Google has released its highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month in recent…
Category: EN
Hackers Leveraged CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
A new artificial intelligence (AI) offensive security tool called CyberStrikeAI, which is being actively leveraged by threat actors to target edge devices, particularly Fortinet FortiGate appliances. This open-source platform, developed by a China-based individual with potential ties to state-sponsored operations,…
Threat Actors Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Local Coding Tools
A supply chain attack targeting developers surfaced on March 2, 2026, when unauthorized code was found inside two versions of the Aqua Trivy VS Code extension on the OpenVSX registry. The compromised versions — 1.8.12 and 1.8.13 — were uploaded…
Why Every Enterprise Needs a Strong API Security Strategy?
Modern enterprises are rapidly shifting toward API-centric architectures, leveraging APIs to connect internal systems, external partners, and digital services. With 74% of organizations adopting API-first development models, APIs now drive critical business logic and data exchanges at scale. However, this…
The Attack Chain Your AI System is Already Missing
As AI adoption accelerates, organizations must evolve their security strategies from prompt filtering to comprehensive behavioral monitoring. This shift is critical to safeguarding against adaptive threats and ensuring safe AI deployment in production environments. The post The Attack Chain Your…
Hackerbot-Claw Bot Exploits GitHub Actions CI/CD Flaw to Attack Microsoft and DataDog
Hackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full repo compromise in some cases. The…
Google Chrome Introduces Merkle Tree Certificates to Protect HTTPS from Quantum Attacks
Google Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) “PKI, Logs, And Tree Signatures” (PLANTS) working group,…
AI went from assistant to autonomous actor and security never caught up
Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security teams can observe…
Gamers furious as Brit studio Cloud Imperium quietly admits to data breach
Slow disclosure and odd reassurance that exposing names and contact details won’t be a problem isn’t going down well Gamers are ready to unleash their mightiest virtual weapons and point them at British games studio Cloud Imperium, after it sat…
Android Security Update Fixes 129 Flaws and Tackles Actively Exploited Zero-Day Flaw
Google has rolled out the highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month. The…
Cyberattackers Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Coding Tools
Threat actors compromised the Aqua Trivy VS Code extension on OpenVSX by publishing malicious versions 1.8.12 and 1.8.13 on February 27-28, 2026. These versions injected prompts to hijack local AI coding tools for system reconnaissance and data exfiltration. Aqua Trivy…
Angular i18n Flaw Lets Hackers Execute Malicious Code via Critical XSS Vulnerability
A high-severity security flaw has been discovered in Angular, one of the most popular web application frameworks. This vulnerability, tracked as CVE-2026-27970, affects the framework’s internationalization (i18n) pipeline. If exploited, it allows attackers to execute malicious code within an application,…
The Modern CISO: Building Cyber-Resilient Teams in an Era of AI-Driven Threats
For much of the last decade, the CISO’s job has been framed as a race against increasingly sophisticated adversaries armed with automation, AI, and an expanding arsenal of attack tools. We’ve been told that security teams are losing ground, that…
5 years of shifting cybersecurity behavior
Online security is built through routine decisions made across devices and accounts. People choose how to create passwords, how often to reuse them, and how much effort to invest in protecting personal data. The National Cybersecurity Alliance and CybSafe’s Oh,…
Healthcare organizations are accepting cyber risk to cut costs
Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global healthcare executives, conducted between May and July 2025, puts numbers to the gap between the risks the…
CISOs in a Pinch: A Security Analysis of OpenClaw
Learn how Claude Code Security set Cybersecurity stocks on fire. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: CISOs in a Pinch: A Security Analysis of OpenClaw
AuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing Campaigns
Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2) domains, and multiple ongoing campaigns abusing popular platforms like TikTok and cracked‑software sites. AuraStealer emerged on Russian‑language cybercrime forums in…
Cybersecurity jobs available right now: March 3, 2026
AI & Data Security Expert Ferrero | Italy | Hybrid – View job details As an AI & Data Security Expert, you will define and maintain security controls for AI solutions, ensuring compliance with evolving threats and regulations. You will…
ReliaQuest’s 2026 Annual Threat Report: AI Powers Faster, Smarter Attacks
ReliaQuest’s 2026 Annual Threat Report reveals that 2025 saw an unparalleled escalation in AI- and automation-facilitated cyberattacks. Incident data from 2024 was compared to 2025, and ReliaQuest found that threat actors are now faster than ever. To remain ahead of the curve, security practitioners will need to adopt AI…
How a Single Brick Helped Homeland Security Rescue an Abused Child from the Dark Web
A years-long investigation by the US Department of Homeland Security led to the dramatic rescue of a young girl whose abuse images had been circulating on the dark web — with a crucial clue hidden in the background of…