The UK government has launched a new vulnerability monitoring service (VMS) that promises to reduce the time needed to fix critical cyber weaknesses across the public sector. Scanning government systems for critical cyber flaws The service, launched as part of…
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 (CVSS score: 8.8), a high-severity security feature…
ClawJacked Bug Enables Covert AI Agent Hijacking
Oasis Security reveals how a new ClawJacked vulnerability could allow attackers to silently take over a victim’s OpenClaw agent This article has been indexed from www.infosecurity-magazine.com Read the original article: ClawJacked Bug Enables Covert AI Agent Hijacking
Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel
A high-severity CVE-2026-0628 in Chrome’s Gemini allowed local file access and privacy invasion. Google quickly patched the flaw. The post Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel appeared first on Unit 42. This article…
Silicon AI for Your Business Podcast: The Human Side of Automation
Can AI make marketing more human? This episode explores how agentic automation, empathy, and trust reshape personalized customer journeys at scale for brands. This article has been indexed from Silicon UK Read the original article: Silicon AI for Your Business…
Configuration and Runtime: The PB&J of Effective Security Operations
For most of the security industry’s history, logs were the problem to solve. Attacks were easy to spot in events: Failed logins, suspicious processes, and unexpected network connections. Infrastructure was relatively static, identities were long-lived, and configuration changed slowly enough…
Motorola turns to GrapheneOS for smartphone security upgrade
Motorola is strengthening smartphone security through a long-term partnership with the GrapheneOS Foundation, a mobile security nonprofit that develops a hardened operating system based on the Android Open Source Project. GrapheneOS includes protections designed to reduce entire classes of vulnerabilities,…
Ransomware Payments Decline 8% as Attacks Surge 50%
Chainalysis reveals a big surge in median ransomware payment size in 2025 despite overall drop in criminal revenue This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Payments Decline 8% as Attacks Surge 50%
IT Security News Hourly Summary 2026-03-02 12h : 12 posts
12 posts were published in the last hour 10:32 : Sekoia achieves SOC2 compliance 10:32 : Pakistan’s Top News Channels Hacked and Hijacked With Anti-Military Messages 10:32 : ClawJacked flaw exposed OpenClaw users to data theft 10:32 : Europol’s Project…
Sekoia achieves SOC2 compliance
Today, we are pleased to celebrate a major achievement for Sekoia with the attainment of the SOC2 Type 1 certification for its entire infrastructure. In this blog post, we’ll explain the journey to this high-end certification. What is the SOC2…
Pakistan’s Top News Channels Hacked and Hijacked With Anti-Military Messages
Major Pakistani TV channels, including Geo News and ARY News, were hit by a coordinated cyberattack on 1 March 2026. Hackers took control of live satellite feeds to display unauthorised messages. Read more about the breach, the regional impact, and…
ClawJacked flaw exposed OpenClaw users to data theft
“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed malicious websites to brute-force and take control of local AI agent instances. Oasis Security discovered…
Europol’s Project Compass nets 30 arrests in crackdown on “The Com”
Europol’s Project Compass led to 30 arrests targeting ‘The Com’ network, identifying 62 victims and protecting four children from harm. A yearlong operation, code-named Project Compass, led by Europol has dealt a major blow to The Com,’ a cybercrime network…
Angular SSR Request Vulnerability Allows Attackers to Trick Applications into Sending Unauthorized Requests
A critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to trick applications into sending unauthorized requests. Tracked as CVE-2026-27739, this Server-Side Request Forgery (SSRF) flaw poses a severe risk to web applications using affected…
GUEST ESSAY: Real cyber risks arise when small flaws combine and alerts are viewed in isolation
Security teams are drowning in signals. Alerts fire. Logs accumulate. Dashboards light up. Yet breaches still unfold quietly, often through a series of low-level actions that never trigger a single catastrophic alarm. Related: How ‘observability’ drives security Attackers do not…
Building a risk-based data sanitization strategy: When to use Cryptographic erasure vs. physical destruction
Build your strategy on risk assessment, not on assumptions that one size fits all. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Building a risk-based data sanitization strategy: When to use Cryptographic erasure…
ResOps: The new operating model bridging security, identity and recovery
Why 77% of enterprises lack AI security practices – and the new operating model bridging the gap. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: ResOps: The new operating model bridging security, identity…
Project Compass Operation Cracks Down on “The Com” Cybercrime Collective – 30 Arrested, 179 Suspects Identified
An international law enforcement operation named Project Compass has launched a major offensive against “The Com,” a dangerous transnational virtual network (TVN). The operation, which began in January 2025, has successfully led to the arrest of 30 suspects and the…
AI Overviews Rife With Scam Phone Numbers
In a new take on an old scam, AI Overviews are inadvertently coughing up fraudulent phone numbers for companies that appear in search queries leading callers to miscreants who elicit sensitive data and payment information. The post AI Overviews Rife With…
Link11 Releases European Cyber Report 2026: DDoS Attacks Become a Constant Threat
Frankfurt am Main, Germany, 2nd March 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Link11 Releases European Cyber Report 2026: DDoS Attacks Become a Constant Threat
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry. The packages masquerade as developer tools, but contain functionality…
Hackers Launch Massive SonicWall Firewall Attack Using 4,000+ IP Addresses
Hackers are actively mapping SonicWall firewalls worldwide, launching more than 84,000 SonicOS scanning sessions from over 4,000 unique IP addresses in just four days to identify SSL VPN targets for future credential and vulnerability attacks. Three operationally distinct infrastructure clusters…
Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site
Ukrainian citizen Yurii Nazarenko admitted running OnlyFake, an AI-driven site that sold over 10,000 fake IDs worldwide. Ukrainian man Yurii Nazarenko pleaded guilty to operating OnlyFake, an AI-powered site that generated and sold more than 10,000 counterfeit IDs globally. “United…
Purchase order attachment isn’t a PDF. It’s phishing for your password
A fake purchase order attachment turned out to be a phishing page designed to harvest your login details. This article has been indexed from Malwarebytes Read the original article: Purchase order attachment isn’t a PDF. It’s phishing for your password