Tag: threat

Critical Vulnerability in Microsoft Office Allows Malicious Code to Run Remotely

Mar 11, 2026 1:49 PM

Tags: cve, cvss, cyber, flaw, malicious, microsoft, office, remote-code-execution, threat, vulnerability

Microsoft has disclosed a critical security flaw in its Microsoft Office suite, officially tracked as CVE-2026-26110. Released on March 10, 2026, this Remote Code Execution (RCE) vulnerability poses a significant threat to organizations and individuals relying on the widely used productivity software. With a base CVSS score of 8.4, the flaw demands immediate attention from…
Keeper Security launches global campaign highlighting identity-first cybersecurity with Atlassian Williams F1 Team

Mar 11, 2026 12:49 PM

Tags: credentials, cybersecurity, identity, threat

Keeper Security has launched a new global campaign with the Atlassian Williams Formula 1 Team to highlight the growing importance of identity-first cybersecurity, as credential-based threats continue to rise across enterprise environments. The campaign coincides with the start of the 2026 Formula 1 season and marks the third year of Keeper’s partnership as the team’s…
Did cybersecurity recently have its Gatling gun moment?

Mar 11, 2026 12:49 PM

Tags: ai, attack, automation, cyber, cyberattack, cybercrime, cybersecurity, defense, detection, email, endpoint, government, hacker, intelligence, LLM, malicious, malware, phishing, ransomware, siem, social-engineering, spear-phishing, strategy, tactics, threat, tool, update, vulnerability, warfare

inflection point. Both emblematic of an irreversible tipping point, where the nature of conflict was altered by its sudden asymmetry.The Gatling gun is the perfect analogy for the current cyber landscape. Just as it transformed warfare from a manual craft into an industrial process, modern threats have shifted from individual attacks to automated, high-velocity engagements.Here…
Agentic AI security: Why you need to know about autonomous agents now

Mar 11, 2026 11:46 AM

Tags: ai, malicious, risk, risk-management, threat

There are many benefits and security risks of deploying agentic AI within organizations. This blog emphasizes the importance of robust risk management and threat modeling to defend against both internal operational errors and potential malicious exploitation. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/agentic-ai-security-why-you-need-to-know-about-autonomous-agents-now/
Google Warns of AI”‘Driven Adaptive Malware Rewriting Its Own Code

Mar 11, 2026 11:46 AM

Tags: ai, cyber, cybersecurity, google, group, intelligence, malware, mandiant, threat

The cybersecurity landscape experienced a major shift in 2025 as threat actors transitioned from experimenting with artificial intelligence to fully integrating it into real-world cyber operations. According to new insights from the Google Threat Intelligence Group (GTIG) and Mandiant, attackers are now deploying adaptive malware and autonomous AI agents that dynamically modify their behavior during…
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

Mar 11, 2026 10:46 AM

Tags: access, attack, breach, cloud, exploit, github, supply-chain, theft, threat, unauthorized

A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim’s cloud environment within a span of 72 hours.The attack started with the theft of a developer’s GitHub token, which the threat actor then used to gain unauthorized access to…
12 ways attackers abuse cloud services to hack your enterprise

Mar 11, 2026 8:47 AM

Tags: access, ai, api, attack, backdoor, backup, business, ceo, china, cloud, communications, control, corporate, credentials, crowdstrike, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, endpoint, exploit, extortion, firewall, framework, group, hacking, incident, incident response, infrastructure, kubernetes, login, malicious, malware, microsoft, network, openai, phishing, ransomware, russia, service, social-engineering, threat, tool

Hiding command-and-control in trusted APIs: Attackers are also forging malware that routes C2 traffic through trusted services such as OpenAI APIs.For example, the SesameOp backdoor routes traffic through OpenAI’s Assistants API, masking C2 communications as legitimate AI development work.”In cases such as the SesameOp backdoor, traffic looks like normal AI development activity,” says Parthiban Jegatheesan,…
Microsoft Active Directory Flaw Allows Attackers to Escalate Privileges

Mar 11, 2026 8:47 AM

Tags: cve, cyber, flaw, identity, infrastructure, microsoft, service, threat, update, vulnerability

Microsoft has released a critical security update addressing a high-severity elevation of privilege vulnerability in Active Directory Domain Services (AD DS). This flaw, patched during the March 10, 2026, Patch Tuesday rollout, poses a significant threat to enterprise identity infrastructure by allowing attackers to gain SYSTEM-level access. Tracked as CVE-2026-25177, this security defect carries a…
HR Departments Targeted by Multi-Layered BlackSanta EDR Killer Malware

Mar 11, 2026 7:47 AM

Tags: attack, cloud, cyber, edr, jobs, malware, threat

Threat actors are increasingly targeting human resources (HR) departments by disguising malware as job application documents. The attack begins with what appears to be a legitimate job application. HR professionals receive a resume hosted on a well-known cloud storage platform, making the file seem trustworthy. The candidate profile looks realistic and relevant to open positions,…
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Mar 11, 2026 7:47 AM

Tags: ai, cybersecurity, data, exploit, malicious, rust, threat

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors.The Rust packages, published to crates.io, are listed below -chrono_anchordnp3timestime_calibratortime_calibratorstime-syncThe crates, per Socket, impersonate timeapi.io and were published between late February and early March First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/five-malicious-rust-crates-and-ai-bot.html
Zero Trust Architecture for Decentralized MCP Tool Discovery

Mar 11, 2026 5:48 AM

Tags: ai, threat, tool, zero-trust

Secure decentralized Model Context Protocol (MCP) tool discovery with Zero Trust. Learn about quantum-resistant P2P security and AI threat detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/zero-trust-architecture-for-decentralized-mcp-tool-discovery/
New ‘BlackSanta’ EDR killer spotted targeting HR departments

Mar 11, 2026 12:47 AM

Tags: edr, malware, russia, threat

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-blacksanta-edr-killer-spotted-targeting-hr-departments/
AI Startup Jazz Secures $61M to Rethink Data Loss Prevention

Mar 10, 2026 11:48 PM

Tags: ai, cybersecurity, data, risk, startup, threat

Startup Exits Stealth Targeting Insider Risk, Shadow AI and GenAI Data Exposure. Cybersecurity startup Jazz has raised $61 million with an AI-driven approach to data loss prevention. Its platform deploys agent investigators that analyze data context, users, systems and processes to detect insider threats and risky AI usage more accurately than legacy rule-based tools. First…
Bitdefender Threat Debrief – March 2026

Mar 10, 2026 10:48 PM

Tags: group, threat

<div cla Ransomware Group AtomSilo Returns After 5 Year Absence First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bitdefender-threat-debrief-march-2026/
Iranian APT Hack Targets US Airport Bank and Software Company

Mar 10, 2026 10:48 PM

Tags: apt, cyber, finance, group, infrastructure, iran, software, threat

Critical infrastructure organizations continue to face sustained pressure from nation-state cyber operations. Airports, financial institutions, and software companies represent high-value targets because of the operational and economic disruption that a successful intrusion can create. New reporting from SecurityWeek details how an Iranian advanced persistent threat group conducted cyber intrusions against organizations, including a U.S. airport,…
Google Cloud Security Threat Horizons Report #13 (H1 2026) Is Out!

Mar 10, 2026 9:48 PM

Tags: access, ai, apt, attack, cloud, credentials, cybersecurity, data, email, exploit, extortion, google, incident response, injection, intelligence, LLM, metric, phishing, ransomware, rce, remote-code-execution, saas, service, social-engineering, software, theft, threat, vulnerability, zero-day

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #13 (full version, no info to enter!) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3, #4, #5, #6, #7, #8, #9, #10, #11 and #12).…
Threat intelligence by ESET is a game changer

Mar 10, 2026 9:48 PM

Tags: ai, business, ciso, cybersecurity, data, detection, edr, exploit, identity, india, intelligence, phishing, service, social-engineering, threat, vulnerability, zero-day

The Advent of AI Ransomware detections in India surged by 70% between the second half of 2024 and the first half of 2025 as per ESET’s Telemetry. Phishing remains the most prevalent cyberthreat affecting Indian users, underscoring the ongoing need for vigilance and education around social engineering tactics.Attacks are increasing on edge systems and appliances as…
Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit

Mar 10, 2026 9:48 PM

Tags: malware, russia, threat

After several years of using simple implants, the Russia-affiliated actor is back with two new sophisticated malware tools. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/sednit-resurfaces-with-sophisticated-new-toolkit
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Mar 10, 2026 7:49 PM

Tags: breach, credentials, cybersecurity, exploit, firewall, network, service, threat, vulnerability

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology First seen on thehackernews.com Jump…
The Economic Argument: The Real Cost of Insecure APIs in the AI Era

Mar 10, 2026 3:48 PM

Tags: access, ai, api, application-security, attack, business, compliance, control, corporate, cybersecurity, data, defense, exploit, finance, flaw, framework, governance, identity, injection, international, jobs, malicious, privacy, regulation, risk, threat, tool, vulnerability

When cybersecurity teams talk about risk, they usually speak in technical terms like vulnerabilities, exploits, and attack vectors. But when they walk into the boardroom, they need to speak a different language. They need to speak about cost. In the era of AI, the cost of insecure APIs has shifted from a potential liability to…
Finnish intelligence warns of persistent cyber espionage from Russia, China

Mar 10, 2026 3:48 PM

Tags: china, country, cyber, cyberespionage, espionage, government, intelligence, russia, threat

Cyberespionage remains the country’s most significant digital threat, with attackers targeting government systems, research institutions and companies developing advanced technologies, according to a new intel report. First seen on therecord.media Jump to article: therecord.media/finnish-intel-warns-espionage-china-russia
The New Turing Test: How Threats Use Geometry to Prove ‘Humanness’

Mar 10, 2026 3:48 PM

Tags: malware, threat

Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, including geometry-based cursor tests and CPU timing checks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-new-turing-test-how-threats-use-geometry-to-prove-humanness/
Top 10 Best Anti-Phishing Tools in 2026

Mar 10, 2026 3:48 PM

Tags: ai, business, cyber, cybersecurity, deep-fake, email, exploit, phishing, spam, threat, tool

The cybersecurity landscape has shifted dramatically, and traditional spam filters are no longer enough to protect sensitive enterprise data. As we navigate through 2026, threat actors are leveraging sophisticated AI-powered exploits to bypass standard security protocols, craft hyper-realistic deepfake audio messages, and execute highly targeted Business Email Compromise (BEC) campaigns. Phishing has evolved from obvious,…
Threat actors use custom AuraInspector to harvest data from Salesforce systems

Mar 10, 2026 2:47 PM

Tags: access, cloud, data, exploit, threat, tool

Attackers are mass-scanning Salesforce Experience Cloud sites using a modified AuraInspector tool to exploit misconfigurations and access sensitive data. Salesforce CSOC warns that threat actors are mass-scanning publicly accessible Experience Cloud sites using a modified version of the AuraInspector tool. AuraInspector is an open”‘source command”‘line tool released by Google/Mandiant to audit Salesforce Aura and Experience…
Attackers Use Malformed ZIP Archives to Evade Antivirus and EDR Tools

Mar 10, 2026 2:47 PM

Tags: antivirus, cyber, cybersecurity, detection, edr, endpoint, malicious, threat, tool

Cybersecurity researchers at the CERT Coordination Center (CERT/CC) have issued a warning regarding a newly disclosed evasion technique tracked as VU#976247. Threat actors are increasingly utilizing malformed ZIP archives to bypass Antivirus (AV) and Endpoint Detection and Response (EDR) scanning engines. By manipulating the internal headers of these archives, attackers can successfully hide malicious payloads,…
APT28 hackers deploy customized variant of Covenant open-source tool

Mar 10, 2026 11:46 AM

Tags: espionage, exploit, framework, group, hacker, open-source, russia, threat, tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apt28-hackers-deploy-customized-variant-of-covenant-open-source-tool/
Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

Mar 10, 2026 11:46 AM

Tags: attack, cve, cyber, data, exploit, flaw, open-source, software, supply-chain, threat, vulnerability

A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this flaw allows unauthenticated attackers to silently overwrite Git Large File Storage (LFS) objects across any repository. By exploiting a lack of content verification, threat actors can conduct stealthy software supply-chain attacks, replacing legitimate project…
Zero Day: Unternehmen sind das neue Hauptziel

Mar 10, 2026 9:48 AM

Tags: google, group, intelligence, threat, zero-day

Die Google Threat Intelligence Group (GTIG) hat ihren jährlichen Zero-Day-Bericht veröffentlicht: Sie hat im Jahr 2025 insgesamt 90 Zero-Day-Sicherheitslücken identifiziert, die in freier Wildbahn ausgenutzt wurden. Obwohl diese Zahl niedriger ist als der Rekordwert von 2023 (100), liegt sie deutlich über der Zahl von 2024 (78). Insgesamt scheint sich die jährliche Anzahl in dem Bereich……
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Mar 10, 2026 9:48 AM

Tags: access, cloud, exploit, open-source, threat, tool

Salesforce has warned of an increase in threat actor activity that’s aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector.The activity, per the company, involves the exploitation of customers’ overly permissive Experience Cloud guest user configurations to obtain access to sensitive…
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…