As AI adoption matures, one trend is becoming impossible to ignore: the line between internal and customer-facing capabilities is blurring. AI agents that automate internal workflows or support employees are now being adapted into customer-facing use cases, powering chat assistants,…
Cybersecurity professionals are burning out on extra hours every week
Cybersecurity professionals in the U.S. are working an average of 10.8 extra hours per week beyond their contracted schedules, according to survey data collected from 300 cybersecurity and IT leaders by Sapio Research. That figure effectively adds a sixth working…
Silver Dragon APT Group Exploits Google Drive for Covert Attacks on Europe, Asia
Silver Dragon is a Chinese‑aligned APT group that has been targeting public sector and high‑profile organizations in Europe and Southeast Asia since at least mid‑2024, with strong operational overlap to APT41 tradecraft. The group combines classic post‑exploitation tooling like Cobalt…
mquire: Open-source Linux memory forensics tool
Linux memory forensics has long depended on debug symbols tied to specific kernel versions. These symbols are not installed on production systems by default, and sourcing them from external repositories creates a recurring problem: repositories go stale, kernel builds diverge,…
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score:…
AI Driven Warare
AI-Driven Warfare, Open-Source Attack Tooling, CISA Shakeups, Healthcare Ransomware, and GPS Jamming Risks Host David Shipley covers reports that hacked Tehran traffic cameras and an AI-powered targeting system helped a joint U.S.-Israeli operation (“Epic Fury”) track and strike Iran’s leadership,…
Thousands of iPhones Compromised in Massive Hack via Coruna Exploit Kit with 23 Vulnerabilities
Security researchers from the Google Threat Intelligence Group (GTIG) have uncovered “Coruna,” a highly sophisticated iOS exploit kit responsible for compromising thousands of iPhones. Targeting iOS versions 13.0 through 17.2.1, the framework contains five complete exploit chains leveraging a staggering…
Malicious Laravel Packages Deploy PHP RAT, Grant Remote Access to Attackers
Malicious Packagist packages masquerading as Laravel helper utilities are delivering an obfuscated PHP remote access trojan (RAT) that grants full remote control over compromised hosts. Two of these, nhattuanbl/lara-helper and nhattuanbl/simple-queue, embed a byte‑for‑byte identical RAT payload in src/helper.php. A third package, nhattuanbl/lara-swagger, appears benign…
Windows 11 23H2 to 25H2 Upgrade Reportedly Disrupts Internet Connectivity for Users
A persistent bug in Windows 11 in-place upgrades is reportedly wiping critical 802.1X wired authentication configurations, leaving enterprise workstations completely offline until manual intervention occurs. System administrators across Reddit’s r/sysadmin community are raising alarms, warning that this issue has reappeared…
Windows 11 23H2 to 25H2 Upgrade Allegedly Breaking Internet Connectivity
A persistent bug in Windows 11 in-place upgrades is reportedly wiping critical 802.1X wired authentication configurations, leaving enterprise workstations completely offline until manual intervention is performed. System administrators across Reddit’s r/sysadmin community are raising alarms as the issue originally observed…
Cybersecurity is now the price of admission for industrial AI
Industrial organizations are accelerating AI deployment across manufacturing, utilities, and transportation and running straight into a security problem. Cisco’s 2026 State of Industrial AI Report, based on responses from more than 1,000 decision-makers across 19 countries, finds that cybersecurity has…
Why workforce identity is still a vulnerability, and what to do about it
Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secured.” But the problem can be…
IT Security News Hourly Summary 2026-03-04 06h : 2 posts
2 posts were published in the last hour 5:4 : Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products 4:6 : Coruna Exploit Kit With 23 Exploits Hacked Thousands of iPhones
Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, Microsoft Office, and Visual Studio Code. These vulnerabilities include privilege escalation, remote…
Coruna Exploit Kit With 23 Exploits Hacked Thousands of iPhones
Google’s Threat Intelligence Group (GTIG) has uncovered Coruna, a sophisticated iOS exploit kit containing 23 exploits across five full exploit chains that compromised thousands of iPhones running iOS 13.0 through 17.2.1 throughout 2025. The Coruna exploit kit is an advanced,…
IT Security News Hourly Summary 2026-03-04 03h : 3 posts
3 posts were published in the last hour 2:4 : ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th) 2:4 : Google feels the need for security speed, so will ship Chrome updates every two weeks 1:34 :…
ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, March 4th, 2026…
Google feels the need for security speed, so will ship Chrome updates every two weeks
Retains eight-weekly Extended Stable releases but warns fortnightly updates are the best way to stay safe Google will halve the time between releases of its Chrome browser to two weeks, across versions of the software for desktop operating systems, Android,…
The DocuSign Email That Wasn’t – A Three-Redirect Credential Harvest
TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI…
N8N: Shared Credentials and Account Takeover
Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s security. This finding highlights the core risks of centralized authentication in workflow automation platforms. As n8n serves as the central hub…
A suite of government hacking tools targeting iPhones is now being used by cybercriminals
Security researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They warned of an emerging market for “second hand” exploits. This article has been indexed from Security News | TechCrunch Read the…
Facebook is experiencing a global outage
Facebook is experiencing a global outage since 4:15 PM ET, with users reporting they cannot access their accounts. Facebook users worldwide report problems while attempting to access their accounts. The outage started around 4:15 PM ET. Upon attempting to access their account,…
Dev stunned by $82K Gemini bill after unknown API key thief goes to town
Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked…
IT Security News Hourly Summary 2026-03-04 00h : 5 posts
5 posts were published in the last hour 22:55 : IT Security News Daily Summary 2026-03-03 22:34 : How is AI security getting better over the years 22:34 : Can advanced AI security solutions help you feel more relaxed 22:34…