IT Security News Daily Summary 2026-03-20

158 posts were published in the last hour

• 21:34 : Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach
• 21:34 : Cryptographers engage in war of words over RustSec bug reports and subsequent ban
• 21:34 : TDL 018 | How To Think, Not What To Think | Mitch Prior
• 21:8 : A Top Democrat Is Urging Colleagues to Support Trump’s Spy Machine
• 20:32 : The Top 10 Threats Related to Agent Skills
• 20:31 : Akamai Helps Authorities Disrupt the World’s Largest IoT Botnets
• 20:31 : CVE-2026-31979: The Symlink Trap — Root Privilege Escalation in Himmelblau
• 20:5 : IT Security News Hourly Summary 2026-03-20 21h : 4 posts
• 20:5 : Navia data breach impacts nearly 2.7 Million people
• 19:36 : Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme
• 19:36 : BSidesSLC 2025 – Security Con For Dummies – An Intro
• 19:5 : Modern Best Practices for Web Security Using AI and Automation
• 19:5 : Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
• 18:34 : Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme
• 18:34 : Aura – 903,080 breached accounts
• 18:34 : CISA Recommends Privileged Access Controls for Endpoint Management After Stryker Incident
• 18:34 : Randall Munroe’s XKCD ‘Plums’
• 18:9 : Anthropic Launches Projects Feature for Claude Cowork Desktop
• 17:34 : Over one billion customer records belonging to IDMerit users left unprotected online
• 17:34 : A French Navy officer accidentally leaked the location of an aircraft carrier by logging his run on Strava
• 17:5 : US accuses Iran’s government of operating hacktivist group that hacked Stryker
• 17:5 : Nordic MSPs Can Now Access Heimdal’s Unified Security and Compliance Platform Through Elovade
• 17:5 : Kotlin vs Java in 2026: What Smart Businesses Are Choosing for Android Development
• 17:5 : Secure agentic AI end-to-end
• 17:5 : IT Security News Hourly Summary 2026-03-20 18h : 10 posts
• 17:5 : CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents
• 16:34 : U.S. accuses Iran’s government of operating hacktivist group that hacked Stryker
• 16:34 : Hackers Compromised 7,500+ Magento Websites to Upload Hidden Malicious Files and Steal Data
• 16:34 : Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins
• 16:34 : Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
• 16:11 : Secrets Management With Infisical and External Secrets Operator
• 16:11 : CISA Adds Five Known Exploited Vulnerabilities to Catalog
• 16:11 : MIWIC26: Dr. Chidimma Opara, Computer Science Lecturer at Teesside University
• 16:11 : In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
• 16:11 : Chainguard Assemble 2026 and the Security Factory Mindset
• 15:32 : Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US
• 15:31 : BSidesSLC 2025 – Getting Things Fixed – Keynote On Security Wins (And Fails)
• 15:31 : Companies know AI is essential for cyber defense but aren’t yet seeing returns
• 15:14 : 6 Best Open Source Password Managers for Windows in 2026
• 15:14 : FBI, Thai Partners Target Southeast Asia Scam Centers Behind Cyber Fraud on Americans
• 15:14 : Perseus Android Malware Steals User Notes and Enables Full Device Takeover
• 15:14 : New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation
• 15:14 : 3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
• 15:14 : HPE Patches Critical Aruba AOS-CX Vulnerabilities Including Authentication Bypass Flaw
• 15:13 : APT28 Deploys Enhanced Version of Covenant in Ongoing Threat Activity
• 15:13 : Termite Ransomware Linked to Velvet Tempest’s ClickFix, CastleRAT Attacks
• 15:13 : Meta’s Smart Glasses Face Privacy Backlash as Experts Flag Legal and Ethical Risks
• 15:13 : Russian Cyber Campaign Targets Signal and WhatsApp Users Through Social Engineering Tactics
• 15:13 : US, allies move to dismantle four high-volume IoT botnets
• 14:32 : News brief: Stryker recovering after large-scale cyberattack
• 14:32 : 2.7 million hit in workplace benefits data breach exposing SSNs, dates of birth and health account data
• 14:32 : Cyber Briefing: 2026.03.20
• 14:7 : Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance
• 14:7 : Forescout Reports Strong Growth and Profitability in FY2025
• 14:7 : Could your face change what you pay? NYC wants limits on biometric tracking
• 14:7 : UK police force presses pause on live facial recognition after study finds racial bias
• 14:5 : IT Security News Hourly Summary 2026-03-20 15h : 12 posts
• 13:36 : New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs
• 13:36 : Feds disrupt monster IoT botnets behind record-breaking DDoS attacks
• 13:36 : Eclypsium Raises $25 Million for Device Supply Chain Security
• 13:36 : Cloud Security Posture Management in 2026
• 13:36 : Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
• 13:5 : Jaguar Land Rover’s cyber bailout sets worrying precedent, watchdog warns
• 13:5 : Google slows Android sideloading to trip up scammers
• 13:5 : Nordstrom Email Abuse Sends Crypto Scams
• 13:5 : Police Warn Of Phishing After City Loss
• 13:5 : US Takes Down Botnets In Cyberattack
• 13:5 : Musician Admits To $10M Streaming Fraud
• 13:5 : Justice Dept Seizes Iran Hacker Domains
• 12:34 : Navia Confirms Data Breach – 2.7 Million Users Sensitive Data Exposed
• 12:34 : Critical Jenkins Vulnerabilities Expose CI/CD Servers to RCE Attacks
• 12:34 : Ransomware Actors Expand EDR Killer Tactics Beyond Vulnerable Drivers
• 12:34 : CISA Warns of Cisco Secure Firewall Management Center 0-Day Exploited in Ransomware Attacks
• 12:34 : Microsoft Unveils New Teams Optimizations for Windows App on iOS & Android
• 12:34 : US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
• 12:34 : Terminated contract led to $2.5 million cyber extortion scheme
• 12:34 : Darksword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days For Full Takeover
• 12:34 : CISA Warns Of Zimbra, Cisco Zero-Day
• 12:11 : Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
• 12:11 : Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
• 12:11 : The Danger Behind Meta Killing End-to-End Encryption for Instagram DMs
• 12:11 : Software engineers, you’re measuring the wrong things. Here’s what actually matters.
• 12:11 : Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge
• 12:11 : That “job brief” on Google Forms could infect your device
• 12:11 : Cape Raises $100 Million for Protection Against Cellular Security Threats
• 11:32 : Navia Data Breach Impacts 2.7 Million
• 11:32 : Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
• 11:31 : Ask Me Anything Cyber: Safer Gaming for Kids
• 11:5 : Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators
• 11:5 : Thousands of Magento Sites Hit in Ongoing Defacement Campaign
• 11:5 : Authorities disrupt four IoT botnets behind record DDoS attacks
• 11:5 : Rapid7 enhances Exposure Command with runtime validation and DSPM for risk analysis
• 11:5 : IT Security News Hourly Summary 2026-03-20 12h : 12 posts
• 11:5 : The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
• 10:34 : The Danger Behind Meta’s Decision to Kill End-to-End Encrypted Instagram DMs
• 10:34 : New ‘Speagle’ Malware Hijacks Cobra DocGuard to Steal Sensitive Data via Compromised Servers
• 10:34 : Bamboo Data Center and Server Vulnerability Let Attackers Execute Remote Code
• 10:34 : Starmer’s digital ID reboot raises same old questions as its Blair-era ancestor
• 10:34 : Securing E-commerce Transactions with Modern Authentication
• 10:34 : How to Block Bots and Stop Bot Attacks on Your Website, Apps, & APIs
• 10:34 : GUEST ESSAY: Executives trust AI security even as security teams confront blind spots, new risks
• 10:34 : Fake AI songs streamed billions of times, netting fraudster $10 million
• 10:34 : Hackers Exploit Critical Langflow Bug in Just 20 Hours
• 10:9 : Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
• 10:9 : NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online
• 9:36 : CMA To Probe Adobe Over Early Termination Fees
• 9:36 : Apex – AI-Powered Pentester Attacks Apps in Black-Box Mode to Find Vulnerabilities
• 9:36 : Allure Security Raises $17 Million for Online Brand Protection
• 9:36 : Packetbeat
• 9:36 : Suricata
• 9:36 : osquery
• 9:9 : GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
• 9:9 : US Trade Judge Says Apple Can Sell Redesigned Blood Monitor
• 9:9 : Critical Langflow Vulnerability Exploited Hours After Public Disclosure
• 9:9 : EnCase Forensic Imager
• 9:9 : NetWitness Investigator
• 8:34 : Amazon Rolls Out Chattier Alexa+ To Some UK Users
• 8:34 : Uber Invests $300m In Rivian Amid Autonomous Tie-Up
• 8:34 : CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
• 8:34 : SILENTCONNECT Uses VBScript, PowerShell and PEB Masquerading to Deploy ScreenConnect
• 8:16 : Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
• 8:16 : Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
• 8:16 : Why MCP Gateways are a Bad Idea (and What to Do Instead)
• 8:16 : ConductorOne unveils AI Access Management to accelerate secure, compliant AI adoption
• 8:16 : Semgrep Multimodal brings AI reasoning and rule-based analysis to code security
• 8:5 : IT Security News Hourly Summary 2026-03-20 09h : 4 posts
• 7:34 : While you’re here, could you go out of your way to do an impossible job?
• 7:34 : AppViewX acquires Eos to extend identity security to AI agents and workloads
• 7:34 : Bonfy ACS 2.0 helps organizations control data use in AI environments
• 7:34 : Critical SharePoint flaw, real-time cyberattack prevention, CISA’s Intune warning
• 6:36 : New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
• 6:36 : Cloud misconfiguration has evolved and your controls haven’t
• 6:36 : Field workers don’t need more access, they need better security
• 6:36 : DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
• 6:11 : Microsoft Introduces Teams Upgrades to Improve Windows App Performance on ioS and Android
• 6:11 : Navia Confirms Data Breach Exposing Sensitive Information of 2.7 Million Users
• 6:11 : Russian APT Exploits Zimbra XSS to Target Ukrainian Government in ‘Operation GhostMail’
• 6:11 : New infosec products of the week: March 20, 2026
• 5:36 : Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
• 5:36 : Llamafile, Mozilla’s portable LLM runner, gets GPU support and a rebuilt core
• 5:9 : Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries
• 5:9 : Authorities Dismantle IoT Botnet Linked to Record-Shattering 30 Tbps DDoS Campaigns
• 5:5 : IT Security News Hourly Summary 2026-03-20 06h : 3 posts
• 4:34 : FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity Today
• 4:9 : EDR killers explained: Beyond the drivers
• 4:9 : Authorities Disrupt IoT Botnet Infrastructure Behind Record-Breaking 30 Tbps DDoS Attacks
• 3:34 : Key Aspects of EASA Certification and Compliance
• 2:32 : Automated Threat Detection for Quantum-Enabled Adversarial Attacks on AI Context
• 2:5 : IT Security News Hourly Summary 2026-03-20 03h : 3 posts
• 2:2 : ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
• 1:5 : Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
• 1:5 : French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure
• 0:32 : US Takes Down Botnets Used in Record-Breaking Cyberattacks
• 23:34 : What AI zero days mean for enterprise cybersecurity
• 23:34 : 8 Best Encryption Software & Tools in 2026
• 23:34 : Sonatype Discovers Two Malicious npm Packages
• 23:5 : IT Security News Hourly Summary 2026-03-20 00h : 4 posts
• 22:55 : IT Security News Daily Summary 2026-03-19