Category: Cyber Security News

A series of drone strikes on Amazon Web Services data center facilities in the United Arab Emirates and Bahrain triggered one of the most severe cloud outages in AWS history, knocking out or degrading more than 109 services across the…

Read more →

Cisco has issued an urgent security advisory for a critical vulnerability affecting its Secure Firewall Management Center (FMC) software. This flaw, rated with the maximum possible CVSS score of 10.0, allows remote, unauthenticated attackers to execute arbitrary code and gain…

Read more →

A new and carefully crafted phishing campaign is currently targeting LastPass users, with attackers sending fake support emails designed to steal vault master passwords. The campaign, which began on or around March 1, 2026, relies on social engineering tactics to…

Read more →

Cisco has released a critical security advisory warning of a severe vulnerability in its Secure Firewall Management Center (FMC) Software. This flaw allows an unauthenticated, remote attacker to bypass authentication and execute script files, thereby gaining full root access to…

Read more →

Google has released a critical security update for Chrome, pushing the Stable channel to version 145.0.7632.159/160 for Windows and Mac, and 145.0.7632.159 for Linux. The update addresses 10 security vulnerabilities, including three rated Critical, and is rolling out to users…

Read more →

Microsoft’s October 2025 Windows Recovery Environment update for Windows 10 introduced a critical boot failure issue, rendering WinRE inaccessible on affected systems, with a fix confirmed only in March 2026. Released on October 14, 2025, KB5068164 was designed to automatically…

Read more →

Microsoft, Europol, and partners have dismantled the Tycoon 2FA phishing-as-a-service (PhaaS) platform, seizing 330 domains used for credential theft and MFA bypass. This coordinated action disrupts a service active since 2023 that powered tens of millions of phishing emails monthly.…

Read more →

The FBI, in coordination with multiple international law enforcement agencies, has officially seized LeakBase, a prominent cybercriminal forum notorious for hosting and trading stolen databases, under a coordinated global operation dubbed “Operation Leak.” Both primary domains, leakbase[.]ws and leakbase[.]la, now redirect visitors to…

Read more →

The gap between human-led attacks and machine-driven intrusions is closing faster than most organizations expected. Cloudforce One, Cloudflare’s dedicated threat intelligence team, released the inaugural 2026 Cloudflare Threat Report on March 3, 2026, issuing a clear warning: artificial intelligence has…

Read more →

In modern SOCs, it all boils down to two things: time and impact. How quickly are incidents contained? How accurate are the decisions? These questions define not only operational efficiency, but overall business resilience.  Yet many organizations tend to invest heavily in tooling while overlooking structural weaknesses. The missing link is…

Read more →

In January 2026, a targeted cyberattack emerged against government officials in Iraq. The threat group, tracked as Dust Specter, impersonated Iraq’s Ministry of Foreign Affairs to trick high-value targets into downloading malicious files. The campaign introduced four previously undocumented malware…

Read more →

CISA has warned that a memory corruption flaw in Qualcomm chipsets is being exploited in attacks, urging organizations to promptly apply vendor-provided mitigations. The issue, tracked as CVE-2026-21385, impacts multiple Qualcomm chipsets and was added to CISA’s catalog on 2026-03-03 with…

Read more →

The cybersecurity landscape has taken a sharp and dangerous turn. Ransomware operators, long associated with using suspicious tools to steal data, have begun turning to the same software IT teams rely on every day. Microsoft’s AzCopy, a legitimate command-line utility…

Read more →

A dangerous new chapter in Middle Eastern geopolitics has unfolded following the outbreak of open conflict between Iran, Israel, and the United States. Last week, U.S. and Israeli forces launched Operation Lion’s Roar, a coordinated military strike targeting Iranian military…

Read more →

A three-person development team in Mexico is facing bankruptcy after a stolen Google Cloud API key generated $82,314.44 in unauthorized charges over just 48 hours. Between February 11 and 12, attackers heavily abused the team’s credentials to access the “Gemini…

Read more →

In December 2025, Check Point Research disclosed one of the most carefully engineered cloud-native malware frameworks ever studied — VoidLink. Unlike most threats that are ported from older Windows tools, VoidLink was built from scratch to target Linux-based cloud and…

Read more →

A poisoned Google Calendar invite is all it takes to weaponize Perplexity’s Comet browser. Security researchers at Zenity Labs have discovered a critical vulnerability, dubbed PerplexedBrowser, that tricks Comet’s AI agent into reading local files and stealing credentials. This zero-click…

Read more →

A China-linked threat group called Silver Dragon has been targeting government and high-profile organizations across Southeast Asia and Europe since at least mid-2024. Operating under the umbrella of APT41, the group breaks into networks by exploiting public-facing internet servers and…

Read more →

A security bulletin has been issued regarding a vulnerability in the AutoPass License Server (APLS) that could allow attackers to remotely bypass authentication controls. The issue is tracked as CVE-2026-23600 and is rated important with a CVSS  base score of…

Read more →

A critical security vulnerability has been discovered in a lightweight framework designed to enable AI agents to perform autonomous tasks. According to a vulnerability note published by the CERT/CC, this flaw allows attackers to trick the AI into executing malicious commands,…

Read more →