An urgent warning regarding two highly critical zero-day vulnerabilities affecting Google Chrome and related products. These flaws have been officially added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, indicating that malicious hackers are actively exploiting them in the wild. With…
The Quiet Security Risk Hiding Inside Your SaaS Stack
SaaS sprawl is quietly expanding enterprise attack surfaces. Learn how permissions, integrations and orphaned accounts create hidden security risk. The post The Quiet Security Risk Hiding Inside Your SaaS Stack appeared first on Security Boulevard. This article has been indexed…
Data Privacy in Technology: Finding Balance in the Age of Surveillance
Data privacy technologies help organizations protect sensitive information while balancing innovation, regulation and user trust. The post Data Privacy in Technology: Finding Balance in the Age of Surveillance appeared first on Security Boulevard. This article has been indexed from Security…
Investment Scam Losses Mount Amid ‘Convincing’ Schemes
People in Northern Ireland lose ‘life-changing’ sums of money to ‘extremely convincing’ online scammers using crypto to cover their tracks This article has been indexed from Silicon UK Read the original article: Investment Scam Losses Mount Amid ‘Convincing’ Schemes
CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical vulnerability in the Wing FTP Server. On March 16, 2026, the agency officially added this security flaw to its Known Exploited Vulnerabilities (KEV) catalog.…
Too big to ignore, too small to be served: the midmarket security gap
Midmarket security leaders aren’t as secure as they think, says Intruder’s report Partner Content The midmarket matters. JP Morgan estimates approximately 300,000 organizations generating $13T in annual revenue. Yet they occupy an awkward position in the security landscape. They’re large enough…
Attack on Stryker’s Microsoft environment wiped employee devices without malware
The recent cyberattack on Stryker wiped tens of thousands of employee devices through its Microsoft environment, and systems are still offline. A recent cyberattack on medical technology giant Stryker targeted its internal Microsoft environment and remotely wiped tens of thousands…
Top IoT Security Best Practices to Prevent Cyber Attacks in 2026
The Internet of Things (IoT) continues to expand across industries, connecting smart devices, sensors, and systems that help organizations automate operations and collect real-time data. From smart manufacturing equipment to connected healthcare devices and smart buildings, IoT technology improves efficiency…
Social Media Algorithms ‘Prioritised Engagement Over Safety’
Documentary cites whistleblowers from TikTok, Meta detailing how companies allegedly sought to maximise profits by provoking outrage This article has been indexed from Silicon UK Read the original article: Social Media Algorithms ‘Prioritised Engagement Over Safety’
WebFiling Flaw at UK Companies House Exposed Director Data for Months
The UK Companies House recently disclosed a significant security vulnerability in its WebFiling service that exposed sensitive director information for several months. Chief Executive Andy King confirmed that the flaw was initially introduced during a system update in October 2025.…
Switzerland built a secure alternative to BGP. The rest of the world hasn’t noticed yet
SCION: Proven in banking and healthcare, slow to spread everywhere else Feature BGP, the Border Gateway Protocol, was not designed to be secure. It was designed to work – to route packets between the thousands of autonomous systems that make…
The Intelligence Engine: Head-to-Head
How enterprises move AI from pilot projects to core operations—building the data, governance and leadership frameworks needed to turn experimentation into advantage. This article has been indexed from Silicon UK Read the original article: The Intelligence Engine: Head-to-Head
Companies House Glitch Exposes Directors’ Personal Data
Company registration body urges firms to check that their details were not modified after software bug exposes systems for five months This article has been indexed from Silicon UK Read the original article: Companies House Glitch Exposes Directors’ Personal Data
Hackers Leverage Safe Links and URL Rewriting to Evade Detection
Threat actors were already abusing URL rewriting mechanisms in phishing campaigns to mask malicious domains. URL rewriting is designed to protect users by replacing original links with security-vendor URLs that scan destinations at click time. These rewritten links route traffic…
Researchers Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules
Cybersecurity researchers have uncovered a critical evasion flaw in Palo Alto Networks’ Cortex XDR agent that allowed attackers to bypass behavioral detections completely. By reverse-engineering these encrypted rules, the InfoGuard Labs team discovered hardcoded global whitelists that enabled threat actors…
Phishers Abuse LiveChat Support Tools to Steal Sensitive Data in New SaaS-Based Attack Tactic
A newly identified phishing campaign is turning legitimate customer service software into a weapon for stealing sensitive user data. Attackers have been found abusing LiveChat, a widely used Software-as-a-Service (SaaS) platform that businesses rely on for real-time customer support, to…
Traefik Triple Gate gains parallel safety pipelines, failover routing, and AI runtime controls
Traefik Labs has announced new capabilities that extend Traefik Hub’s Triple Gate architecture (API Gateway, AI Gateway, and MCP Gateway) with deeper runtime governance across the full AI workflow, including a composable multi-vendor safety pipeline with parallel guard execution, multi-provider…
IT Security News Hourly Summary 2026-03-17 09h : 8 posts
8 posts were published in the last hour 7:34 : Payload ransomware hits Windows and ESXi with Babuk-style encryption 7:34 : Stryker hospital tools safe, models apply to power AI scams, cybercrime up 245% 7:9 : Malicious NPM Packages Spread…
Payload ransomware hits Windows and ESXi with Babuk-style encryption
A new ransomware operation called Payload is rapidly emerging as a serious threat to both Windows and VMware ESXi environments, combining Babuk-style cryptography with aggressive anti-forensics and a working double-extortion model. The group claims to have been active since at least February…
Stryker hospital tools safe, models apply to power AI scams, cybercrime up 245%
Stryker hospital tools safe, digital ordering services down Models apply to be the face of AI scams Cybercrime up 245% since Iran conflict Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-stryker-hospital-tools-safe-models-apply-to-power-ai-scams-cybercrime-up-245/ Huge thanks to our episode sponsor,…
Malicious NPM Packages Spread PylangGhost RAT in Supply Chain Attack
Malicious npm packages are delivering the North Korean–linked PylangGhost remote access trojan (RAT) in a new software supply chain campaign that targets developers across Windows, Linux, and macOS systems. The first malicious versions appeared in late February 2026 (@jaime9008/math-service 1.0.1–1.0.2), followed…
Researchers Uncover Ways to Decrypt Palo Alto Cortex XDR BIOC Rules for Evasion
Cybersecurity researchers have discovered a critical evasion technique in Palo Alto Networks’ Cortex XDR agent that allowed attackers to completely bypass behavioral detections. The research demonstrates how predefined Behavioral Indicators of Compromise (BIOC) rules, shipped encrypted by Palo Alto, could…
New CondiBot Variant and ‘Monaco’ Cryptominer Expand Threats to Network Devices
Network infrastructure has become one of the most targeted areas in today’s threat landscape. Over recent years, attackers ranging from nation-state groups to financially driven criminal actors have steadily shifted their focus toward routers, firewalls, and other network devices. These…
Researchers Discover Ways to Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules
A critical evasion flaw in Palo Alto Networks’ Cortex XDR agent that allowed attackers to bypass behavioral detections completely. By reverse-engineering these encrypted rules, the InfoGuard Labs team discovered hardcoded global whitelists that enabled threat actors to execute malicious actions…