Energy Department to release first cyber strategy Tech giants sign on to fight scammers Font-rendering hides malicious commands from AI in plain sight Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-energy-strategy-scammer-accord-font-rendering-attack/ Huge thanks to our episode sponsor,…
Over one billion customer records belonging to IDMerit users left unprotected online
Cyber researchers discovered more than one billion unprotected IDMerit customer records online. The records included details of people from all over the world, with hundreds… The post Over one billion customer records belonging to IDMerit users left unprotected online appeared…
Researchers Disclose ‘RegPwn,’ a Windows Registry Weakness Allowing SYSTEM Access
Researchers at MDSec have disclosed a newly patched Elevation of Privilege vulnerability in Microsoft Windows, known as “RegPwn”. Tracked as CVE-2026-24291, this flaw allows a low-privileged user to gain full SYSTEM access by exploiting how Windows handles registry configurations for…
New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes
A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage servers to unauthorized directory modification and deletion. Tracked as CVE-2026-3864 with a medium-severity CVSS v3.1 score of 6.5, this vulnerability…
Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure
Learn how exposed Ollama servers can allow unauthorized model access, prompt abuse, and GPU resource consumption when LLM inference APIs are publicly accessible. The post Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure appeared first on Indusface. The…
Stop building security goals around controls
In this Help Net Security interview, Devin Rudnicki, CISO at Fitch Group, argues that security strategy fails when it loses its connection to business outcomes. Rudnicki walks through how to align security goals with corporate priorities, why CISOs must present…
Fake Telegram Download Site Delivers Stealthy In-Memory Malware Loader
A newly discovered malware campaign is exploiting user trust in Telegram by distributing a trojanized installer through a typosquatted website, telegrgam[.]com. The site closely mimics the official Telegram download portal and delivers a malicious executable named tsetup-x64.6.exe, making it appear legitimate…
Nordic MSPs Can Now Access Heimdal’s Unified Security and Compliance Platform Through Elovade
Copenhagen, Denmark – 18 March 2026 – Heimdal has appointed Elovade as its official distributor in the Nordic region. The move gives MSPs and resellers across Sweden, Norway, Denmark, Iceland, and Finland direct access to Heimdal’s consolidated cybersecurity platform through…
FortiClient Hit by Severe SQL Injection Vulnerability Enabling Database Intrusion
Cybersecurity researchers have a detailed a critical security flaw in Fortinet’s FortiClient Enterprise Management Server (EMS). Tracked as CVE-2026-21643, this severe pre-authentication SQL injection vulnerability carries a near-maximum CVSS severity score of 9.1. It allows unauthenticated attackers to execute arbitrary…
Global fraud losses climb to $442 billion
Online fraud is reaching more victims and generating larger losses, driven by digital tools and organized networks operating across borders. Global trends in financial fraud (Source: Interpol) In INTERPOL’s March 2026 Global Financial Fraud Threat Assessment, financial fraud sits among…
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746, carries a CVSS score…
Apps, APIs, and DDoS 2026: The Industrialization of Cyberattack Campaigns
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Apps, APIs, and DDoS 2026: The Industrialization of Cyberattack Campaigns
The Agentic Security Crisis: Why You Need to Act Now
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: The Agentic Security Crisis: Why You Need to Act Now
Join Us at Wasm I/O 2026
Akamai is sponsoring Wasm IO 2026 as part of our commitment to WebAssembly. Get all the details. This article has been indexed from Blog Read the original article: Join Us at Wasm I/O 2026
Judicial Targets Hit by COVERT RAT via Court Docs and GitHub Payloads
Attackers are abusing fake court documents and GitHub‑hosted payloads in a focused spear‑phishing campaign that deploys a stealthy Rust‑based COVERT RAT against Argentina’s judicial sector. This operation chains Windows LNK shortcuts, BAT loaders, and PowerShell to quietly fetch and execute…
AWS Bedrock AgentCore Sandbox Bypass Enables Stealthy C2 and Data Exfiltration
A newly disclosed vulnerability in AWS Bedrock AgentCore Code Interpreter allows threat actors to bypass network isolation and establish stealthy command-and-control (C2) channels. AWS originally advertised this mode as providing complete isolation without external access, researchers found that it permits…
IT Security News Hourly Summary 2026-03-18 06h : 4 posts
4 posts were published in the last hour 4:34 : Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran 4:34 : Another Medicat Device Firm Hit 4:16 : Linux Foundation kicks off effort to shield…
Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran
Akamai researchers saw a 245% spike in cyberattacks in the first two weeks after the start of the U.S. and Israeli war against Iran as Iranian nation-state groups and independent hacktivists launch increasingly decentralized and destructive cyberattacks, which are expected…
Another Medicat Device Firm Hit
Medical Device Breaches, Anti-Scam Pledge Scrutiny, AI Font Trick, and Iran-Linked Cyber Updates. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one…
Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
Big Tech donates $12.5 million to get things rolling Half a dozen Big Tech players have together delivered $12.5 million in grants towards a project that aims to help maintainers of open source projects to cope with AI slop bug…
Microsoft Teams Support Call Leads to Quick Assist Compromise in New Vishing Attack
Microsoft Detection and Response Team details a sophisticated voice phishing (vishing) campaign that successfully compromised a corporate environment in November 2025. Unlike conventional intrusions that rely on software exploits, this attack weaponized trust, collaboration platforms, and built-in Windows tooling to…
Japan to allow ‘proactive cyber-defense’ from October 1st
In less polite places, this is called ‘hacking back’ or ‘offensive cyber-ops’ Japan’s government yesterday decided to allow its Self-Defense Force to conduct offensive cyber-operations, starting on October 1st.… This article has been indexed from The Register – Security Read…
Top UEBA use cases in enterprise cybersecurity
<p>User and entity behavior analytics technology uncovers hidden risks to the enterprise. It does this by sifting through streams of data from various sources and looking for patterns and anomalies. That is, UEBA learns what is expected or normal and…
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire — GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the…