IT Security News Daily Summary 2026-03-10

203 posts were published in the last hour

• 22:31 : Microsoft Patch Tuesday for March 2026 — Snort rules and prominent vulnerabilities
• 22:31 : The AI Security Skills Gap: What It Is, Where It Exists, and How to Close It
• 22:9 : Cal AI, New Owner of MyFitnessPal, Hit by Alleged Breach of 3 Million Users
• 22:9 : Hackers Pose as IT Staff in Microsoft Teams to Install Malware
• 21:36 : Bitdefender Threat Debrief | March 2026
• 21:9 : Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
• 20:34 : DOGE employee stole Social Security data and put it on a thumb drive, report says
• 20:34 : Google Cloud Security Threat Horizons Report #13 (H1 2026) Is Out!
• 20:34 : AWS European Sovereign Cloud achieves first compliance milestone: SOC 2 and C5 reports plus seven ISO certifications
• 20:5 : IT Security News Hourly Summary 2026-03-10 21h : 10 posts
• 20:2 : Teams Social Engineering Campaign Drops A0Backdoor Malware
• 20:2 : Fake OpenClaw npm Package Installs GhostClaw Malware
• 20:2 : Attackers exploit FortiGate devices to access sensitive network information
• 19:32 : Microsoft Patches 83 Vulnerabilities
• 19:14 : Fortinet FortiManager fgtupdates Vulnerability Allows Attackers to Execute Malicious Commands
• 19:14 : Zoom Workplace for Windows Vulnerabilities Allow Privilege Escalation
• 19:13 : Fortinet Security Update – Patch for Multiple Vulnerabilities That Enable Malicious Command Execution
• 19:13 : USENIX Security ’25 (Enigma Track) – Risk Is Not A Hammer, And Most Hazards Aren’t Nails
• 19:13 : Fake Google Meet Update Can Give Attackers Control of Your Windows PC
• 19:13 : Security is a team sport: AWS at RSAC 2026 Conference
• 18:36 : ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data
• 18:36 : DHS Ousts CBP Privacy Officers Who Questioned ‘Illegal’ Orders
• 18:36 : Mandiant’s founder just raised $190M for his autonomous AI agent security startup
• 18:36 : Cybercrime isn’t just a cover for Iran’s government goons – it’s a key part of their operations
• 18:36 : Adobe Patches 80 Vulnerabilities Across Eight Products
• 18:7 : Google’s $32B Wiz Acquisition Set to Become Israel’s Largest Tech Deal Ever
• 18:7 : Lantronix EDS3000PS and EDS5000
• 18:7 : Apeman Cameras
• 18:7 : Ceragon Siklu MultiHaul and EtherHaul Series
• 18:7 : Honeywell IQ4x BMS Controller
• 18:7 : U.S. military contractor likely built iPhone hacking tools used by Russian spies in Ukraine
• 18:7 : Ivanti Desktop and Server Management Vulnerability Allows Attackers to Escalate Privileges
• 18:7 : OpenAI to Acquire Promptfoo to Fix Vulnerabilities in AI Systems
• 18:7 : Malformed ZIP Files Allows Attackers to Bypass Antivirus and EDR Detections
• 18:7 : Cloudflare Pingora Vulnerabilities Allows Request Smuggling & Cache Poisoning Attacks
• 18:7 : Microsoft Patch Tuesday March 2026 – 78 Vulnerabilities Fixed, Including One 0-day
• 18:7 : How to see your Google Search history (and delete it)
• 18:7 : Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP
• 17:36 : Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
• 17:36 : China-Linked Hackers Hit Qatar with Backdoor Disguised as War News
• 17:36 : OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap
• 17:7 : 400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin
• 17:7 : Build Transformative Security with AI-Powered WAF Detections
• 17:7 : Age Verification Laws for Social Media Raise Privacy Concerns and Enforcement Challenges
• 17:7 : Conduent Leak: One of the Largest Breaches in The U.S
• 17:7 : Apple Rolls Out Global Age-Verification System to Protect Kids Online
• 17:5 : IT Security News Hourly Summary 2026-03-10 18h : 11 posts
• 16:32 : An iPhone-hacking toolkit used by Russian spies likely came from US military contractor
• 16:32 : When your DDoS mitigation provider goes down: Why traffic control can’t be outsourced
• 16:32 : Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts
• 16:32 : Zero Trust for B2B SaaS: What Every Founder and CTO Needs to Know
• 16:32 : KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
• 16:9 : Fake Claude Code Spreads Malware to Windows, macOS Users
• 16:9 : Fake Gemini AI Chatbot Promotes ‘Google Coin’ in New Crypto Scam
• 16:9 : APT28 conducts long-term espionage on Ukrainian forces using custom malware
• 16:9 : Forescout Introduces Automated Security Controls Assessment to Bring Continuous Compliance Visibility
• 16:9 : OpenAI Acquires Security Startup Promptfoo to Fortify AI Agents
• 16:9 : Only 24% Of organizations Test Identity Recovery Every Six Months
• 15:32 : GPS Attacks Near Iran Are Wreaking Havoc on Delivery and Mapping Apps
• 15:32 : CISA Warns of Ivanti Endpoint Manager Authentication Bypass Vulnerability Exploited in Attacks
• 15:32 : Kali Linux Enhances AI-driven Penetration Testing with Local Ollama, 5ire, and MCP Kali Server
• 15:32 : Webinar Today: Securing Fragile OT in an Exposed World
• 15:32 : Kai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT Security
• 15:32 : USENIX Security ’25 (Enigma Track) – Security Theater Is Canceled: Time For A Real Show
• 15:32 : Fortinet enhances SecOps with cloud SOC, AI automation, and managed services
• 15:32 : Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
• 15:31 : US entities face heightened cyber risk related to Iran war
• 15:7 : Huntress Widens Partner Programme to Reach Small Businesses Worldwide
• 15:7 : SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities
• 15:7 : Phishing Scammers Impersonating City, County Officials, Demanding Payment: FBI
• 15:7 : Messenger can warn you about sketchy links without knowing what you clicked
• 15:7 : Mend.io eliminates AI prompt weaknesses before production
• 15:7 : Ericsson Breach Exposes Data of 15k Employees and Customers
• 15:7 : AWS Security Hub is expanding to unify security operations across multicloud environments
• 14:36 : Study Finds ROME AI Agent Attempted Cryptomining Without Instructions
• 14:36 : Thousands Affected by Ericsson Data Breach
• 14:36 : Cyber Briefing: 2026.03.10
• 14:10 : Top 10 Best Anti-Phishing Tools in 2026
• 14:9 : SIEM isn’t dead, its place in the SOC is just evolving
• 14:9 : Fake Claude Code Install Pages Spread Infostealer Malware
• 14:9 : Introducing System Prompt Hardening: production-ready protection for system prompts
• 14:9 : Before the Breach: Identity Persistence Through Stolen Credentials
• 14:9 : Fighting Fire with Fire: AI-Assisted Microsegmentation to Combat AI-Enabled Hackers
• 14:9 : Inference protection for LLMs: Keeping sensitive data out of AI workflows
• 14:9 : Microsoft flips Windows Autopatch to default hotpatch security updates
• 14:9 : HR, recruiters targeted in year-long malware campaign
• 14:5 : IT Security News Hourly Summary 2026-03-10 15h : 20 posts
• 13:36 : Fake job applications pack malware that kills EDR before stealing data
• 13:36 : Kevin Mandia’s Armadin Launches With $190 Million in Funding
• 13:36 : OpenAI Rolls Out Codex Security Vulnerability Scanner
• 13:36 : The Economic Argument: The Real Cost of Insecure APIs in the AI Era
• 13:36 : Securing the Browser Session, Not Just the Login – Blog | Menlo Security
• 13:35 : Inside a bot operator’s email verification infrastructure
• 13:35 : Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
• 13:35 : New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
• 13:35 : CISA Flags Actively Exploited Vulns
• 13:35 : Ericsson US Confirms Third-Party Breach
• 13:35 : Microsoft Enables Windows Hotpatches
• 13:35 : Cyberattack Costs Laurens County $1.5M
• 13:35 : Teams to Tag Third-Party Bots
• 13:7 : Fake LinkedIn Interview Used by Lazarus Hackers to Target AllSecure CEO
• 13:7 : Attackers Use Malformed ZIP Archives to Evade Antivirus and EDR Tools
• 13:7 : CISA Alerts on Ivanti Endpoint Manager Vulnerability Auth Bypass Exploited in the Wild
• 13:7 : Global Cyber Attacks Remain Near Record Highs in February 2026 Despite Ransomware Decline
• 13:7 : Threat actors use custom AuraInspector to harvest data from Salesforce systems
• 13:7 : SAP Security Update – Patch for Multiple Vulnerabilities that Enable Remote Code Execution
• 13:7 : Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign
• 12:35 : SAP Releases Patches for Security Flaws Allowing Remote Code Execution
• 12:35 : Protecting democracy means democratizing cybersecurity. Bring on the hackers
• 12:35 : Ericsson blames vendor vishing slip-up for breach exposing thousands of records
• 12:9 : Polish cops bust alleged teen DDoS kit sellers – youngest just 12
• 12:9 : Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
• 12:9 : Escape Raises $18 Million to Automate Pentesting
• 12:9 : Terra Portal adds human-governed AI to live production pentesting
• 12:9 : APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
• 12:9 : The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
• 12:9 : How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
• 11:38 : Links
• 11:38 : LNK Files
• 11:38 : Signal and WhatsApp accounts targeted in phishing campaign
• 11:38 : Prevention is the Only Cloud Security Strategy That Works
• 11:38 : This spy tool has been quietly stealing data for years
• 11:38 : Teen crew caught selling DDoS attack tools
• 11:38 : Armadin secures $189.9 million to counter AI-driven cyber threats
• 11:11 : UK AI Data Centre Start-Up Nscale Raises $2bn
• 11:11 : U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog
• 11:11 : Hackers may have breached FBI wiretap network via supply chain
• 11:10 : SIM Swaps Expose a Critical Flaw in Identity Security
• 11:10 : AI Just Made Executives the Easiest Targets on the Internet
• 11:10 : Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials
• 11:5 : IT Security News Hourly Summary 2026-03-10 12h : 12 posts
• 10:32 : KKR Looks To Sell CoolIT, Capitalising On Data Centre Boom
• 10:32 : Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data
• 10:32 : OpenClaw Advisory Surge Highlights Blind Spot Between GitHub and CVE Vulnerability Tracking
• 10:32 : How to Download and Install SafeNet Authentication Client for Sectigo Code Signing Certificates?
• 10:32 : MIND is the first data security company to achieve ISO 42001 certification
• 10:32 : Mimecast brings gateway-grade email security to API deployment
• 10:9 : Auditing the Gatekeepers: Fuzzing “AI Judges” to Bypass Security Controls
• 10:9 : Apple Delays AI Home Display Amid Siri Snags
• 10:9 : Ericsson US confirms breach after third-party provider attack
• 10:9 : BeatBanker: A dual‑mode Android Trojan
• 10:9 : New Claude tool uses AI agents to find bugs in pull requests
• 10:9 : ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
• 9:32 : Chinese Customers Flock To Open-Source AI Agent
• 9:32 : Leading Myanmar Fleet Management Company Yoma Fleet Selects AccuKnox SIEM to Replace Legacy Tools
• 9:32 : OpenAI to Acquire Promptfoo to Address Vulnerabilities in AI Systems
• 9:32 : Cloudflare Pingora Flaws Enable Request Smuggling and Cache Poisoning Attacks
• 9:31 : Phishing campaign spoofs local officials to steal permit fees
• 9:7 : TfL Confirms 10 Million Affected By 2024 Hack
• 9:7 : Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform
• 9:7 : iPhone Exploit Toolkit Used by Russian Spies Likely Originated from U.S. Contractor
• 9:7 : Apache ZooKeeper Vulnerability Allow Attackers to Access Sensitive Data
• 9:7 : Anthropic Sued the U.S. Government for Labelling Claude as ‘Supply Chain Risk’
• 9:7 : Rising Cyber Threats Linked to Ongoing Middle East Conflict
• 9:7 : Escape lands $18 million funding to scale AI-driven offensive security automation
• 8:34 : Ukraine Deploys Robot Battalion To Fight Russia
• 8:34 : Datadog MCP server delivers live observability to AI agents and IDEs
• 8:34 : SailPoint expands AI-powered identity security with adaptive identity framework
• 8:34 : Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
• 8:34 : InstallFix spreads fake Claude sites, UNC4899 breaches crypto, UK cyber-fraud crackdown
• 8:5 : Russian Hackers Target Signal, WhatsApp
• 8:5 : iPhone Hacking Toolkit Tied to Russian Espionage May Have Originated in the U.S.
• 8:5 : IT Security News Hourly Summary 2026-03-10 09h : 11 posts
• 8:5 : SurxRAT Android Malware Uses LLMs for Phishing and Data Theft
• 8:4 : Chinese APT Campaign Targets Qatar With PlugX Lures Tied to Middle East Conflict
• 8:4 : Signed Malware Masquerading as Teams, Zoom Apps Drops RMM Backdoors
• 7:41 : Signed malware posing as Teams and Zoom apps drops RMM backdoors
• 7:41 : Meta’s Smart Glasses Privacy Scandal Expands After Sama Credentials Found on the Dark Web
• 7:41 : Cylake Raises $45 Million to Secure Organizations Barred From Cloud
• 7:40 : Singulr AI’s Agent Pulse delivers enforceable runtime governance and visibility for AI agents
• 7:40 : OneTrust expands AI governance with real-time monitoring and guardrail enforcement
• 7:40 : CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
• 7:9 : Signal Confirms Sophisticated Phishing Scheme Caused Account Compromises
• 7:9 : How Piggybacking Attacks Threaten Organizational Security?
• 6:36 : Chinese APT Campaign Uses Middle East Lures to Target Qatar With PlugX
• 6:36 : Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming
• 6:9 : GhostClaw Masquerades as OpenClaw in Bid to Plunder Developer Data
• 6:9 : Anthropic Files Lawsuit Against U.S. Government Over Claude Risk Designation
• 6:9 : GhostClaw Mimic as OpenClaw to Steal Everything from Developers
• 6:9 : Bug bounties are broken, and the best security pros are moving on
• 6:9 : The people behind cyber extortion are often in their forties
• 5:32 : Hackers Use Microsoft Teams to Manipulate Employees Into Allowing Remote Access
• 5:32 : Your Secret Scanner Has a Blind Spot: Here’s How to Fix It
• 5:31 : Cybersecurity jobs available right now: March 10, 2026
• 5:5 : IT Security News Hourly Summary 2026-03-10 06h : 4 posts
• 4:32 : CISOs in a Pinch: A Security Analysis of OpenClaw
• 4:32 : Hackers Attack Employees Over Microsoft Teams to Trick Them Into Granting Remote Access
• 4:31 : ScamAgent- AI Agent Built by Researchers that Run Fully Autonomous Scam Calls
• 4:7 : Your DSPM found the problems. Now what?
• 2:5 : IT Security News Hourly Summary 2026-03-10 03h : 2 posts
• 2:4 : ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th)
• 2:4 : An iPhone-hacking toolkit used by Russian spies likely came from U.S military contractor
• 0:36 : Anomalous Prompt Injection Detection in Quantum-Secured AI Pipelines
• 23:34 : Dutch Intel Warns of Russian Hackers Hijacking Signal, WhatsApp Attacks
• 23:34 : Escape raises $18M Series A to replace legacy scanners with AI agent-driven discovery, pentesting, and remediation
• 23:34 : Department of Know: Quantum-Safe certificates, Iranian cyberattack risks, 90 zero-days
• 23:5 : Role-Based Access Control (RBAC) Now Available in Akamai Cloud
• 23:5 : Secure Identity for TAK/ATAK at the Tactical Edge
• 23:5 : How to feel empowered by your NHIs and AI
• 23:5 : What assurances do AI governance frameworks offer
• 23:5 : Are scalable secrets management systems more effective
• 23:5 : IT Security News Hourly Summary 2026-03-10 00h : 3 posts
• 22:55 : IT Security News Daily Summary 2026-03-09