Talking to a malware author is a rare occurrence, something most analysts hear about but rarely experience themselves. Identifying the individual behind a malware campaign is often one of the most difficult aspects of threat research. In this case, what…
Silver Fox: The Only Tax Audit Where the Fine Print Installs Malware
Since early 2025, TDR has focused on tracking Silver Fox, a China-based intrusion set. Originally known for financially motivated attacks, the group has been shifting toward more sophisticated, APT-style operations since at least 2024. This dual focus reflects a broader…
Hackers Plant Stealthy BPFdoor Backdoors in Telecom Networks for Long-Term Access
A months-long investigation by Rapid7 Labs has exposed a sophisticated, state-sponsored espionage campaign by the China-nexus threat actor Red Menshen, which has embedded some of the most covert digital sleeper cells ever documented inside global telecommunications infrastructure. Released on March…
LeakBase Hacker Forum Admin Arrested in Russia by Law Enforcement Authorities
Russian law enforcement has arrested the suspected administrator of LeakBase, a prominent international hacker forum. The operation, coordinated by the Russian Ministry of Internal Affairs (MVD) alongside the Bureau of Special Technical Measures (BSTM), dismantled a platform that traded in…
GhostClaw AI Assisted Malware Attacking macOS Users to Deploy Credential-Stealing Payloads
A newly documented malware campaign called GhostClaw is actively targeting macOS users through fake GitHub repositories and AI-assisted development workflows. The campaign uses social engineering disguised as legitimate developer tools to steal user credentials and drop secondary payloads on infected…
IDrive for Windows Vulnerability Let Attackers Escalate Privileges
A critical local privilege escalation vulnerability has been identified in the IDrive Cloud Backup Client for Windows. Tracked as CVE-2026-1995, this local privilege escalation vulnerability affects the IDrive Cloud Backup Client for Windows, specifically targeting versions 7.0.0.63 and earlier. Security researchers…
CISA Warns of Langflow Code Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Langflow platform to its Known Exploited Vulnerabilities (KEV) catalog on March 25, 2026. The vulnerability, tracked as CVE-2026-33017, involves a highly dangerous code injection…
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Researchers Sound the Alarm on Vulnerabilities in…
IT Security News Hourly Summary 2026-03-26 18h : 13 posts
13 posts were published in the last hour 16:34 : Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users 16:34 : OpenCode Systems OC Messaging and USSD Gateway 16:34 : PTC Windchill Product Lifecycle Management 16:34 : WAGO GmbH…
Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users
7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
OpenCode Systems OC Messaging and USSD Gateway
View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outside of their authorized tenant scope via a crafted company or tenant identifier parameter. The following versions of OpenCode Systems…
PTC Windchill Product Lifecycle Management
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. The following versions of PTC Windchill Product Lifecycle Management are affected: Windchill PDMLink 11.0_M030 (CVE-2026-4681) Windchill PDMLink 11.1_M020 (CVE-2026-4681) Windchill PDMLink 11.2.1.0 (CVE-2026-4681)…
WAGO GmbH & Co. KG Industrial Managed Switches
View CSAF Summary An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device. The following versions of WAGO GmbH & Co. KG Industrial Managed Switches…
Silicon Valley’s two biggest dramas have intersected: LiteLLM and Delve
LiteLLM offers an AI open source project used by millions that was infected by credential harvesting malware. This article has been indexed from Security News | TechCrunch Read the original article: Silicon Valley’s two biggest dramas have intersected: LiteLLM and…
Physicists just turned glass into a powerful quantum security device
Scientists have turned simple glass into a powerful quantum communication device that could safeguard data against future quantum attacks. The chip combines stability, speed, and versatility—handling both ultra-secure encryption and record-breaking random number generation in one compact system. This article…
EULA
Constella Intelligence, Inc. End User License Agreement EULA Last Updated: April 21, 2023 Introduction. This End Used License Agreement (this “EULA”) applies by and between Constella Intelligence, Inc. (“Constella”, “we”, or “us”) and the customer/user (the “Customer”, or “you”) who…
Mazda Reports Limited Data Exposure After Warehouse System Breach
Early reports indicate Mazda Motor Corporation faced a data leak following suspicious activity uncovered in its systems during December 2025. Information belonging to staff members, along with details tied to external partners, became accessible due to the intrusion. Investigation…
800,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Smart Slider 3 WordPress Plugin
On February 23, 2026, we received a submission for an Arbitrary File Read vulnerability in Smart Slider 3, a WordPress plugin with an estimated more than 800,000 active installations. This vulnerability makes it possible for an authenticated attacker, with subscriber-level…
The Next Billion Users Won’t Be Human: Securing the Agentic Enterprise
Menlo Security’s Ramin Farassat speaks with TechRepublic about how browser-based controls can protect AI agents from prompt injection and other fast-scaling enterprise risks. The post The Next Billion Users Won’t Be Human: Securing the Agentic Enterprise appeared first on TechRepublic.…
TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password
TP-Link patched high-severity Archer NX router flaws, including one that could let attackers upload rogue firmware without authentication. The post TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password appeared first on TechRepublic. This article has been…
RSAC 2026 Conference: Key news and industry analysis
<p>The RSAC 2026 Conference theme is “The Power of Community.” In a tech landscape where the letters A and I are inescapable, this year’s RSAC homes in on the importance of people in cybersecurity — namely, their ability to forge…
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Rapidly Weaponize Critical Oracle WebLogic RCE,…
A $20 Billion Crypto Scam Market Faces a New Government Crackdown
The Telegram-based Xinbi Guarantee black market sells services that help prop up scam operations. British officials just hit the highly lucrative marketplace with sweeping sanctions. This article has been indexed from Security Latest Read the original article: A $20 Billion…
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.
Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online. This article has been indexed from Security News | TechCrunch Read the…