access ai android api apple attack authentication backdoor breach browser business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud germany google government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
Fast jeder zweite CISO fürchtet Jobverlust nach Vorfall – CISOs müssen die Sprache des Vorstands lernen
Tags: cisoFirst seen on security-insider.de Jump to article: www.security-insider.de/cisos-vorstandssprache-kommunikationsluecke-a-5bd2bb4151a06fb3372e8ff4d78f2647/ also interesting: CISO and CIO Convergence: Ready or Not, Here It Comes Charges Against CISOs Create Worries, Hope in Security Industry: Survey CISOs Transform Into Business-Critical Digital Risk Leaders BSidesSF 2025: CISO Series Podcast LIVE!
-
We Know You Can Pay a Million by Anja Shortland review the terrifying new world of ransomware
Criminals extorting money online have created huge businesses, complete with branding and HRThe birth of ransomware was a stunt that got out of hand. In 1989, an evolutionary biologist called Joseph L Popp Jr was working part time for the World Health Organisation on the Aids epidemic. He was a difficult man. When he was…
-
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf.The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments that’s consistent with the exploitation of CVE-2025-32975 on unpatched SMA systems exposed to the internet. It’s…
-
CanisterWorm Hijacks npm Publisher Accounts, Steals Tokens
A highly automated npm supply chain campaign, dubbed “CanisterWorm,” in which threat actors steal npm access tokens and weaponize legitimate publisher accounts at scale. The group, tracked as “TeamPCP,” has compromised trusted namespaces including @emilgroup and @teale.io, pushing new SDK versions that silently deploy a persistent backdoor and then self-spread across every package the victim…
-
Your AI agents are moving sensitive data. Do you know where?
In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/23/gidi-cohen-bonfy-ai-agent-security/ also interesting: The overlooked risks of poor data hygiene in AI-driven organizations CISOs no closer to containing…
-
Foster City Cyberattack Disrupts Services, Raises Data Breach Fears
A ransomware attack has disrupted municipal operations in Foster City, California, as officials continue to respond. The Bay Area city, home to roughly 34,000 residents, was forced to suspend most public services after suspicious activity was detected early Thursday morning. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/foster-city-cyberattack/ also interesting: 25 on 2025: APAC security thought…
-
Kritische Lücke zwischen Erkennung und Eindämmung von Cyberangriffen
98 % der deutschen Organisationen sind überzeugt, Angriffe erkennen zu können doch fast 40 % haben Schwierigkeiten, sie zu stoppen, während die Anzahl KI-gestützter Angriffe weiter zunimmt. Die Studie »The Containment Gap Exploring the Distance Between Detection and Resilience« hat CyberEdge Group im Auftrag von Illumio durchgeführt (Bildquelle: Illumio) Eine neue… First seen on ap-verlag.de…
-
Erstes Update beim Patchday im März 2026 – Überraschendes Notfall-Update für Windows 11
First seen on security-insider.de Jump to article: www.security-insider.de/windows-11-hotpatch-kb5084597-rras-sicherheitsluecken-ohne-neustart-a-4da1f08a79a0230dd39c21f6cec7a669/ also interesting: Windows-Update verursacht Probleme bei VPNs und NTLM – April-Update kann bei Windows für Probleme mit Active Directory führen Windows 10 KB5039299 update released with 10 changes or fixes 7-ZIP-Schwachstelle ermöglicht MoW-Bypass Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
-
VoidStealer Steals Chrome Secrets Without Injection or Privilege Escalation
A new variant of the MaaS infostealer VoidStealer has become the first malware observed in the wild to weaponize a debugger”‘based bypass for Google Chrome’s Application”‘Bound Encryption (ABE), using hardware breakpoints to steal Chrome’s v20_master_key directly from browser memory. Unlike previous ABE bypasses, this method requires neither SYSTEM”‘level privilege escalation nor code injection into the…
-
CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain
Tags: advisory, apple, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple ecosystem. Officially added to the Known Exploited Vulnerabilities (KEV) catalog on March 20, 2026, these bugs are actively being abused in the wild. Attackers are stringing these specific flaws together to deploy a highly sophisticated…
-
NIST updates its DNS security guidance for the first time in over a decade
DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/23/nist-dns-security-guide-sp-800-81r3/ also interesting: Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity Purdue 2.0? : Rising to the Challenge…
-
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/23/plumber-open-source-gitlab-ci-cd-compliance-scanner/ also interesting: Software Bill of Material umsetzen: Die besten SBOM-Tools Getting the Most Value Out of the OSCP: The PEN-200 Labs ASPM buyer’s…
-
90 % der Unternehmen setzen Security-Teams unter Druck, Identitätskontrollen für KI zu lockern
Neue Studie zeigt fehlende Transparenz bei KI-Identitäten, wachsende Risiken durch Non-Human Identities (NHI) und ein Vertrauensparadox in der KI-Sicherheit Delinea, ein Anbieter von Lösungen zur Sicherung menschlicher und maschineller Identitäten durch zentralisierte Autorisierung, hat seine neue Studie veröffentlicht, die zeigt, wie die schnelle Einführung von KI die Risiken für Identitätssicherheit in Unternehmen verändert [1]…. First…
-
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal accounts of officials and journalists via phishing, gaining access to messages and contacts. Threat actors linked to Russian Intelligence Services are running phishing campaigns to hijack high-value accounts on messaging apps like WhatsApp and Signal, the FBI warns. >>The FBI has identified cyber actors associated with Russian Intelligence Services targeting…
-
When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com Part Three
Dear blog readers, Continuing the “When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Two” blog post series in this post I’ll continue analyzing the next malicious software binary which I obtained by data mining Conti Leaks with a lot of success. …
-
A Compilation of BitCoin Wallet Addresses from the RAMP (Russian Anonymous Marketplace) Forum Members A Compilation
Dear blog readers, In this post I’ll provide actionable intelligence on all the BitCoin wallet addresses from the RAMP (Russian Anonymous Marketplace) forum members with the idea to assist the security community fellow researchers and U.S Law Enforcement on its way to properly track down and prosecute the individuals behind these campaigns. Here’s the compilation:…
-
A Domains Portfolio Belonging to RAMP (Russian Anonymous Marketplace) Forum Members A Compilation
Dear blog readers, In this post I’ll provide actionable intelligence based on the research and analysis which I posted in my previous “Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum – An Analysis” blog post and will provide actionable intelligence on various domain portfolios manage and operated by members of the RAMP (Russian Anonymous Marketplace)…
-
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager
Tags: control, cve, flaw, identity, oracle, rce, remote-code-execution, service, update, vulnerabilityOracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released security updates to address a critical vulnerability, tracked as CVE-2026-21992 (CVSS score of 9.8), affecting Identity Manager and Web Services Manager. The flaw lets unauthenticated attackers over HTTP take control of Oracle Identity Manager and Web…
-
BSidesSLC 2025 Faces In The Fog Seth Law On Unconventional User Enumeration
Tags: lawAuthor, Creator & Presenter: Seth Law, Founder of Redpoint Security Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-faces-in-the-fog-seth-law-on-unconventional-user-enumeration/ also interesting: How Cybercrime Empires Are Built UK cyber law delays ‘deeply concerning,’ say MPs Resecurity Caught…
-
VoidStealer malware steals Chrome master key via debugger trick
An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/voidstealer-malware-steals-chrome-master-key-via-debugger-trick/ also interesting: Privacy Roundup: Week 6 of Year 2025 Hardening browser security with zero-trust controls Secure web browsers for…
-
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CISA added the three…
-
Sorry, Amazon, you couldn’t pick a worse time to bring a phone to market: IDC analyst
Tags: phoneThe market is contracting First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/amazon_phone_worst_possible_time/ also interesting: How Apple Intelligence’s Privacy Stacks Up Against Android’s ‘Hybrid AI’ Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands Scammers cash in on tax season How to Set Up and Use a Burner Phone
-
Sorry, Amazon, you couldn’t pick a worse time to bring a phone to market: IDC analyst
Tags: phoneThe market is contracting First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/amazon_phone_worst_possible_time/ also interesting: New ATT data breach exposed call logs of almost all customers 6 hot cybersecurity trends SIMCARTEL operation: Europol takes down SIM-Box ring linked to 3,200 scams South Korea to require facial recognition for new mobile numbers
-
FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps
The post FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/fbi-warns-russian-intelligence-phishing-signal-messaging-apps/ also interesting: Lithuania: Russian military intelligence behind plot to parcel bomb cargo planes Russia fires its biggest cyberweapon against Ukraine Russian APT28 Hackers Exploit Zero-Day Vulnerabilities to Target Government and Security…
-
What Is Physical AI, and What Does It Mean for Government?
From Davos insights to state readiness, let’s explore how robotics and sensors are moving artificial intelligence into the physical world. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/what-is-physical-ai-and-what-does-it-mean-for-government/ also interesting: China-linked hackers target Taiwan chip firms in a coordinated espionage campaign AI in Government TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity…
-
FIRESIDE CHAT: In the AI age, your MFA, authentication apps can be compromised in minutes
The authentication layer that corporate America spent a decade building is now a liability. Listen to the podcast:The day MFA became the problem That’s the blunt assessment of Kevin Surace, chairman of Token, a Rochester, N.Y.-based security company… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/fireside-chat-in-the-ai-age-your-mfa-authentication-apps-can-be-compromised-in-minutes/ also interesting: Summer: Why cybersecurity must be strengthened…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware malware analysis DRILLAPP: new backdoor targeting Ukrainian entities with possible links to Laundry Bear When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation AI Coding Tools Under Fire: […]…
-
Week in review: ScreenConnect servers open to attack, exploited Microsoft SharePoint flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What smart factories keep getting wrong about cybersecurity In this Help Net … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/22/week-in-review-screenconnect-servers-open-to-attack-exploited-microsoft-sharepoint-flaw/ also interesting: Getting the Most Value Out of the OSCP: After the Exam Unplug Gemini from email and calendars,…
-
Kontrolle in der KI-Ära: Wie Unternehmen den Überblick über ihre Agenten behalten
Ein zentrales Element dabei ist die neue Plattform Okta for AI Agents, die ab dem 30. April 2026 verfügbar sein soll. Sie hilft Unternehmen dabei, genau diese Prinzipien praktisch umzusetzen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kontrolle-in-der-ki-aera-wie-unternehmen-den-ueberblick-ueber-ihre-agenten-behalten/a44235/ also interesting: Okta Introduces Cross App Access to Secure AI Agents in Enterprise Okta Introduces Access Control…
-
UK to rethink tech buying after Palantir contracts
Tags: governmentGovernment looks for sovereign tech as NHS deal nears break clause First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/uk_palantir_contracts/ also interesting: Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment Russian Hackers Imitate European Events in Coordinated Phishing Campaigns…
-
Medizin der Zukunft: Joint Venture von Charité und Schwarz Digits soll Digitale Souveränität stärken
Tags: unclassifiedFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/medizin-zukunft-joint-venture-charite-schwarz-digits-digital-souveraenitaet-staerkung also interesting: USENIX Security ’23 TVA: A Multi-Party Computation System For Secure And Expressive Time Series Analytics The Secret Weakness Execs Are Overlooking: Non-Human Identities Check Point stattet Tuttnauer mit fortschrittlicher IT-Sicherheit für medizinische Geräte aus How VR May Transform Security Operations Centers (SOCs)
-
Resilienz: Die unterschätzte Ressource im Datenschutzmanagement
Angesichts zunehmender geopolitischer Unsicherheiten, KI”‘gestützter Cyberangriffe und wachsender regulatorischer Anforderungen wird Cyberresilienz zu einer zentralen Voraussetzung wirksamen Datenschutzmanagements. Der Beitrag zeigt, warum rein reaktive Sicherheitsmaßnahmen nicht ausreichen und wie ein mehrschichtiger, systematischer Resilienzansatz den Schutz, die Verfügbarkeit und die Wiederherstellbarkeit von Daten nachhaltig stärkt. Cyberresilienz wird dabei als integraler Bestandteil moderner IT”‘ und Datenschutzarchitekturen verstanden,……
-
Cyberkriminelle nehmen vermehrt kritische Infrastrukturen ins Visier
Angriffe auf kritische Infrastruktur erfolgen immer häufiger über cyberphysische Systeme Vier von fünf Angriffe (82 %) erfolgen über exponierte, mit dem Internet verbundenen Ressourcen Attacken größtenteils durch politische oder gesellschaftliche Ziele motiviert Cyberphysische Systeme (CPS) werden mehr und mehr zu einem bevorzugten Ziel opportunistischer Angreifer. Dabei sind viele der Attacken von geopolitischen Ereignissen beeinflusst… First…
-
Malware auf Steam: FBI sucht Gamer hast du eines dieser Spiele gespielt?
Tags: malwareFirst seen on t3n.de Jump to article: t3n.de/news/malware-steam-fbi-sucht-gamer-infizierte-spiele-1734132/ also interesting: ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy MiniFlame Malware Another Link Between Flame, Gauss Espionage Attacks Email Gateway Security Gaps Enable New Malware Tactics DeepSeek-R1 Can Almost Generate Malware
-
Zimperium warnt vor neuer BankingWelle: 1.243 Apps kompromittiert
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/zimperium-warnung-neu-banking-malware-welle-1243-apps-kompromittierung also interesting: New Banking Malware Exploits WhatsApp to Hijack Your Computer Remotely Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders
-
RSAC 2026 Innovation Sandbox – ZeroPath: From Alarm Accumulation to Executable Fixes
Company Profile ZeroPath is an AI-native application security startup founded in 2024, and its core products also use the eponymous brand ZeroPath. The company focuses on using AI to automatically discover, verify and fix code vulnerabilities, trying to break through the limitations of traditional SAST, SCA, Secrets scanning and IaC scanning that are fighting each…The…
-
Millionen Kanäle gelöscht: Massive Razzien bei Telegram
Tags: unclassifiedIn der Spitze wurden zuletzt 500.000 Kanäle an nur einem Tag deaktiviert. Doch Cyberkriminelle bleiben aktiv und passen sich an. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/million-razzien-telegram also interesting: CIAM Build versus Buy Bildkomposition: Fünf Profi-Tipps für bessere Fotos… Weihnachtswunder oder Schnäppchenfalle? 8 Tipps, um Fake Shops zu entlarven Riesiges Bot-Netzwerk entdeckt: 30.000 deutsche…
-
Security Affairs newsletter Round 568 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WorldLeaks ransomware group breached the City of Los Angels PolyShell flaw exposes Magento and Adobe Commerce…
-
Does your NHI system deliver essential value
Is Your Organization’s Non-Human Identity Strategy Robust Enough? What if the backbone of your organization’s cybersecurity strategy is more susceptible to breaches than you think? Where machine identities increasingly outnumber human ones, focusing on Non-Human Identities (NHIs) is critical. NHIs serve as the “tourists” navigating through vast cloud environments. Much like human identities, they require……
-
Is your Agentic AI optimized for latest threats
What Are Non-Human Identities (NHIs) and Why Are They Critical in Cybersecurity? How do we ensure the security of these interactions? The concept of Non-Human Identities (NHIs) offers a compelling solution. NHIs, an advanced concept in cybersecurity, are designed to safeguard machine identities, ensuring that their actions are secure from creation to decommissioning. The Relevance……
-
How relieved are you with your secrets vaulting strategy
Are You Confident in Your Secrets Vaulting Strategy? The management of machine identities”, what the industry terms Non-Human Identities (NHIs)”, has become a linchpin in safeguarding cloud environments. When organizations increasingly transition to cloud-based architectures, ensuring the security of NHIs and their associated secrets is paramount. But how can organizations feel truly reassured in their…
-
How relieved are you with your secrets vaulting strategy
Are You Confident in Your Secrets Vaulting Strategy? The management of machine identities”, what the industry terms Non-Human Identities (NHIs)”, has become a linchpin in safeguarding cloud environments. When organizations increasingly transition to cloud-based architectures, ensuring the security of NHIs and their associated secrets is paramount. But how can organizations feel truly reassured in their…
-
How relieved are you with your secrets vaulting strategy
Are You Confident in Your Secrets Vaulting Strategy? The management of machine identities”, what the industry terms Non-Human Identities (NHIs)”, has become a linchpin in safeguarding cloud environments. When organizations increasingly transition to cloud-based architectures, ensuring the security of NHIs and their associated secrets is paramount. But how can organizations feel truly reassured in their…
-
How relieved are you with your secrets vaulting strategy
Are You Confident in Your Secrets Vaulting Strategy? The management of machine identities”, what the industry terms Non-Human Identities (NHIs)”, has become a linchpin in safeguarding cloud environments. When organizations increasingly transition to cloud-based architectures, ensuring the security of NHIs and their associated secrets is paramount. But how can organizations feel truly reassured in their…
-
How relieved are you with your secrets vaulting strategy
Are You Confident in Your Secrets Vaulting Strategy? The management of machine identities”, what the industry terms Non-Human Identities (NHIs)”, has become a linchpin in safeguarding cloud environments. When organizations increasingly transition to cloud-based architectures, ensuring the security of NHIs and their associated secrets is paramount. But how can organizations feel truly reassured in their…
-
Supermicro co-founder arrested, charged over $2.5B Nvidia GPU sales to China
Indictment claims dummy servers and bogus docs used to slip past US export controls First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/supermicro_nvidia_gpu_charges/ also interesting: DeepSeek hit by cyberattack and outage amid breakthrough success DeepSeek’s Rise Shows Limits of US Chip Controls Singapore to Probe DeepSeek’s High-End Nvidia Chip Purchases Nvidia and AMD Agree to Revenue…
-
Jeff Bezos’ rocket company Blue Origin applies to launch 51,000 datacenter satellites
Tags: network‘Project Sunrise’ needs a network that doesn’t exist, a rocket that’s hardly flown, and FCC approval First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/blue_origin_project_sunrise_orbital_datacenter/ also interesting: Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’ Russia-linked disinformation floods Poland, Romania as voters cast ballots Evil Twin Wi”‘Fi Hacker Jailed for Stealing Data…
-
NVIDIA’s BlueField-4 STX Aims to Fix the Storage Problem AI Agents Keep Running Into
The AI industry has a storage problem. As AI agents take on longer sessions, multi-step reasoning and expanding context windows, the GPUs doing the heavy lifting keep waiting on data. Traditional storage architectures weren’t built for this kind of sustained, real-time demand, and the result is expensive hardware sitting underutilized. NVIDIA’s answer is BlueField-4 STX,..…
-
NVIDIA Takes AI Computing to Orbit With New Space Platforms
NVIDIA is sending its chips to space. At GTC 2026, the company announced a suite of accelerated computing platforms designed to bring data-center-class AI to orbital data centers, geospatial intelligence and autonomous space operations. The headline product is the Space-1 Vera Rubin Module, which delivers up to 25x more AI compute for space-based inferencing compared..…