In surprise move, OpenAI to discontinue Sora video-generation service, six months after launching stand-alone app, as it shifts focus This article has been indexed from Silicon UK Read the original article: OpenAI Shuts Down Sora Video-Generation Tool
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
SmartApeSG ClickFix Campaign Spreads Remcos, NetSupport RAT, StealC, Sectop RAT
A recent SmartApeSG campaign observed on March 24, 2026, highlights the growing sophistication of ClickFix-based attack chains, which deliver multiple remote access trojans (RATs) and information stealers through a staged infection process. The infection begins with the ClickFix technique, where…
Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access
A critical vulnerability dubbed “PolyShell” is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team and published on March 17, 2026, this flaw allows unauthenticated attackers to upload executable files via the platform’s REST…
F5 NGINX Plus & Open‑Source Flaw Lets Attackers Execute Code via MP4 File
F5 has disclosed a high-severity vulnerability (CVE-2026-32647) in the NGINX ngx_http_mp4_module that allows attackers execute arbitrary code or cause a denial-of-service (DoS) using crafted MP4 files. This flaw impacts NGINX Plus and NGINX Open Source deployments where the MP4 streaming module is…
IT Security News Hourly Summary 2026-03-25 12h : 17 posts
17 posts were published in the last hour 11:5 : Anatomy of a Cyber World Global Report 2026 11:4 : Microsoft hands Entra ID users new option for MFA 11:4 : Experts Sound Alarm Over “Prompt Poaching” Browser Extensions 10:32…
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca
Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group claims it breached AstraZeneca, stealing about 3GB of sensitive data. The alleged leak includes credentials, tokens, internal code repositories (Java,…
Anatomy of a Cyber World Global Report 2026
The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report also includes Incident Response findings based on real-world cases identified and mitigated in 2025. This article has been indexed from…
Microsoft hands Entra ID users new option for MFA
Organizations rely on MFA to enforce identity checks before granting access to systems and services. Microsoft has made external MFA generally available in Microsoft Entra ID, expanding support for third-party identity providers. Configure external MFA in Microsoft Entra ID (Source:…
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Expel has warned of malicious Chrome extensions stealing users’ AI conversations This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Apple Tests Stand-Alone Siri App Amid Chatbot Shift
Apple reportedly testing stand-alone app for digital assistant, as it revamps Siri into chatty tool with broad access to data This article has been indexed from Silicon UK Read the original article: Apple Tests Stand-Alone Siri App Amid Chatbot Shift
ClawHub Vulnerability Lets Attackers Manipulate Rankings to Become Top Skill
Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability allowed attackers to artificially boost download numbers, pushing malicious code to the top of the search results. This created…
MIWIC26: Adenike Ajayi-lweka, Cybersecurity Consultant at Accenture
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2026’s Top 20 women selected…
LiteLLM PyPI Package With 95 Million Downloads Compromised by TeamPCP Hackers
A widely used open-source Python library was compromised on the Python Package Index (PyPI). Versions 1.82.7 and 1.82.8 of the package, which route requests across various LLM providers and have over 95 million monthly downloads, were found to contain a…
FCC Banned Foreign-made Consumer Routers Over Security Risks
The Federal Communications Commission (FCC) announced a major update to its Covered List, officially prohibiting the approval of new consumer-grade network routers produced in foreign countries. This regulatory action prevents these new devices from entering the United States market by…
Google Authenticator’s Hidden Passkey Architecture Could Open New Passwordless Attack Paths
Passwordless authentication was supposed to mark the end of account takeovers. Designed to replace traditional passwords with cryptographic keys tied to physical devices, it promised a future where stolen credentials could no longer unlock user accounts. But a close examination…
ClawHub Vulnerability Let Attackers Manipulate Rankings to Become the #1 Skill
Security research team has uncovered a critical vulnerability in ClawHub, the public skills registry for the OpenClaw agentic ecosystem. This flaw allowed attackers to artificially inflate the download counts of malicious skills, thereby bypassing security checks and manipulating search rankings.…
Digital Footprint Exposure: What’s Public and Why It Matters
Nisos Digital Footprint Exposure: What’s Public and Why It Matters Whether you’re a CEO, a celebrity, or just someone who values their privacy, your digital footprint is likely much larger and more revealing than you realize… The post Digital Footprint…
Anthropic trims action approval loop, lets Claude Code make the call
Auto mode is a new permissions feature in the Claude Code system that allows the AI to make approval decisions on a user’s behalf while safeguards review actions before execution. The feature is available on Team plans and requires administrator…
Epic Games Cuts More Than 1,000 Jobs
After raising prices, Epic Games to make significant job cuts amid downturn in Fortnite engagement, challenging market conditions This article has been indexed from Silicon UK Read the original article: Epic Games Cuts More Than 1,000 Jobs
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million…
Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw
We talked to Khaled Mohamed on going from “script kiddie” to bug bounty hunter, and the moment he uncovered a flaw in Microsoft Authenticator. This article has been indexed from Malwarebytes Read the original article: Meet Khaled Mohamed: the bug…
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown
UK police trumpet success of Operation Henhouse as they seize and freeze over £27m in suspected fraud proceeds This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown
AWS Bahrain Facility Disrupted By Drone Strikes, Again
Amazon Web Services data centre in Bahrain sees outage for second time in a month due to Iran drone activity, amid ongoing conflict This article has been indexed from Silicon UK Read the original article: AWS Bahrain Facility Disrupted By…