Third-party software supplier breached leading to leak of doctors’ notes Around 15.8 million administrative files were stolen after attackers breached a software supplier to France’s health ministry.… This article has been indexed from The Register – Security Read the original…
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise
Improper input sanitization in the framework can be exploited through the Shell tool, allowing attackers to modify system files and steal data. The post Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise appeared first on SecurityWeek. This article…
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches This article has been indexed from www.infosecurity-magazine.com Read the original article: Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
IT Security News Hourly Summary 2026-03-03 12h : 11 posts
11 posts were published in the last hour 10:34 : Judge Blocks Virginia Law Limiting Youth Social Media Time 10:34 : Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems 10:34 : Microsoft Warns OAuth Redirect…
Judge Blocks Virginia Law Limiting Youth Social Media Time
US federal judge says Virginia law passed last year likely to infringe on free speech rights of under-16s, as regulators seek protections This article has been indexed from Silicon UK Read the original article: Judge Blocks Virginia Law Limiting Youth…
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems
Hackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compromised credentials and full…
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with the end goal…
Android devices hit by exploited Qualcomm flaw CVE-2026-21385
Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385 (CVSS score of 7.8), a high-severity vulnerability affecting an open-source Qualcomm component used in Android devices, has been actively exploited. “There are…
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Cyber Threat Actor Targets Iraqi Government…
Apple Releases Updated iPhone 17e, iPad Air
Lower-cost iPhone 17e boosts storage, CPU, in-house modem, while iPad Air gets M4 update, as low-cost MacBook said to be on the way This article has been indexed from Silicon UK Read the original article: Apple Releases Updated iPhone 17e,…
Epic Fury Cyber Shock: Iran’s Internet Down, Hacktivists Hit Back
On Feb. 28, 2026, the United States and Israel launched coordinated military operations against Iran, codenamed Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel, opening a new phase where cyber operations are tightly coupled with kinetic…
How Journalists Are Reporting From Iran With No Internet
After strikes killed senior Iranian officials, Iran cut off internet access. Journalists are relying on satellite links, encrypted apps, and smuggled footage to report from inside the country. This article has been indexed from Security Latest Read the original article:…
Hackerbot-Claw Bot Attacks Microsoft and DataDog via GitHub Actions CI/CD Misconfiguration
Between February 21 and February 28, 2026, an autonomous bot named hackerbot-claw launched a week-long attack campaign against major open source repositories. It targeted GitHub Actions CI/CD pipelines belonging to Microsoft, DataDog, the Cloud Native Computing Foundation, and several other…
Researchers Uncover Method to Track Cars via Tire Sensors
Using low-cost receivers deployed along roads, academic researchers tracked drivers and their movement patterns. The post Researchers Uncover Method to Track Cars via Tire Sensors appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Android’s March 2026 security patch fixes over 100 flaws, one under targeted exploitation
The Android March 2026 security patch addresses vulnerabilities across dozens of components and includes one CVE confirmed under active exploitation. Devices running a patch level of 2026-03-05 or later receive fixes for all disclosed issues. Android March 2026 security patch…
US Considers Nvidia Sales Limits For Chinese Firms
US officials discuss 75,000 unit cap on sales of Nvidia H200 AI accelerator chips to Chinese companies, as 2025 export deal remains in limbo This article has been indexed from Silicon UK Read the original article: US Considers Nvidia Sales…
Chrome security flaw enabled spying via Gemini Live assistant
A Google Chrome vulnerability lets malicious extensions hijack Gemini Live to spy on users and steal sensitive files. Researchers at Palo Alto Networks found a Chrome vulnerability, tracked as CVE-2026-0628, that could let malicious extensions take control of the Gemini…
Burger King AI To Rank Employee Friendliness
Burger King to trial OpenAI-powered headsets to observe staff interactions with guests, create ‘friendliness scores’ This article has been indexed from Silicon UK Read the original article: Burger King AI To Rank Employee Friendliness
New Claude Memory Feature Allow Users to Transfer Data from ChatGPT and Other AI Providers
Anthropic has introduced a new memory import tool for Claude that allows users to seamlessly transfer their stored preferences, habits, and context from other AI platforms, including ChatGPT, Google Gemini, and Microsoft Copilot, directly into Claude’s memory system, eliminating the…
The New Security Reality: When AI Accelerates Both Attack and Defense
Discover how the integration of large language models is transforming software security, lowering barriers for attackers, and necessitating autonomous defense platforms to keep pace with emerging threats. The post The New Security Reality: When AI Accelerates Both Attack and Defense …
Users Complain After Australian Supermarket Chatbot Acts Too Human
Users complain after AI assistant Olive, deployed by Australian supermarket chain Woolworths, claims to be human and talks about its mother This article has been indexed from Silicon UK Read the original article: Users Complain After Australian Supermarket Chatbot Acts…
Smartphone Market Set For Record Contraction
Smartphone market to see average prices rise to record levels, as AI industry uses up all available supply of memory chips This article has been indexed from Silicon UK Read the original article: Smartphone Market Set For Record Contraction
MS-Agent Vulnerability Exposes AI Agents to Remote Hijacking, Granting Full System Control
A critical vulnerability has been discovered in the MS-Agent framework, a lightweight software tool used to build and run autonomous AI agents. Tracked as CVE-2026-2256, this command injection flaw allows remote attackers to hijack these AI agents, potentially granting them…
Provecho – 712,904 breached accounts
In early 2026, data purportedly sourced from the recipe and meal planning service Provecho was alleged to have been obtained in a breach. The exposed data included 713k unique email address along with username and the creator account holders followed.…