as it is being used in ransomware campaigns.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper 🖋️Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer environments. The last known clean release of Trivy on Docker Hub is 0.69.3. The malicious versions 0.69.4, 0.69.5, and 0.69.6 have since been removed from the container image library. "New image tags 0.69.5 and.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 The 6 Best Free Antivirus Software Providers for Mac in 2026 🦿Securityconscious Mac users may need more protection than their builtin tools provide. Learn about the extra features and functionality offered by the best free antivirus software providers for Mac in 2026. The post The 6 Best Free Antivirus Software Providers for Mac in 2026 appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📢 Dark web platforms taken down in international operation 📢Operation Alice traced tens of thousands of CSAM and cybercrimeasaservice sites back to one individual.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🦅 North Korea’s Crypto Theft Operations: The Role of Lazarus Group in State-Sponsored Financial Warfare 🦅 The latest Bitrefill cyberattack offers a revealing look into how statesponsored cybercrime has evolved into a strategic financial weapon. The latest development revolves around the threat actor Lazarus Group, a hacking collective widely attributed to the DPRK North Korea, whose operations have blurred the line between cyber espionage and economic warfare. What makes this breach notable is not just the theft itself, but how methodically it reflects the broader pattern of Lazarus Group crypto attacks and the growing threat of North Korean hackers' cryptocurrency operations. Bitrefill, a Swedenbased cryptocurrency gift card platform, disclosed that attackers had infiltrated its systems on March 1, 2026. The breach led to drained crypto wallets and unauthorized access to approxim...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
📔 NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online 📔The National Crime Agencys director general warns that technology is rapidly reshaping crime.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🚀 Move fast and save things: A quick guide to recovering a hacked account 🚀What you do and how fast after an account is compromised often matters more than it may seem.
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
🖋️ Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers 🖋️Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate program called Cobra DocGuard. "Speagle is designed to surreptitiously harvest sensitive information from infected computers and transmit it to a Cobra DocGuard server that has been compromised by the attackers, masking the data exfiltration process as legitimate.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks 🖋️The U.S. Department of Justice DoJ on Thursday announced the disruption of commandandcontrol C2 infrastructure used by several Internet of Things IoT botnets like AISURU, Kimwolf, JackSkid, and Mossad as part of a courtauthorized law enforcement operation. The effort also saw authorities from Canada and Germany targeting the operators behind these botnets, with a number of private.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks 🖋️Artificial Intelligence AI is changing how individuals and organizations conduct many activities, including how cybercriminals carry out phishing attacks and iterate on malware. Now, cybercriminals are using AI to generate personalized phishing emails, deepfakes and malware that evade traditional detection by impersonating normal user activity and bypassing legacy security models. As a result,.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure 🖋️A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities. The security defect, tracked as CVE202633017 CVSS score 9.3, is a case of missing authentication combined with code injection that could result in remote code execution. "The POST apiv1.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity