Iran-linked group Handala claims it hacked FBI Director Kash Patel’s personal email, leaking files. The FBI says no government data was exposed. Iran-linked hacking group Handala claims it breached FBI Director Kash Patel’s personal Gmail account and shared alleged data,…
IT Security News Hourly Summary 2026-03-28 12h : 2 posts
2 posts were published in the last hour 10:34 : Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs 10:34 : Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs
The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer. The post Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to…
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)
A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities catalog…
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian…
Fake Certificate Loader Hides BlankGrabber Malware Chain
BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi‑stage Rust and Python infection chain, making this commodity stealer significantly harder to spot on Windows endpoints. The new technique relies on built‑in tools such as certutil.exe, heavily…
What is Shift Left Security?
Gartner predicts that by 2028, cloud computing will be a core business necessity, with global spending expected to surpass $1 trillion. As organizations continue to adopt cloud-native development to build and deliver innovative solutions, the demand for stronger application security…
U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in F5 BIG-IP AMP, tracked as CVE-2025-53521 (CVSS ver. 3.1…
IT Security News Hourly Summary 2026-03-28 09h : 3 posts
3 posts were published in the last hour 7:32 : CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation 7:31 : TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign 7:11 : Open VSX Scanner Vulnerability…
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-53521…
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian…
Open VSX Scanner Vulnerability Lets Malicious Extensions Go Live
Open VSX, the extension marketplace used by VS Code forks such as Cursor and Windsurf, recently fixed a critical vulnerability in its newly introduced pre-publish scanning pipeline that could allow malicious extensions to bypass security checks and go live undetected.…
European Commission Confirms Cyberattack After AWS Account Breach
The European Commission has confirmed a cybersecurity incident affecting its cloud-based infrastructure after attackers gained access to an Amazon Web Services (AWS) account hosting parts of the Europa.eu platform. According to an official statement, the compromised infrastructure supported the Commission’s…
4 use cases for AI in cyber security
In product security, AI represents a new and critical frontier. As artificial intelligence becomes mainstream in both defense tools and exploitation methods, security professionals must master these technologies to more effectively protect and enhance their systems.What is AI in cyber…
AI security: Identity and access control
In our first 3 articles, we framed AI security as protecting the system, not just the model, across confidentiality, integrity, and availability, and we showed why the traditional secure development lifecycle (SDLC) discipline still applies to modern AI deployments. We…
European Commission Confirms Cyberattack Following AWS Account Hack
The European Commission has officially confirmed a cyberattack following a targeted cyberattack that compromised its Amazon Web Services (AWS) account. Discovered on March 24, the intrusion specifically affected the external cloud environment that hosts the Commission’s public web presence on…
IT Security News Hourly Summary 2026-03-28 06h : 3 posts
3 posts were published in the last hour 4:34 : RSAC Recap: Agentic AI and Interview With Commvault CISO Bill O’Connell 4:5 : A cunning predator: How Silver Fox preys on Japanese firms this tax season 4:5 : RSAC 2026…
RSAC Recap: Agentic AI and Interview With Commvault CISO Bill O’Connell
RSAC Recap: Agentic AI Takes Over, Security Funding Shifts, and Why CISOs Must Focus on Resilience Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and…
A cunning predator: How Silver Fox preys on Japanese firms this tax season
Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them This article has been indexed from WeLiveSecurity Read the original article: A cunning predator: How Silver…
RSAC 2026 wrap-up – Week in security with Tony Anscombe
This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven’t caught up with This article has been indexed from WeLiveSecurity Read the original article: RSAC 2026 wrap-up –…
CISA Adds Aquasecurity Trivy Scanner Vulnerability to KEV Catalog
CISA has officially added a critical vulnerability affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this alarming security flaw poses a severe risk to software development pipelines. By exploiting this vulnerability, threat actors can…
Windows 11 and Server 2025 Update to Block Untrusted Cross-Signed Kernel Drivers by Default
Microsoft is taking a major step to harden the Windows operating system against kernel-level threats by removing trust for drivers signed by the deprecated cross-signed root program. Starting with the April 2026 update, Windows 11 and Windows Server 2025 will…
Breach of Confidence – 27 March 2026
I’ve been watching my phone battery go to 37% lately and it’s giving me anxiety even though I know I can make it through the day. This is why I don’t think I’ll ever be able to live with an…