A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout. According to…
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says This article has been indexed from www.infosecurity-magazine.com Read the original article: AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Microsoft Considers Legal Action Over Amazon-OpenAI Deal
Microsoft reportedly believes Amazon’s $50bn deal with OpenAI may breach existing agreements between OpenAI and Azure cloud service This article has been indexed from Silicon UK Read the original article: Microsoft Considers Legal Action Over Amazon-OpenAI Deal
Career Reality Check: What Cyber Isn’t Telling You
Ask Me Anything Cyber on March 19 explores cybersecurity career myths, burnout, and growth, with Brenda Johnson on women in security. This article has been indexed from CyberMaterial Read the original article: Career Reality Check: What Cyber Isn’t Telling You
Micron Shares Fall On Rising Expenditures
One of world’s top three memory makers, Micron says it will need to spend more than $25bn this fiscal year to meet AI data centre demand This article has been indexed from Silicon UK Read the original article: Micron Shares…
Russia establishes Vienna as key western spy hub targeting NATO
Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transformed Vienna into its largest Western spy hub, steadily expanding surveillance over the…
Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article has been indexed…
UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
35% of security leaders working in the UK’s critical infrastructure said regulatory requirements are the primary influence on their security programs This article has been indexed from www.infosecurity-magazine.com Read the original article: UK: Regulation Drives Cyber Spending for Critical Infrastructure…
Nvidia Restarts Production Of H200 Chips For China
AI chip market leader resumes production of second-most-powerful AI chip as it receives approval for sales from Chinese authorities This article has been indexed from Silicon UK Read the original article: Nvidia Restarts Production Of H200 Chips For China
CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies and organizations using the platform must apply the necessary updates by April…
New Ubuntu Snap Bug Opens Door to Delayed Root Compromise
A newly disclosed flaw in Ubuntu’s Snap ecosystem is raising fresh concerns about local privilege escalation risks in default Linux environments. Researchers at Qualys have identified CVE-2026-3888, a high-severity vulnerability that allows a low-privileged local user to escalate access to full root…
Cloud Security Controls Explained: A Definitive Guide
Most teams already have cloud security tools in place. That’s not the issue. The problem is that those tools don’t give you any real control. Infrastructure is built fast, modified constantly, and touched by too many people to track. Code…
CISA Warns of Microsoft SharePoint Vulnerability Exploited in Attacks
A critical security flaw in Microsoft SharePoint has been identified as actively exploited, and on March 18, 2026, the vulnerability was officially added to the Known Exploited Vulnerabilities (KEV) catalog. This addition confirms that threat actors are actively exploiting the…
WaterPlum Deploys New ‘StoatWaffle’ Malware in VSCode-Based Supply Chain Campaign
A North Korea-linked hacking group known as WaterPlum has introduced a dangerous new malware called StoatWaffle, deploying it through compromised Visual Studio Code (VSCode) repositories disguised as legitimate blockchain development projects to silently infiltrate developer machines. WaterPlum has been running…
Dormant Accounts Leave Manufacturing Orgs Open to Attack
While companies use “perp walks” for terminated employees, 48% of manufacturers fail to revoke digital access within 24 hours. Explore the growing risk of dormant accounts, the 74% automation gap in provisioning, and why experts like Darren Guccione and James…
Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults
Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive AD attributes, and introduces configuration options to counter two related Kerberos impersonation techniques. A CVE…
Keysight SBOM Manager simplifies global cybersecurity compliance and software transparency
Keysight Technologies has launched Keysight SBOM Manager, a new solution designed to help organizations meet growing global cybersecurity and software transparency requirements, led by the European Union’s Cyber Resilience Act (CRA). The solution provides a unified approach to generating, managing,…
Arcjet enables inline defense against prompt injection in production AI systems
Arcjet has released AI Prompt Injection Protection, a new capability designed to stop prompt injection attacks before they reach production AI models. The feature detects hostile prompts at the application boundary and gives developers a decision point inside the request…
Chrome Extension “Save Image as Type” Was Hijacked, Putting Over 1 Million Users at Risk
Google has taken down the Chrome extension “Save Image as Type” after security researchers uncovered it had been hijacked and altered to redirect user traffic f Thank you for being a Ghacks reader. The post Chrome Extension "Save Image as…
UK Steps Back From AI Copyright Reforms
UK government changes tack on reforming copyright law to boost AI training, after backlash from copyright holders, but leaves options open This article has been indexed from Silicon UK Read the original article: UK Steps Back From AI Copyright Reforms
Open VSX Extension Delivers RAT and Stealer via GitHub Downloader
An Open VSX extension used by thousands of developers has been caught silently pulling a full-featured remote access trojan and infostealer from GitHub. The KhangNghiem/fast-draft extension, listed on open-vsx.org and tracked at over 26,000 downloads as of March 17, 2026,…
Java 26 ships with new cryptography API and HTTP/3 support
Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement Proposals spanning language changes, garbage collection improvements, cryptographic tooling, and network protocol support. PEM encoding…
IT Security News Hourly Summary 2026-03-19 09h : 8 posts
8 posts were published in the last hour 7:32 : New SnappyClient Implant Combines Remote Access, Data Theft and Advanced Evasion 7:32 : Omnix AI Advisor brings real-time credential threat insights to enterprise security teams 7:31 : DarkSword emerges, “ShieldGuard”…
New SnappyClient Implant Combines Remote Access, Data Theft and Advanced Evasion
A dangerous new malware implant called SnappyClient has quietly emerged as a serious threat to Windows users, combining remote access, data theft, and sophisticated evasion techniques in one compact C++ package. First spotted in December 2025, this command-and-control (C2) framework…