InstallFix attacks spread fake Claude code sites UNC4899 breaches crypto firm via trojanized file UK launches cyber-fraud crackdown unit Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-installfix-spreads-fake-claude-sites-unc4899-breaches-crypto-uk-cyber-fraud-crackdown/ Huge thanks to our sponsor, Dropzone AI It is 3…
Category: EN
Russian Hackers Target Signal, WhatsApp
Widespread informal use of encrypted consumer apps make them prime target for social engineering-based espionage hacks, Dutch officials say This article has been indexed from Silicon UK Read the original article: Russian Hackers Target Signal, WhatsApp
iPhone Hacking Toolkit Tied to Russian Espionage May Have Originated in the U.S.
A highly advanced iPhone hacking toolkit, originally developed for Western intelligence agencies, has leaked into the hands of Russian spies and Chinese cybercriminals. The exploit framework, known internally as “Coruna,” was likely created by Trenchant, the hacking and surveillance division…
SurxRAT Android Malware Uses LLMs for Phishing and Data Theft
A new Android Remote Access Trojan (RAT) named SurxRAT, which is being sold as a commercial malware platform through a Telegram-based malware‑as‑a‑service (MaaS) ecosystem. The malware, marketed under the SURXRAT V5 branding, enables cybercriminals to create customized Android malware builds…
Chinese APT Campaign Targets Qatar With PlugX Lures Tied to Middle East Conflict
A Chinese-linked advanced persistent threat group known as Camaro Dragon launched a targeted cyberespionage campaign against entities in Qatar just one day after the outbreak of new hostilities in the Middle East on March 1, 2026. The group used war-themed…
Signed Malware Masquerading as Teams, Zoom Apps Drops RMM Backdoors
A newly uncovered phishing campaign is actively targeting enterprise users by disguising malware as widely used workplace applications, including Microsoft Teams, Zoom, and Adobe Acrobat Reader. What makes this threat stand out is that the malicious files carry legitimate-looking digital…
Signed malware posing as Teams and Zoom apps drops RMM backdoors
A wave of phishing campaigns that used signed malware posing as popular workplace apps like Microsoft Teams, Zoom, and Adobe Reader to deploy remote monitoring and management (RMM) backdoors. The activity, attributed to an as-yet unidentified threat actor, highlights how…
Meta’s Smart Glasses Privacy Scandal Expands After Sama Credentials Found on the Dark Web
A privacy controversy surrounding Meta Platforms’ Ray-Ban smart glasses has taken a new turn after security researchers uncovered dozens of exposed credentials linked to the company’s data-annotation contractor. Last week, Swedish outlets Svenska Dagbladet and Göteborgs-Posten reported that footage captured by Meta’s smart glasses…
Cylake Raises $45 Million to Secure Organizations Barred From Cloud
The company, founded by Palo Alto Networks’ Nir Zuk, has developed a platform that focuses on data sovereignty. The post Cylake Raises $45 Million to Secure Organizations Barred From Cloud appeared first on SecurityWeek. This article has been indexed from…
Singulr AI’s Agent Pulse delivers enforceable runtime governance and visibility for AI agents
Singulr AI has announced the launch of Agent Pulse, extending its Unified AI Control Plane to autonomous AI agents and model context protocol (MCP) servers. Agent Pulse delivers enforceable runtime governance, contextual discovery, and measurable oversight for the agentic enterprise.…
OneTrust expands AI governance with real-time monitoring and guardrail enforcement
OneTrust has announced the expansion of its solution to include real‑time monitoring and enforcement capabilities across agents, models, and data. Designed for data, risk, and AI teams, these enhancements empower organizations to shift AI governance from static compliance workflows to…
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows – CVE-2021-22054 (CVSS score: 7.5) – A…
Signal Confirms Sophisticated Phishing Scheme Caused Account Compromises
The secure messaging platform Signal recently confirmed active, targeted phishing campaigns resulting in severe account takeovers. These sophisticated attacks have successfully compromised the accounts of high-profile individuals, specifically targeting government officials and journalists. Despite these high-profile breaches, Signal explicitly clarified…
How Piggybacking Attacks Threaten Organizational Security?
Organizations invest heavily in advanced cybersecurity technologies such as endpoint detection, identity access management, zero trust architecture, and continuous monitoring. However, a significant number of security incidents still originate from physical security weaknesses rather than purely digital vulnerabilities. Such often…
Chinese APT Campaign Uses Middle East Lures to Target Qatar With PlugX
Chinese state-linked cyber espionage groups are actively exploiting geopolitical tensions in the Middle East to target organizations in Qatar, according to new findings. The campaign began almost immediately after the recent escalation in the region, highlighting how quickly advanced persistent…
Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming
Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for state-backed attackers, to satellites emerging as…
GhostClaw Masquerades as OpenClaw in Bid to Plunder Developer Data
A malicious npm package, @openclaw-ai/openclawai, that impersonates the legitimate OpenClaw CLI while quietly deploying a full-featured infostealer and RAT against developers’ machines. Internally branded “GhostLoader,” this threat combines polished social engineering, encrypted payload delivery, and long‑term persistence to exfiltrate almost every…
Anthropic Files Lawsuit Against U.S. Government Over Claude Risk Designation
Anthropic has launched an unprecedented lawsuit against the U.S. government after being designated a “supply chain risk“. The legal action, filed in a California federal court, targets the executive office of President Donald Trump, Defense Secretary Pete Hegseth, and 16…
GhostClaw Mimic as OpenClaw to Steal Everything from Developers
A dangerous malware campaign targeting software developers has surfaced, with a rogue npm package posing as a trusted developer tool to silently drain credentials, crypto wallets, SSH keys, browser sessions, and even iMessage conversations. The package, published under the name @openclaw-ai/openclawai,…
Bug bounties are broken, and the best security pros are moving on
Penetration testing engagements are organized as scheduled contracts with defined scope, set testing windows, and direct communication channels with client teams. Cobalt’s 2026 Pentester Profile Report describes growing preference for penetration testing as a service (PTaaS) and contract-based testing models.…