A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring. This article has been indexed from Malwarebytes Read the original article: A fake FileZilla site hosts a malicious download
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek. This article has…
Everyone Knows About Broken Authorization – So Why Does It Still Work for Attackers?
Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) and Broken Function Level Authorization (BFLA) account for hundreds of API…
Feb Recap: New AWS Privileged Permissions and Services
As February 2026 comes to a close, the focus of AWS permission expansion has moved from core infrastructure to the Generative AI supply chain. This month’s review of newly released permissions highlights a strategic pivot toward model customization and deep-tier…
Anthropic’s Claude hit by widespread service outage
Anthropic suffered widespread service disruptions Monday morning, leaving thousands of users unable to access its Claude AI platform. Most users reporting problems said they encountered errors when attempting to log in. The first notice was posted at 11:49 UTC. In…
QuickLens Chrome Extension Steals Crypto
The QuickLens Chrome extension was recently pulled from the Web Store after a malicious update compromised roughly 7,000 users. This article has been indexed from CyberMaterial Read the original article: QuickLens Chrome Extension Steals Crypto
Criminal IP to Present Decision-Ready Threat Intelligence at RSAC™ 2026
Torrance, United States / California, 2nd March 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Criminal IP to Present Decision-Ready Threat Intelligence at RSAC™ 2026
How Threat Intelligence and Multi-Source Data Drive Smarter Vulnerability Prioritization
The CVSS Blind Spot For years, CVSS scores have been the default metric for vulnerability severity. But severity does not equal risk. A CVSS 9.8 vulnerability that is never exploited is less dangerous than a CVSS 6.5 actively used in…
Memory scalpers hunt scarce DRAM with bot blitz
We can remember it for you wholesale, and sell it back to you for big bucks Web scraping bots are increasing the pressure on the tech supply chain by scouring sites for DRAM, so their minders can snap up increasingly…
Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
Vulnerable citizens targeted by criminals purporting to represent fake police crisis department Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their bank accounts, police have warned.… This article has been indexed from…
Madison Square Garden Data Breach Confirmed Months After Hacker Attack
The company is one of the many victims of the 2025 Oracle E-Business Suite (EBS) hacking campaign. The post Madison Square Garden Data Breach Confirmed Months After Hacker Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all being pushed in different ways. Small gaps in access control, exposed keys, and normal features…
Europol Nets 30 in “The Com” Crackdown
Europol’s Project Compass recently dismantled a portion of the cybercrime network known as The Com, resulting in 30 arrests and the identification of 62 victims. This article has been indexed from CyberMaterial Read the original article: Europol Nets 30 in…
Hackers Target Iranian Apps, Sites After Strikes
Cybersecurity experts reported a series of digital strikes targeting Iran on Saturday that coincided with military actions by the United States and Israel. This article has been indexed from CyberMaterial Read the original article: Hackers Target Iranian Apps, Sites After…
“OnlyFake” Creator Pleads Guilty
The United States Attorney for the Southern District of New York and the FBI have announced the guilty plea of Ukrainian national Yurii Nazarenko for operating OnlyFake, a website specializing in the creation of digital fake identification documents. This article…
IT Security News Hourly Summary 2026-03-02 15h : 19 posts
19 posts were published in the last hour 13:37 : TPMS Flaw in Toyota, Mercedes, and Other Major Brands Enables Covert Vehicle Tracking 13:37 : MSHTML Zero-Day in Windows Exploited by APT28 Prior to Feb 2026 Security Update 13:37 :…
TPMS Flaw in Toyota, Mercedes, and Other Major Brands Enables Covert Vehicle Tracking
Tire pressure monitoring systems (TPMS) in popular brands like Toyota, Mercedes, and many others quietly broadcast radio signals that can be turned into a powerful vehicle‑tracking tool. New research shows that these routine safety messages can be harvested at scale,…
MSHTML Zero-Day in Windows Exploited by APT28 Prior to Feb 2026 Security Update
Microsoft released its Patch Tuesday updates, addressing 59 vulnerabilities, including a critical zero-day flaw in the Windows MSHTML framework. Tracked as CVE-2026-21513, this actively exploited vulnerability allows attackers to bypass security features and execute arbitrary code. APT28 is a well-documented…
APT37 combines cloud storage and USB implants to infiltrate air-gapped systems
North Korea-linked APT 37 used Zoho WorkDrive and USB malware to breach air-gapped networks in the Ruby Jumper campaign. North Korean group ScarCruft (aka APT37, Reaper, and Group123) deployed new tools in a campaign dubbed Ruby Jumper, using a backdoor that…
OCRFix Botnet Trojan Leveraging ClickFix Phishing and EtherHiding to Conceal Blockchain-Based Command Infrastructure
A newly identified botnet trojan campaign, dubbed OCRFix, has been discovered combining social engineering tricks with blockchain-based command infrastructure to quietly build a network of compromised machines. The campaign blends the well-known ClickFix phishing technique with EtherHiding — a method…
Hackers Attacking SonicWall Firewalls from 4,000+ unique IP Addresses to Exploit Vulnerabilities
A large-scale reconnaissance campaign is actively targeting SonicWall firewalls across the internet, with attackers using more than 4,000 unique IP addresses to map vulnerable devices before launching exploitation attempts. Between February 22 and February 25, 2026, threat actors generated 84,142…
Enterprise Passwordless Authentication for Retail Brands
Retailers face unique authentication challenges impacting revenue, fraud, and customer experience. Learn how passwordless authentication can improve security, reduce friction, and scale for omnichannel. The post Enterprise Passwordless Authentication for Retail Brands appeared first on Security Boulevard. This article has…
PCI-Compliant Authentication for Retail Enterprises
Retailers, fortify your defenses! Learn how PCI-compliant authentication protects customer data, prevents fraud, and avoids costly penalties. Click for expert strategies! The post PCI-Compliant Authentication for Retail Enterprises appeared first on Security Boulevard. This article has been indexed from Security…
NetQuest launches NetworkLens for hyperscale AI threat detection
NetQuest has announced NetQuest NetworkLens, a new portfolio of hyperscale real-time network intelligence datasets engineered to power AI-driven cyber threat detection and advanced security analytics. As cyber defense increasingly relies on machine learning, behavioral detection, and data pipelines, the network…