Google is restricting how Android apps can use accessibility features after years of abuse by banking Trojans and mobile malware. The changes, introduced in Android 17.2, limit access to the accessibility API when Advanced Protection Mode (APM) is enabled. Apps…
IT Security News Hourly Summary 2026-03-19 12h : 16 posts
16 posts were published in the last hour 10:34 : Analyzing the Current State of AI Use in Malware 10:34 : Hackers Deploy Powerful Exploits To Steal From iPhones 10:34 : Pyronut Package Backdoors Telegram Bots With RCE 10:34 :…
Analyzing the Current State of AI Use in Malware
Unit 42 research explores how AI is currently used in malware, from superficial integrations to advanced decision-making, and its future impact. The post Analyzing the Current State of AI Use in Malware appeared first on Unit 42. This article has…
Hackers Deploy Powerful Exploits To Steal From iPhones
Two complex exploits, at least one of which was developed for government use, being used to hack iPhones to steal money, researchers say This article has been indexed from Silicon UK Read the original article: Hackers Deploy Powerful Exploits To…
Pyronut Package Backdoors Telegram Bots With RCE
Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both the Telegram session and the underlying host system. The malicious package , pyronut , was uploaded to PyPI as a fake alternative…
Backdoored Open VSX Extension Used GitHub Downloader to Deploy RAT and Stealer
A popular code editor extension listed on the Open VSX registry was discovered carrying hidden malware that silently fetches and runs a remote access trojan (RAT) and a full infostealer directly onto developer machines without any visible warning sign. The…
EDR killers are now standard equipment in ransomware attacks
Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have become a standard component of ransomware intrusions. ESET Research tracked nearly 90 EDR killers actively used in…
900,000 contact records exposed in Aura data breach
Aura, the online safety service, confirmed that an unauthorized party accessed about 900,000 records, mostly names and email addresses from a marketing tool linked to a company it acquired in 2021. The incident occurred as a result of a targeted…
FCA Updates Cyber Incident and Third-Party Reporting Rules
The UK’s financial regulator has issued new rules to make incident and third-party reporting clearer This article has been indexed from www.infosecurity-magazine.com Read the original article: FCA Updates Cyber Incident and Third-Party Reporting Rules
Everyday tools, extraordinary crimes: the ransomware exfiltration playbook
Attackers use trusted tools for data theft, making traditional detection unreliable. The Exfiltration Framework enables defenders to spot exfiltration by focusing on behavioral signals across endpoints, networks, and cloud environments rather than static tool indicators. This article has been indexed…
EN, SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
Building an Adversarial Consensus Engine | Multi-Agent LLMs for Automated Malware Analysis
Single-tool LLM analysis produces reports that look authoritative but aren’t. A serial consensus pipeline catches artifacts and hallucinations at source. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and tinkerers shedding light on the…
Deezer Reports First Profit, Two Decades After Launch
Nearly 20 years after its launch in 2007, French music streaming platform Deezer shows first profit, as it battles AI fraud This article has been indexed from Silicon UK Read the original article: Deezer Reports First Profit, Two Decades After…
Horabot Returns in Mexico, Spreading via Phishing and Email Worm Attacks
Horabot has resurfaced in Mexico with a more complex, multi‑stage kill chain that blends fake CAPTCHA lures, living-off-the-land scripting, and an email worm‑style spreader to deliver a Latin American banking trojan. In this installment of the SOC Files series, our…
OpenWebUI Servers Targeted in Attacks Using AI Payloads to Steal Data
A recent campaign has targeted improperly secured Open WebUI systems, allowing threat actors to deploy malicious artificial intelligence payloads. Open WebUI is a highly popular self-hosted interface designed to enhance large language models. Shodan scans reveal over 17,000 active instances…
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall…
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout. According to…
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says This article has been indexed from www.infosecurity-magazine.com Read the original article: AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Microsoft Considers Legal Action Over Amazon-OpenAI Deal
Microsoft reportedly believes Amazon’s $50bn deal with OpenAI may breach existing agreements between OpenAI and Azure cloud service This article has been indexed from Silicon UK Read the original article: Microsoft Considers Legal Action Over Amazon-OpenAI Deal
Career Reality Check: What Cyber Isn’t Telling You
Ask Me Anything Cyber on March 19 explores cybersecurity career myths, burnout, and growth, with Brenda Johnson on women in security. This article has been indexed from CyberMaterial Read the original article: Career Reality Check: What Cyber Isn’t Telling You
Micron Shares Fall On Rising Expenditures
One of world’s top three memory makers, Micron says it will need to spend more than $25bn this fiscal year to meet AI data centre demand This article has been indexed from Silicon UK Read the original article: Micron Shares…
Russia establishes Vienna as key western spy hub targeting NATO
Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transformed Vienna into its largest Western spy hub, steadily expanding surveillance over the…
Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article has been indexed…
UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
35% of security leaders working in the UK’s critical infrastructure said regulatory requirements are the primary influence on their security programs This article has been indexed from www.infosecurity-magazine.com Read the original article: UK: Regulation Drives Cyber Spending for Critical Infrastructure…