A critical local privilege escalation (LPE) vulnerability affecting Microsoft Windows has recently come to light following the public release of a Proof-of-Concept (PoC) exploit. Tracked as CVE-2026-20817, this security flaw resides within the Windows Error Reporting (WER) service. The vulnerability…
NDSS 2025 – SHAFT: Secure, Handy, Accurate And Fast Transformer Inference
Authors, Creators & Presenters: (All Via The Chinese University of Hong Kong) Andes Y. L. Kei, Sherman S. M. Chow PAPER SHAFT: Secure, Handy, Accurate and Fast Transformer Inference Adoption of transformer-based machine learning models is growing, raising concerns about…
IT Security News Hourly Summary 2026-03-02 18h : 10 posts
10 posts were published in the last hour 16:34 : War in Iran Spiked Oil Prices. Trump Will Decide How High They Go 16:34 : Hacktivists claim to have hacked Homeland Security to release ICE contract data 16:34 : Samsung…
War in Iran Spiked Oil Prices. Trump Will Decide How High They Go
The conflict in the Middle East is driving oil prices up in a midterm year when Americans are already focused on high energy bills. This article has been indexed from Security Latest Read the original article: War in Iran Spiked…
Hacktivists claim to have hacked Homeland Security to release ICE contract data
A hacking group called Department of Peace said they hacked a specific office within Homeland Security to protest ICE’s mass deportation campaign, and the companies aiding it. This article has been indexed from Security News | TechCrunch Read the original…
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
As Samsung settles a lawsuit over how its smart TVs collect and monetize viewing data using ACR, here’s how the rest of us can limit the data we’re sharing. The post Samsung TVs stop spying on viewers in Texas. Here’s…
Dust Specter APT Targets Government Officials in Iraq
IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. Due to significant overlap in tools, techniques, and procedures (TTPs), as well as victimology, between this…
Top Data Breaches of February 2026
February 2026 brought a series of significant data breaches spanning automotive, aviation, hospitality, finance, telecom, and media. The incidents were not driven by a single attack method. Some resulted from… The post Top Data Breaches of February 2026 appeared first…
Chrome Unveils Plan For Quantum-Safe HTTPS Certificates
Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS This article has been indexed from www.infosecurity-magazine.com Read the original article: Chrome Unveils Plan For Quantum-Safe HTTPS Certificates
Understanding IAM for Managed AWS MCP Servers
As AI agents become part of your development workflows on Amazon Web Services (AWS), you want them to work with your existing AWS Identity and Access Management (IAM) permissions, not force you to build a separate permissions model. At the…
Meta AI in WhatsApp organizes chats and reopens privacy issues
The trend of integrating AI into digital platforms continues. In the latest Android beta release (2.26.9.4), the company has introduced a feature that allows users to organize their chat history with the help of Meta AI. Organize WhatsApp chats with…
IPFire ships its 200th core update with a new domain blocklist and kernel upgrade
Network firewall distribution IPFire released Core Update 200, marking the 200th incremental update to the 2.29 branch. The release bundles a kernel upgrade, a beta domain blocklist service, security patches for OpenSSL and glibc, and a range of component updates.…
Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel
John Hultquist suggests “aggressive” Iranian cyber attackers will target the US and its Gulf allies with plausibly deniable ransomware attacks, hacktivist campaigns and more This article has been indexed from www.infosecurity-magazine.com Read the original article: Expect Iran to Launch Cyber-Attacks…
BYOVD Turns Trusted Drivers Against Windows Security
BYOVD lets attackers exploit signed but vulnerable Windows drivers to gain kernel-level access and disable security tools. The post BYOVD Turns Trusted Drivers Against Windows Security appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Chrome Extension Hijacked to Push ClickFix Malware
A trusted Chrome extension was hijacked to strip browser protections, deploy ClickFix malware, and steal cryptocurrency and user data. The post Chrome Extension Hijacked to Push ClickFix Malware appeared first on eSecurity Planet. This article has been indexed from eSecurity…
South Korean Tax Agency Leak Leads to $4.8M Crypto Theft
A South Korean tax agency press release exposed a seized wallet’s seed phrase, enabling a $4.8 million cryptocurrency theft. The post South Korean Tax Agency Leak Leads to $4.8M Crypto Theft appeared first on eSecurity Planet. This article has been…
Europol Operation Targets Online Network Exploiting Minors
A Europol-led operation across 28 countries led to 30 arrests targeting “The Com,” a decentralized network accused of exploiting minors online. The post Europol Operation Targets Online Network Exploiting Minors appeared first on eSecurity Planet. This article has been indexed…
Operator of AI Fake ID Platform Pleads Guilty
The operator of an AI-powered fake ID platform that helped bypass KYC checks has pleaded guilty and faces up to 15 years in prison. The post Operator of AI Fake ID Platform Pleads Guilty appeared first on eSecurity Planet. This…
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that Russia-linked APT28 may have exploited CVE-2026-21513 CVSS score of 8.8), a high-severity MSHTML vulnerability (CVSS 8.8), before Microsoft patched it in February…
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
As Samsung settles a lawsuit over how its smart TVs collect and monetize viewing data using ACR, here’s how the rest of us can limit the data we’re sharing. This article has been indexed from Malwarebytes Read the original article:…
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant
Malicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Scarcity in DDR5 RAM Fueled by AI Demand Sparks Massive Scalping Surge
AI demand drives DDR5 RAM shortages, attracting scalping bots that hit product pages 6x more than real users. DataDome blocked 10M+ scraping requests. The post Scarcity in DDR5 RAM Fueled by AI Demand Sparks Massive Scalping Surge appeared first on…
Anthropic’s Claude hit by widespread service outage (updated)
Anthropic suffered widespread service disruptions Monday morning, leaving thousands of users unable to access its Claude AI platform. Most users reporting problems said they encountered errors when attempting to log in. The first notice was posted at 11:49 UTC. In…
Cyber Briefing: 2026.03.02
Malicious Chrome extension update steals crypto, RAT spreads via fake gaming tools, major breaches exposed, Europol arrests suspects, fake ID creator pleads guilty. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.03.02