IT Security News Daily Summary 2026-03-18

207 posts were published in the last hour

• 22:7 : U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog
• 22:7 : State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns
• 22:7 : In Travel, AI Amplifies the Intermediary
• 21:40 : Computer Vision Frameworks: Features And Future Trends
• 21:40 : 6 Best Digital Forensics Tools Used in 2026
• 20:13 : The Collapse of Predictive Security in the Age of Machine-Speed Attacks
• 20:5 : IT Security News Hourly Summary 2026-03-18 21h : 2 posts
• 19:31 : The SOAR Ceiling: Why Playbook Automation Has Hit Its Structural Limits
• 19:5 : FBI is buying location data to track US citizens, director confirms
• 18:36 : Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
• 18:36 : Instagram Will Remove End-to-End Encryption for Messages in May 2026
• 18:36 : Google Fixes Two Actively Exploited Chrome Zero-Day Flaws
• 18:9 : The High Cost of Slow Triage: How to Make Tier 1 the Fastest Layer in Your SOC
• 18:9 : New iOS Exploit With Advanced iPhone Hacking Tools Attacking Users to Steal Personal Data
• 18:9 : Cisco Firewall 0-day Vulnerability Exploited in the Wild to Deploy Interlock Ransomware
• 18:9 : Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure
• 17:32 : “Claudy Day” Flaws Allow Data Theft via Fake Claude AI Ads, Report
• 17:32 : Meet the 2026 Cybersecurity Startups Beating Hackers at Their Own Game
• 17:32 : Free Antivirus Software Face-Off: Which One Protects Best in 2026?
• 17:32 : Researchers found font-rendering trick to hide malicious commands
• 17:32 : Randall Munroe’s XKCD ‘SNEWS’
• 17:32 : Menlo Security Adds Platform to Secure AI Agents
• 17:31 : OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
• 17:9 : Observability for AI Systems: Strengthening visibility for proactive risk detection
• 17:5 : IT Security News Hourly Summary 2026-03-18 18h : 14 posts
• 16:33 : Apple Rolls Out Real-Time Security Fixes Across iPhone, iPad, and Mac
• 16:33 : Apple WebKit Vulnerability Enables Malicious Web Content Bypass on iOS and macOS
• 16:33 : UIDAI Launches Bug Bounty Programme to Strengthen Aadhaar Security
• 16:33 : OpenAI Launches GPT-5.4 Mini and Nano to Provide Answers 2X Faster
• 16:33 : Everyone Is Deploying AI Agents. Almost Nobody Knows What They’re Doing.
• 16:33 : Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
• 16:33 : Threat groups target cyber-physical systems to disrupt critical infrastructure providers
• 16:14 : 2026-03-12: Files for an ISC diary (SmartApeSG ClickFix pushes Remcos RAT)
• 16:14 : Cloud storage security best practices
• 16:14 : Researchers warn of unpatched, critical Telnetd flaw affecting all versions
• 16:14 : ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
• 16:13 : Cloud Security Startup Native Exits Stealth With $42 Million in Funding
• 16:13 : New Ubuntu Flaw Enables Local Attackers to Gain Root Access
• 16:13 : Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls
• 15:35 : Top 7 Full Disk Encryption Software Solutions in 2026
• 15:34 : Protect Your Privacy: Best Secure Messaging Apps in 2026
• 15:34 : 8 Best Application Firewall (WAF) Solutions for 2026
• 15:34 : Free Antivirus Software Face-Off: Which One Protects Best?
• 15:34 : LeakNet Scales Ransomware Operations With ClickFix Lures and Stealthy Deno Loader
• 15:34 : ScreenConnect Vulnerability Allows Hackers to Extract Unique Machine Keys and Hijack Sessions
• 15:34 : FancyBear Server Exposure Reveals Stolen Credentials, 2FA Secrets and NATO-Linked Targets
• 15:34 : New Malware Campaigns Turn Network Devices Into DDoS Nodes and Crypto-Mining Bots
• 15:34 : The New Insider Threat: Autonomous Systems With Excessive Permissions
• 15:34 : AI Boom Turns Browsers into Enterprise Security’s Biggest Blind Spot
• 15:34 : Cisco Warns of Actively Exploited SD-WAN Vulnerabilities Affecting Catalyst Network Systems
• 15:34 : Token Security advances AI agent protection with intent-based controls
• 15:34 : Stryker begins restoring ordering, shipping systems after cyberattack
• 15:11 : Marquis says over 672,000 people had personal and financial data stolen in ransomware attack
• 15:11 : EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
• 15:11 : Virtual Summit Today: Supply Chain & Third-Party Risk Summit
• 15:11 : Another Medical Device Firm Hit
• 14:34 : Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild
• 14:34 : Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools
• 14:34 : Menlo Security delivers unified governance and threat prevention for AI agents and humans
• 14:34 : Backslash adds cross-product support to secure AI skills in developer environments
• 14:34 : Dropzone AI releases autonomous Threat Hunting agent for continuous SOC detection
• 14:34 : Crypto Scam “ShieldGuard” Dismantled After Malware Discovery
• 14:34 : Cyber Briefing: 2026.03.18
• 14:13 : The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
• 14:12 : North Korea’s 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un
• 14:12 : Manifold Raises $8 Million for AI Detection and Response
• 14:12 : Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches
• 14:12 : Threat Detection with MITRE ATT&CK and D3FEND AI Agent
• 14:12 : Enterprise AI Agent Governance: A Layered Approach (Build, Deployment and Runtime)
• 14:12 : AkzoNobel Confirms Cyberattack at U.S. Site Following Anubis Ransomware Data Leak
• 14:12 : Global Crackdown Dismantles LeakBase Data Breach Forum, Dozens Targeted in Europol Operation
• 14:12 : Microsoft Releases Hotpatch to Fix Windows 11 RRAS Remote Code Flaw
• 14:12 : Graylog advances explainable AI and automated workflows for faster threat detection
• 14:5 : IT Security News Hourly Summary 2026-03-18 15h : 21 posts
• 13:38 : Scans for “adminer”, (Wed, Mar 18th)
• 13:38 : FancyBear Server Leak Exposes Stolen Credentials, 2FA Secrets, NATO Targets
• 13:38 : Top 6 Network Access Control (NAC) Solutions in 2026
• 13:38 : Top 10 Governance, Risk & Compliance (GRC) Tools in 2026
• 13:38 : From Hot CVEs to the Full Attack Surface: How AI Is Reshaping Threat Intelligence
• 13:38 : Firefox is getting a free built-in VPN
• 13:14 : UIDAI Introduces Bug Bounty Program to Strengthen Aadhaar Defenses
• 13:14 : Telegram’s Crackdown in 2026 and Why Cyber Criminals Are Still Winning
• 13:14 : Iran-Linked Cyber Campaigns Converge With Electronic and Psychological Warfare as Regional Conflict Escalates
• 13:14 : ForceMemo Hijacks GitHub Accounts, Backdoors Hundreds of Python Repos via Force-Push
• 13:14 : Critical Telnetd Vulnerability Enables Remote Attacker to Execute Arbitrary Code via Port 23
• 13:14 : Britain’s satellite-watching gap to be plugged with £17.5M eyeball in Cyprus
• 13:14 : Apple Debuts Background Security Improvements With Fresh WebKit Patches
• 13:14 : Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
• 13:14 : Is All OAuth The Same For MCP?
• 13:14 : TrojAI unveils new capabilities to secure agentic AI beyond the prompt layer
• 13:14 : Corelight’s Agentic Triage turns SOC alerts into evidence-backed investigations
• 13:14 : 9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
• 13:14 : Claude Code Security and Magecart: Getting the Threat Model Right
• 13:13 : Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
• 13:13 : AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
• 12:32 : New .NET AOT Malware Hides Code as a Black Box to Evade Detection
• 12:32 : Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks
• 12:32 : Rethinking Cyber Awareness: From Blame to Belonging
• 12:32 : Polygraf AI launches Desktop Overlay for real-time AI behavior control in enterprise operations
• 12:32 : Veracode Fix for SCA automates open-source vulnerability fixes
• 12:32 : China-Linked Group Steals $7M Crypto
• 12:32 : Medusa Ransomware Claims New Victims
• 12:32 : Apple Rolls Out Background Security Update
• 12:32 : Feds Charge DigitalMint Negotiator
• 12:31 : Convicted Scammer Runs New Scam From Prison
• 12:6 : CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit
• 12:6 : Malicious Telegram Download Site Pushes Multi-Stage Loader With In-Memory Execution
• 12:5 : Vidar Stealer 2.0 Spreads Through Fake Game Cheats Promoted on GitHub and Reddit
• 12:5 : Adaptability, Not Novelty: The Next Evolution of Malware
• 12:5 : AI Governance Starts With Access, Not Models | SaaS + AI
• 12:5 : Why Your AI Is Failing in Production and How Strategic QA Fixes It
• 12:5 : Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
• 11:37 : LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader
• 11:36 : Scientists used 7,000 GPUs to simulate a tiny quantum chip in extreme detail
• 11:36 : Apple patches WebKit bug that could let sites access your data
• 11:36 : VIAVI advances NetSecOps with unified threat forensics and retrospective analysis
• 11:36 : Apple starts issuing lightweight security updates between software releases
• 11:36 : Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats
• 11:9 : ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
• 11:9 : Amazon Debuts One-Hour Delivery In Some Areas Of US
• 11:9 : OpenAI Introduces GPT-5.4 Mini and Nano for Faster, Lightweight AI Performance
• 11:9 : Critical Telnetd Vulnerability Enables Remote Code Execution Attacks
• 11:9 : ForceMemo Hijacks GitHub Accounts, Backdoors Python Repos
• 11:9 : The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico
• 11:9 : Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch
• 11:9 : Druva connects identity data and behavior to restore access after attacks
• 11:5 : IT Security News Hourly Summary 2026-03-18 12h : 5 posts
• 10:32 : Ofcom Tweaks Rules For Fibre Broadband Rollout
• 10:32 : New ClickFix Scam Tricks Users Into Mapping Hacker-Controlled Drives
• 10:32 : Join Our Next Livestream: The War Machine
• 10:32 : BlackHawk Data introduces CloudSight for continuous security auditing
• 10:32 : Blumira enhances EDR and ITDR to speed up threat detection and containment
• 10:3 : Transparent COM instrumentation for malware analysis
• 10:3 : From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA
• 10:3 : Why East-West Visibility Matters for Grid Security
• 10:3 : MPs Query Lloyds Group Over Privacy Breach
• 10:3 : Iran Cyber Ops Merge With PsyOps and EW Amid Escalating Conflict
• 10:3 : Tracking the Iran War: A Month of Escalation and Regional Impact
• 10:3 : Robotic surgery firm Intuitive reports data breach after targeted phishing attack
• 10:3 : Attackers Abuse Court Documents, GitHub Payloads to Infect Judicial Targets With COVERT RAT
• 10:3 : Boggy Serpens Targets Diplomats and Critical Infrastructure in Multi-Wave Espionage Campaign
• 10:3 : Big tech companies step in to support the open source security ecosystem
• 10:3 : Abnormal AI Attune 1.0 targets AI-driven attacks with behavioral detection
• 10:2 : AI Issues Will Drive Half of Incident Response Efforts by 2028, Says Gartner
• 9:34 : Chancellor Commits £1bn To Commercial Quantum Computers
• 9:34 : Ubuntu Desktop Vulnerability Lets Attackers Escalate Privileges to Full Root Access
• 9:34 : Is Wix Secure Enough? Understanding the Next Layer of Protection for Growing Websites
• 9:34 : Theori brings Xint Code to market for large-scale AI code security analysis
• 9:34 : Island Enterprise Platform delivers unified control for workspaces and AI
• 9:34 : Major tech companies invest $12.5 million in open source security
• 9:34 : Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
• 9:7 : US Court Stays Amazon Order Barring Perplexity Bots
• 9:7 : Microsoft Teams-Based Vishing Attack Tricks Victims Into Quick Assist Takeover
• 9:7 : Critical FortiClient SQL Injection Vulnerability Enables Arbitrary Database Access
• 9:7 : ‘RegPwn’ Windows Registry Vulnerability Enables Full System Access to Attackers
• 9:7 : Microsoft to Stop Force Installation of 365 Copilot App on Windows Devices
• 9:7 : Inside a network of 20,000+ fake shops
• 9:7 : Cayosoft adds AI identity visibility and incident response for hybrid environments
• 9:7 : 1Password Users API for Partners helps automate identity response during incidents
• 9:7 : Linux Foundation secures $12.5 million to strengthen open source security and support maintainers
• 8:36 : Oppo Updates Foldable With ‘Imperceptible’ Crease
• 8:36 : Vidar Stealer 2.0 Spreads via Fake Game Cheats Shared on GitHub and Reddit
• 8:36 : Delegated Trust Is Becoming the Largest Attack Surface in Modern Security
• 8:36 : ManageEngine expands Endpoint Central with EDR and secure access
• 8:36 : Virtue AI brings continuous stress testing to enterprise AI agents
• 8:5 : Police To Deploy Live Facial Recognition In Norwich
• 8:5 : Cyberattacks Soar 245% as War Triggers Global Digital Offensive
• 8:5 : UK’s Companies House exposed data linked to millions of firms
• 8:5 : IT Security News Hourly Summary 2026-03-18 09h : 12 posts
• 7:36 : Boggy Serpens Hits Diplomats, Critical Infrastructure in Espionage Waves
• 7:36 : Iran’s cyberattack against med tech firm is ‘just the beginning’
• 7:36 : ‘CrackArmor’ Exposes Nine Vulnerabilities in Linux AppArmor
• 7:36 : Aura – 903,080 breached accounts
• 7:36 : Ubuntu Desktop Systems Vulnerability Enables Attackers to Gain Full Root Access
• 7:36 : Cybercriminals scale up, government sector hit hardest
• 7:36 : Tufin introduces AI agents to take on network security work
• 7:36 : Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
• 7:36 : Energy strategy, scammer accord, font-rendering attack
• 7:5 : Over one billion customer records belonging to IDMerit users left unprotected online
• 7:5 : Researchers Disclose ‘RegPwn,’ a Windows Registry Weakness Allowing SYSTEM Access
• 7:5 : New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes
• 7:5 : Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure
• 7:4 : Stop building security goals around controls
• 6:36 : Fake Telegram Download Site Delivers Stealthy In-Memory Malware Loader
• 6:36 : Nordic MSPs Can Now Access Heimdal’s Unified Security and Compliance Platform Through Elovade
• 6:9 : FortiClient Hit by Severe SQL Injection Vulnerability Enabling Database Intrusion
• 6:9 : Global fraud losses climb to $442 billion
• 6:9 : Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
• 5:32 : Apps, APIs, and DDoS 2026: The Industrialization of Cyberattack Campaigns
• 5:32 : The Agentic Security Crisis: Why You Need to Act Now
• 5:31 : Join Us at Wasm I/O 2026
• 5:13 : Judicial Targets Hit by COVERT RAT via Court Docs and GitHub Payloads
• 5:13 : AWS Bedrock AgentCore Sandbox Bypass Enables Stealthy C2 and Data Exfiltration
• 5:5 : IT Security News Hourly Summary 2026-03-18 06h : 4 posts
• 4:34 : Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran
• 4:34 : Another Medicat Device Firm Hit
• 4:16 : Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
• 4:15 : Microsoft Teams Support Call Leads to Quick Assist Compromise in New Vishing Attack
• 3:13 : Japan to allow ‘proactive cyber-defense’ from October 1st
• 2:9 : Top UEBA use cases in enterprise cybersecurity
• 2:9 : News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
• 2:5 : IT Security News Hourly Summary 2026-03-18 03h : 2 posts
• 1:38 : Lattice-Based Identity and Access Management for AI Agents
• 1:11 : [un]prompted: Key Insights from the AI Security Practitioners Conference – FireTail Blog
• 23:9 : EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure
• 23:5 : IT Security News Hourly Summary 2026-03-18 00h : 7 posts
• 22:55 : IT Security News Daily Summary 2026-03-17