A Russian national has been sentenced to two years in a United States federal prison and ordered to pay $1.6 million for his role in a major ransomware and botnet operation. This article has been indexed from CyberMaterial Read the…
Chinese Hackers In Telecom Backbone
A China-linked espionage group has embedded kernel-level implants and passive backdoors within global telecommunications infrastructure to maintain long-term access. This article has been indexed from CyberMaterial Read the original article: Chinese Hackers In Telecom Backbone
TP-Link Patches High-Severity Router Vulnerabilities
The security defects could be used to bypass authentication, execute arbitrary commands, and decrypt configuration files. The post TP-Link Patches High-Severity Router Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: TP-Link Patches…
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever” This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
Iran war drives urgent need to counter underwater attack drones
US and UK forces seeking tech tender with an April 3 deadline The UK and US are looking for technology to counter the threat posed by underwater drones to ships, harbors and other critical maritime infrastructure, and are asking industry…
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it. Introduction: One tech power to rule them all is a thing…
U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Aquasecurity Trivy flaw, tracked as CVE-2026-33634 (CVSS score of 9.3), to its Known Exploited…
Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems
Red Hat has issued a critical security warning regarding malicious code discovered in recent versions of the “xz” compression tools and libraries. Tracked as CVE-2024-3094, this highly sophisticated supply chain compromise could allow threat actors to bypass authentication and gain…
Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack
The official Telnyx Python SDK on PyPI was compromised this morning as part of an escalating, weeks-long supply chain campaign orchestrated by the threat actor group TeamPCP. Malicious versions 4.87.1 and 4.87.2 of the telnyx package were uploaded to PyPI…
Hackers Use Phishing ZIP Files to Deploy PXA Stealer Against Financial Firms
A new wave of cyberattacks is putting financial institutions on high alert, as threat actors ramp up the use of PXA Stealer — a powerful information-stealing malware — against organizations worldwide. The surge follows law enforcement’s successful dismantling of major…
Bogus Avast website fakes virus scan, installs Venom Stealer instead
A fake Avast scan tells you your PC is infected, then installs the malware that steals passwords, session data and crypto wallets. This article has been indexed from Malwarebytes Read the original article: Bogus Avast website fakes virus scan, installs…
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
Coruna contains the updated version of a kernel exploit used in Operation Triangulation three years ago. The post Coruna iOS Exploit Kit Likely an Update to Operation Triangulation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
RSAC 2026 Conference Announcements Summary (Days 3-4)
A summary of the announcements made by vendors on the third and fourth days of the RSAC 2026 Conference. The post RSAC 2026 Conference Announcements Summary (Days 3-4) appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an open-source framework for building AI agents and workflows, and CVE-2026-33634, an…
IT Security News Hourly Summary 2026-03-27 12h : 7 posts
7 posts were published in the last hour 10:34 : AI Agents Are Reshaping Cyber Threats, Making Traditional Kill Chains Less Relevant 10:34 : FBI Escalates Enforcement Against Thai Fraud Rings Targeting US Individualsa 10:34 : Ajax data breach exposed…
AI Agents Are Reshaping Cyber Threats, Making Traditional Kill Chains Less Relevant
In September 2025, Anthropic disclosed a case that highlights a major evolution in cyber operations. A state-backed threat actor leveraged an AI-powered coding agent to conduct an automated cyber espionage campaign targeting 30 organizations globally. What stands out is…
FBI Escalates Enforcement Against Thai Fraud Rings Targeting US Individualsa
Digital exchanges that begin with a polite greeting, an apparent genuine conversation, or a quiet offer of companionship increasingly become entry points into a far more calculated form of transnational fraud. For many Americans, these interactions are not merely…
Ajax data breach exposed season tickets, supporter bans open to tampering
AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email addresses of a few hundred people. The hack exploited vulnerabilities in Ajax’s app and website,…
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. “Bearlyfy…
CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has urgently added a critical flaw affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this security weakness involves embedded malicious code that targets continuous integration and continuous…
SEC Rules – Crypto IS A Security – Sometimes
Cryptocurrency is a speculative asset, a payment system, and critical infrastructure all at once. Explore why this “Shimmer” problem creates an unstable security model where users bear 100% of the risk. The post SEC Rules – Crypto IS A Security…
The Danger of Treating CyberCrime as War – The New National Cybersecurity Strategy
The March 2026 Cyber Strategy shifts focus from private sector compliance to national power and adversary disruption. Explore the tension between geopolitical deterrence and the economic realities of cybercrime. The post The Danger of Treating CyberCrime as War – The…
Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams
A threat actor known as Silver Fox is targeting Japanese organizations with a new wave of spearphishing attacks timed to coincide with the country’s busy tax-filing and corporate restructuring season. The campaign focuses heavily on manufacturers and enterprises that are…
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
Police in Germany physically warned organizations about the critical PTC Windchill vulnerability tracked as CVE-2026-4681. The post CISA Flags Critical PTC Vulnerability That Had German Police Mobilized appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…