VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fingerprints its surroundings to detect…
Perplexity’s Comet Browser Breached Through Calendar Invite Attack
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local files using a malicious Google Calendar invite. The issue, dubbed PerplexedBrowser and grouped under Zenity’s “PleaseFix” family, affected Comet on…
Google Plans Two-Week Release Schedule for Chrome
Starting September 2026, new Chrome iterations will be released twice as fast, part of a two-week cycle. The post Google Plans Two-Week Release Schedule for Chrome appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity
Join the webinar as we explore a blueprint for an OT SOC leveraging an integrated OT Security Platform to safeguard operations and maintain business continuity. The post Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity appeared…
Njordium Vendor Management System eliminates duplicate third-party assessments
Njordium Cyber Group has launched its Vendor Management System (VMS), a platform that eliminates the costly duplication of third-party assessments under Europe’s overlapping regulations. 70% of European organisations suffered a data breach in the past three years, and 77% of…
Leaked iPhone Spyware ‘Coruna’ Now Steals Crypto and Sensitive User Data
Security researchers say a powerful iPhone hacking framework once tied to surveillance operations is now being used in criminal campaigns to steal cryptocurrenc Thank you for being a Ghacks reader. The post Leaked iPhone Spyware ‘Coruna’ Now Steals Crypto and…
Waymo Blocks Responders In Austin Mass Shooting
Waymo autonomous vehicle halts in street, blocking police and ambulances after Austin shooting, in latest incident for Google spin-off This article has been indexed from Silicon UK Read the original article: Waymo Blocks Responders In Austin Mass Shooting
Virginia Appeals Order Blocking Social Media Law
US state appeals judge’s preliminary injunction barring it from enforcing 1-hour social media time limit for children under 16 This article has been indexed from Silicon UK Read the original article: Virginia Appeals Order Blocking Social Media Law
Iranian APT Groups Intensify Cyberattacks on Critical Infrastructure Amid Rising Geopolitical Tensions
A dramatic escalation in Middle Eastern tensions began last week with Operation Lion’s Roar, a joint U.S.-Israeli military strike on Iranian nuclear and military sites. Iran retaliated with missiles and drones, disrupting energy, air travel, and diplomatic stability across the…
Global Coalition Publishes 6G Security and Resilience Principles
The principles cover security, resilience against attacks and disasters, AI, and openness and interoperability. The post Global Coalition Publishes 6G Security and Resilience Principles appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Global…
Shadow AI vs Managed AI: What’s the Difference? – FireTail Blog
Mar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools…
Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows
The OpenID Foundation warns that fragmented policies on posthumous digital accounts could open the door for fraudsters to exploit AI deepfakes This article has been indexed from www.infosecurity-magazine.com Read the original article: Calls for Global Digital Estate Standard as Posthumous…
IT Security News Hourly Summary 2026-03-04 12h : 10 posts
10 posts were published in the last hour 10:38 : Telegram Increasingly Used to Sell Access, Malware and Stolen Logs 10:38 : Mobile malware evolution in 2025 10:38 : HPE AutoPass Vulnerability Let Attackers Bypass Authentication Remotely 10:38 : MS-Agent…
Telegram Increasingly Used to Sell Access, Malware and Stolen Logs
Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
Mobile malware evolution in 2025
Statistics on Android malware and the most notable mobile threats of 2025: preinstalled backdoors Keenadu and Triada, spyware Trojans, the Kimwolf IoT botnet, and Mamont banking Trojans. This article has been indexed from Securelist Read the original article: Mobile malware…
HPE AutoPass Vulnerability Let Attackers Bypass Authentication Remotely
A security bulletin has been issued regarding a vulnerability in the AutoPass License Server (APLS) that could allow attackers to remotely bypass authentication controls. The issue is tracked as CVE-2026-23600 and is rated important with a CVSS base score of…
MS-Agent Vulnerability Let Attackers Hijack AI Agent to Gain Full System Control
A critical security vulnerability has been discovered in a lightweight framework designed to enable AI agents to perform autonomous tasks. According to a vulnerability note published by the CERT/CC, this flaw allows attackers to trick the AI into executing malicious commands,…
Critical XSS Vulnerability in Angular i18n Enables Malicious Code Execution
A high-severity Cross-Site Scripting (XSS) vulnerability, designated as CVE-2026-27970, has been discovered in Angular’s internationalization (i18n) pipeline. The vulnerability allows attackers to execute malicious JavaScript if they can compromise an application’s translation files. Angular’s i18n process allows developers to extract…
IPVanish VPN for macOS Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code
A critical privilege escalation vulnerability has been discovered in the IPVanish VPN application for macOS. This flaw allows any unprivileged local user to execute arbitrary code as root without requiring user interaction. The security failure completely bypasses macOS security features,…
The vulnerability that turns your AI agent against you
Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content…
Want More XWorm?, (Wed, Mar 4th)
And another XWorm[1] wave in the wild! This malware family is not new and heavily spread but delivery techniques always evolve and deserve to be described to show you how threat actors can be imaginative! This time, we are facing…
Chinese Tech Firms See Disruption In Middle East
Year of aggressive expansion by autonomous taxi companies, food delivery firms capped by disruption from Iran military strikes This article has been indexed from Silicon UK Read the original article: Chinese Tech Firms See Disruption In Middle East
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems. The names of the packages are listed below…
Amazon Says Drones Damaged Cloud Centres In UAE, Bahrain
Amazon Web Services says two data centres in UAE directly hit by Iranian drone strikes, as Bahrain site also sees ‘physical impacts’ This article has been indexed from Silicon UK Read the original article: Amazon Says Drones Damaged Cloud Centres…