Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that…
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products
Cisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products. The post Cisco Patches Critical Vulnerabilities in Enterprise Networking Products appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and cybersecurity partners. Takedown of the Tycoon 2FA phishing-as-a-service platform (Source: Europol) Active since August 2023, Tycoon…
LeakBase cybercrime forum with 142,000 users taken down in global operation
LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law enforcement operation coordinated by Europol and involving authorities from 14 countries. Police in action (Source:…
Security Architecture Part 2: Network Security Design, DMZ Segmentation, and IDS Systems
Explains network segmentation, DMZ architecture, and IDS deployment strategies used to contain threats and monitor enterprise network environments. This article has been indexed from CyberMaterial Read the original article: Security Architecture Part 2: Network Security Design, DMZ Segmentation, and IDS…
Google Announces Android Changes Amid Epic Settlement
Google, Epic submit new proposed settlement to judge after previous arrangement deemed ‘sweetheart deal’ for Google This article has been indexed from Silicon UK Read the original article: Google Announces Android Changes Amid Epic Settlement
Cisco Secure Firewall Management Flaw Allows Remote Code Execution
Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a maximum severity score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code with root privileges. CVE ID CVSS…
Possible iPhone-hacking toolkit used by spies, Hacker mass-mails HungerRush extortion emails, Tycoon 2FA phishing platform dismantled
Possible iPhone-hacking toolkit used by spies Hacker mass-mails HungerRush extortion emails Tycoon 2FA phishing platform dismantled Get the show notes here: https://cisoseries.com/cybersecurity-news-iphone-hacking-toolkit-used-by-spies-hungerrush-extortion-emails-tycoon-phishing-platform-dismantled/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first…
Meta Contractors Review Sensitive Videos From AI Glasses
UK ICO contacts Meta over ‘concerning’ Swedish report that contractors in Kenya are reviewing videos featuring bank cards, people having sex This article has been indexed from Silicon UK Read the original article: Meta Contractors Review Sensitive Videos From AI…
RedAlert Mobile Espionage Campaign Exploits Trojanized Rocket Alert App to Spy on Civilians
A newly discovered mobile espionage operation dubbed “RedAlert” has surfaced amid the ongoing Israel–Iran conflict, exploiting wartime fear and dependency on early-warning systems. The campaign targets civilians by distributing a trojanized version of the Israeli Home Front Command’s official Rocket Alert application, aiming…
AI Is Making Social Engineering Harder to Detect—But We’re Still Training People Like It’s 2015
Last year, Hong Kong police disclosed a reported case that would become a watershed moment in cybersecurity: a finance worker at global engineering firm Arup transferred $25 million to fraudsters after attending a video conference call with what appeared to…
IT Security News Hourly Summary 2026-03-05 09h : 10 posts
10 posts were published in the last hour 7:32 : NIS-2: What the end of the registration period means for management teams 7:32 : Thales Data Threat Report: AI and Cloud Complexity Fuel New Data Security Risks 7:32 : 2,622…
NIS-2: What the end of the registration period means for management teams
March 6, 2026, marks the end of the registration period for companies that fall under the NIS-2-Directive. Registration with the “Bundesamt für Sicherheit in der Informationstechnik” (BSI) will transform the regulatory transition period into a binding supervisory situation. This will…
Thales Data Threat Report: AI and Cloud Complexity Fuel New Data Security Risks
A new report from Thales highlights how artificial intelligence is reshaping the cybersecurity landscape, introducing new attack vectors while amplifying existing data protection challenges. The 2026 Thales Data Threat Report finds that as organizations accelerate AI adoption, they are simultaneously increasing their exposure to cloud threats, identity…
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
GitGuardian partnered with Google to answer: what happens when private keys leak? Using Certificate Transparency, we mapped about 1M leaked keys to 140k certificates. Result: 2,622 were valid as of September 2025, exposing major organizations. Our disclosure campaign achieved 97%…
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members…
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies. The subscription-based phishing kit, which first emerged…
Threat Actors Intensify Targeting of IP Cameras Across the Middle East Amid Ongoing Conflict
Cyber operations have once again become an integral component of the ongoing conflict across the Middle East, with researchers identifying a wave of attacks against Internet-connected IP cameras beginning on February 28, 2026. According to CPR, the observed campaigns appear to…
Cisco Secure Firewall Vulnerability Exposes Networks to Authentication Bypass Attacks
Cisco recently disclosed a critical vulnerability in its Secure Firewall Management Centre (FMC) Software that allows unauthenticated remote attackers to gain complete root access to affected devices. Holding a maximum severity CVSS score of 10.0, this flaw demands immediate attention…
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1
Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 13–17.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also…
Fake Tech Support Scams Deliver Advanced Command-and-Control Malware
Fake tech support scams are not new. Historically, the goal was simple: convince someone to hand over a few hundred dollars in gift cards or give attackers remote access to a computer. However, new research from Huntress highlights how familiar social-engineering tricks are evolving…
Google Releases Emergency Chrome Update to Fix 10 Security Vulnerabilities
Google has released a critical security update for Chrome, pushing the Stable channel to version 145.0.7632.159/160 for Windows and Mac, and 145.0.7632.159 for Linux. The update addresses 10 security vulnerabilities, including three rated Critical, and is rolling out to users…
Cisco Catalyst SD-WAN Flaws Expose Devices to Root Access, Threatening Network Security
Cisco has issued critical software updates to address multiple vulnerabilities in the Catalyst SD-WAN Manager (formerly SD-WAN vManage) that could allow attackers to bypass authentication, elevate privileges to root, and execute arbitrary commands. The advisory (cisco-sa-sdwan-authbp-qwCX8D4v), originally published on February…
Workers reviewing Meta Ray-Ban footage encounter users’ intimate moments
Bank details and intimate moments captured without people realizing they are being recorded are the new privacy nightmare behind the latest tech fashion hit, Meta Ray-Ban smart glasses. A joint investigation by Svenska Dagbladet and Göteborgs-Posten found that footage and…