Tag: attack

Middle East Conflict Fuels Opportunistic Cyber Attacks

Mar 6, 2026 9:47 PM

Tags: access, advisory, api, apt, attack, authentication, awareness, backdoor, best-practice, breach, browser, business, chrome, cloud, crypto, cyber, cybercrime, cybersecurity, data, defense, endpoint, exploit, fraud, google, government, identity, infection, Internet, iran, iraq, malicious, malware, mfa, middle-east, military, monitoring, network, password, phishing, PurpleTeam, radius, risk, risk-assessment, scam, service, software, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that capitalizes on the elevated political climate in the Middle East. This increased malicious activity includes discoveries that are directly tied to the ongoing conflict, alongside other related findings. ThreatLabz…
5 Actions Critical for Cybersecurity Leadership During International Conflicts

Mar 6, 2026 8:46 PM

Tags: attack, backup, business, cloud, corporate, cyber, cybersecurity, data, exploit, government, incident response, infrastructure, international, iran, middle-east, military, network, resilience, risk, risk-assessment, russia, saas, service, supply-chain, technology, threat, ukraine, update, vulnerability, warfare

The recent military attacks involving Iran in the Middle East are a stark reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness. Every crisis that elevates to military engagements between cyber-active participants, changes the risk landscape of businesses, for people, operations, and data. This includes the…
Building Bridges, Breaking Pipelines: Introducing Trajan

Mar 6, 2026 7:50 PM

Tags: attack, detection, github, gitlab, open-source, risk, tool, vulnerability

TL;DR: Trajan is an open-source CI/CD security tool from Praetorian that unifies vulnerability detection and attack validation across GitHub Actions, GitLab CI, Azure DevOps, and Jenkins in a single cross-platform engine. It ships with 32 detection plugins and 24 attack plugins covering poisoned pipeline execution, secrets exposure, self-hosted runner risks, and AI/LLM pipeline vulnerabilities. It……
Cyberattacks and Unpredictable Targeting Remain an Iran Risk

Mar 6, 2026 7:50 PM

Tags: attack, cyberattack, iran, monitoring, risk

Experts Urge Preparedness, Nonstop Vigilance, See Ongoing Risk of Online Reprisals. Seven days into the United States and Israel continuing major combat operations against Iran, Tehran continues to respond with kinetic attacks against neighboring countries. While no cyberattacks have emerged, experts see unpredictability and continue to urge caution, monitoring and preparedness. First seen on govinfosecurity.com…
Scattered Spider attack on TfL affected 10 million people

Mar 6, 2026 6:47 PM

Tags: attack, data

The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639589/Scattered-Spider-attack-on-TfL-affected-10-million-people
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks

Mar 6, 2026 6:47 PM

Tags: attack, cisa, crypto, cyberespionage, exploit, flaw, theft, update

CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-apple-flaws-exploited-in-spyware-crypto-theft-attacks/
Nearly half of exploited zero-day flaws target enterprise-grade technology

Mar 6, 2026 5:46 PM

Tags: ai, attack, exploit, flaw, google, group, intelligence, technology, threat, zero-day

A report by Google Threat Intelligence Group warns that AI will be used to speed and scale attacks in 2026. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/half-exploited-zero-day-flaws-enterprise-grade-technology/814021/
CISA warns of Apple flaws exploited in spyware, crypto-theft attacks

Mar 6, 2026 5:46 PM

Tags: apple, attack, cisa, crypto, cyberespionage, exploit, flaw, spyware, theft, update

CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-apple-flaws-exploited-in-spyware-crypto-theft-attacks/
Cisco warns of two more SD-WAN bugs under active attack

Mar 6, 2026 4:48 PM

Tags: attack, cisco, flaw

Switchzilla says flaws could allow file overwrites or privilege escalation First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/cisco_sdwan_bugs/
Fake Claude Code install guides push infostealers in InstallFix attacks

Mar 6, 2026 4:48 PM

Tags: attack, guide, malicious, social-engineering, threat

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate command line interface (CLI) tools. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-claude-code-install-guides-push-infostealers-in-installfix-attacks/
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Mar 6, 2026 4:48 PM

Tags: access, attack, cybersecurity, malware, rat, threat

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT.The stealthy attack chain has been codenamed VOID#GEIST by Securonix Threat Research.At a high level, the obfuscated batch script is used to…
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

Mar 6, 2026 3:48 PM

Tags: attack, exploit, malicious, microsoft, risk, social-engineering, windows

Microsoft warns of ClickFix campaign using Windows Terminal to deliver Lumma Stealer via social engineering attacks. Microsoft revealed a new ClickFix campaign where attackers exploit Windows Terminal to run a complex attack chain, ultimately deploying Lumma Stealer malware. The campaign uses social engineering to trick users into executing malicious commands, highlighting growing risks to Windows…
Norway braced for foreign AI cyber attacks on vital petroleum computing

Mar 6, 2026 3:48 PM

Tags: ai, attack, computing, cyber, vulnerability

Nordic petrostate is preparing for war and turning the spotlight on vulnerabilities in its critical industries, as adversaries look for ways to damage the most important oil and gas producer to the EU First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639751/Norway-braced-for-foreign-AI-cyber-attacks-on-vital-petroleum-computing
Iran’s Cyber-Kinetic War Doctrine Takes Shape

Mar 6, 2026 3:48 PM

Tags: attack, cctv, cyber, hacking, iran, warfare

Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one in the same. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-cyber-kinetic-war-doctrine
RMM Tools Crucial for IT Operations, But Growing Threat as Attackers Weaponize Them

Mar 6, 2026 2:47 PM

Tags: access, attack, cyber, cybercrime, exploit, malicious, network, phishing, social-engineering, software, threat, tool

Threat actors are increasingly weaponizing trusted administrative software to bypass security defenses. By exploiting legitimate software, cybercriminals gain persistent, hands-on-keyboard (HOK) access while hiding within normal network activity. Initial Access and Attack Methods RMM compromises typically begin with targeted social engineering and phishing campaigns. Attackers trick employees into downloading a malicious RMM agent disguised as…
Zero”‘Day Attacks on Enterprise Software Reach Record High, Google Warns

Mar 6, 2026 2:47 PM

Tags: attack, google, software, zero-day

Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/zero-day-enterprise-record-high/
Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets

Mar 6, 2026 12:47 PM

Tags: apache, attack, cve, cyber, data, dos, flaw, malicious, network, open-source, service, vulnerability

Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker behavior and potential denial-of-service (DoS) conditions by sending specifically crafted, malformed network packets. A successful attack against a message…
Ghanain man pleads guilty to role in $100 million fraud ring

Mar 6, 2026 11:47 AM

Tags: attack, business, email, fraud

A Ghanaian national pleaded guilty to his role in a massive fraud ring that stole over $100 million from victims across the United States through business email compromise attacks and romance scams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ghanain-man-pleads-guilty-to-role-in-100-million-fraud-ring/
AWS-LC Flaw Exposes Amazon Users to Attacks by Bypassing Certificate Chain Validation

Mar 6, 2026 10:47 AM

Tags: attack, cloud, cyber, flaw, open-source, risk, vulnerability

Amazon issued a critical security bulletin (2026-005-AWS) detailing three high-severity vulnerabilities in AWS-LC, its open-source cryptographic library. Discovered through a coordinated disclosure process with the AISLE Research Team, these flaws pose a serious risk to cloud infrastructure. Developers rely heavily on AWS-LC as a general-purpose library to secure digital communications. Because of this widespread use,…
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks

Mar 6, 2026 10:47 AM

Tags: attack, cloud, container, cyber, infrastructure, injection, iot, linux, threat, windows

Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Linux rootkits have evolved significantly. While early threats relied on easily detectable userland shared object injections…
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

Mar 6, 2026 10:47 AM

Tags: attack, china, cisco, hacker, infrastructure, linux, threat, usa, windows

A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants.The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as closely associated with another cluster known as FamousSparrow.It’s worth First seen…
What Is Address Poisoning

Mar 6, 2026 9:48 AM

Tags: attack, blockchain, crypto, cybercrime, exploit, hacking, tactics, threat

As cryptocurrency adoption continues to grow, so do the tactics used by cybercriminals to exploit users. One of the emerging threats in the blockchain ecosystem is address poisoning, a subtle yet highly deceptive attack designed to trick users into sending funds to fraudulent wallet addresses. Unlike traditional hacking methods that rely on breaching systems,… First…
Zero-day exploits hit enterprises faster and harder

Mar 6, 2026 9:48 AM

Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-day

Enterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…
China-Nexus Hackers Target Telecommunication Providers with New Malware Attack

Mar 6, 2026 9:48 AM

Tags: attack, china, cyber, espionage, group, hacker, infrastructure, malware, network, threat, usa

A highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since 2024. Security researchers assess with high confidence that UAT-9244 exhibits close operational overlap with known espionage groups such as FamousSparrow and Tropic Trooper. To maintain a strong foothold in victim networks, the hackers deploy a…
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Mar 6, 2026 9:48 AM

Tags: attack, microsoft, social-engineering, windows

Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware.The activity, observed in February 2026, makes use of the terminal emulator program instead of instructing users to launch the Windows…
Google says spyware makers and China-linked groups dominated zero-day attacks last year

Mar 6, 2026 1:46 AM

Tags: attack, china, google, group, spyware, zero-day

Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech First seen on theregister.com Jump to article: www.theregister.com/2026/03/05/zero_day_attacks_enterprise_tech_record/
Google says spyware makers and China-linked groups dominated zero-day attacks last year

Mar 6, 2026 1:46 AM

Tags: attack, china, google, group, spyware, zero-day

Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech First seen on theregister.com Jump to article: www.theregister.com/2026/03/05/zero_day_attacks_enterprise_tech_record/
Defending Against Iranian Cyber Threats in the Wake of Operation Epic Fury

Mar 6, 2026 12:47 AM

Tags: attack, cyber, cyberattack, dns, government, infrastructure, Internet, iran, military, threat

On February 28, 2026, the United States and Israel launched Operation Epic Fury (U.S.) and Operation Roaring Lion (Israel), a coordinated military and cyber campaign targeting Iranian military installations, IRGC leadership, and government infrastructure. U.S. Cyber Command was designated the “first mover,” with cyber operations beginning before any kinetic weapons were deployed. In the first…
The Hidden Cyber Risks of Remote Work Infrastructure

Mar 5, 2026 11:46 PM

Tags: attack, cyber, data, infrastructure, phishing, risk, vulnerability, wifi

Hidden cyber risks in remote work include insecure home Wi-Fi, phishing attacks, and data exposure, leaving businesses and employees vulnerable to breaches. First seen on hackread.com Jump to article: hackread.com/hidden-cyber-risks-remote-work-infrastructure/
Hackers Used New Exploit Kit to Compromise Thousands of iPhones

Mar 5, 2026 11:46 PM

Tags: attack, espionage, exploit, hacker, iphone, vulnerability

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime. The post Hackers Used New Exploit Kit to Compromise Thousands of iPhones appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-coruna-exploit-kit-thousands-of-iphones-compromised/