A threat actor operating under the alias FulcrumSec has publicly claimed responsibility for a fresh breach of LexisNexis Legal & Professional, the legal information division of RELX Group, alleging the exfiltration of 2.04 GB of structured data from the company’s…
Tag: Cyber Security News
Malvertising Threat Actor ‘D‑Shortiez’ Abuses WebKit Back‑Button Hijack in Forced‑Redirect Browser Campaign
A threat actor tracked as D-Shortiez has been running a persistent malvertising campaign that turns a WebKit browser behavior into a trap, forcing iOS Safari users into scam pages with no easy way out. The campaign is not entirely new…
Epic Fury/Roaring Lion Sparks Escalating Cyber Conflict as Iran Goes Offline, Hacktivists Step Up Retaliation
On February 28, 2026, the United States and Israel launched a coordinated offensive — code-named Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel — setting off a wide-ranging cyber conflict that spread across the Middle East…
Hackers Leverage Telegram for Initial Access to Corporate VPN, RDP, and Cloud Environments
Telegram, once widely recognized as a privacy-focused messaging application, has quietly transformed into one of the most powerful operational platforms used by cybercriminals today. What dark web forums once offered — anonymity, exclusive access, and a marketplace for stolen data…
Langflow’s AI CSV Agent Vulnerability Allows Remote Code Execution Attacks
A critical vulnerability in a popular AI application platform allows attackers to remotely execute harmful code through its CSV data-processing agent. The vulnerability, tracked as CVE-2026-27966, was recently disclosed and given a critical severity score of 10.0 out of 10.…
Google Unveils Merkle Tree Certificates to Shield HTTPS Against Quantum Threats
Google has announced a major initiative to protect HTTPS connections from the emerging threats posed by quantum computing. Working with the Internet Engineering Task Force (IETF) and its “PKI, Logs, And Tree Signatures” (PLANTS) working group, Chrome is spearheading the…
Malvertising Campaign Delivers AMOS ‘malext’ macOS Infostealer via Fake Text‑Sharing Lures
A new malvertising campaign is actively targeting macOS users worldwide, delivering a new variant of the AMOS infostealer called “malext.” Attackers are purchasing Google Search ads that push victims toward fake help articles on free text-sharing websites, where a deceptive…
How to Cut MTTR by Improving Threat Visibility in Your SOC
In boardrooms and security operations centers alike, one metric has risen from a niche KPI to a defining measure of organizational resilience: Mean Time to Respond (MTTR). But why has this particular number captured so much attention, and does it…
Hackerbot-Claw Bot Attacks Microsoft and DataDog via GitHub Actions CI/CD Misconfiguration
Between February 21 and February 28, 2026, an autonomous bot named hackerbot-claw launched a week-long attack campaign against major open source repositories. It targeted GitHub Actions CI/CD pipelines belonging to Microsoft, DataDog, the Cloud Native Computing Foundation, and several other…
New Claude Memory Feature Allow Users to Transfer Data from ChatGPT and Other AI Providers
Anthropic has introduced a new memory import tool for Claude that allows users to seamlessly transfer their stored preferences, habits, and context from other AI platforms, including ChatGPT, Google Gemini, and Microsoft Copilot, directly into Claude’s memory system, eliminating the…
Threat Actors Deploy ‘AuraStealer’ Infostealer with 48 C2 Domains and Active Campaigns
A new information-stealing malware called AuraStealer has been making its presence felt across the cybersecurity landscape since mid-2025. Developed and actively maintained by a group of Russian-speaking individuals, the malware first appeared on underground hacker forums in July 2025, shortly…
Android Security Update – Patch for 129 Vulnerabilities and Actively Exploited Zero-Day
Google has released its highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month in recent…
Hackers Leveraged CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
A new artificial intelligence (AI) offensive security tool called CyberStrikeAI, which is being actively leveraged by threat actors to target edge devices, particularly Fortinet FortiGate appliances. This open-source platform, developed by a China-based individual with potential ties to state-sponsored operations,…
Threat Actors Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Local Coding Tools
A supply chain attack targeting developers surfaced on March 2, 2026, when unauthorized code was found inside two versions of the Aqua Trivy VS Code extension on the OpenVSX registry. The compromised versions — 1.8.12 and 1.8.13 — were uploaded…
Chrome Gemini Vulnerability Lets Attackers Access Victims’ Camera and Microphone Remotely
A high-severity security vulnerability has been discovered in Google Chrome’s integrated Gemini AI assistant, exposing users to unauthorized camera and microphone access, local file theft, and phishing attacks, all without requiring any user interaction beyond launching the browser’s built-in AI…
Claude AI Suffers Global Outage: Elevated Errors Disrupt Web Interface and APIs
On March 2, 2026, Anthropic’s artificial intelligence assistant, Claude, experienced a significant global outage that disrupted workflows for users and developers worldwide. Organizations relying on the AI model for daily threat intelligence reporting, code generation, and automated security analysis faced…
MSHTML Framework 0-Day Exploited by APT28 Hackers Before Feb 2026’s Patch Tuesday Update
A zero-day vulnerability in the Microsoft HTML (MSHTML) framework was actively exploited in the wild. The vulnerability, tracked as CVE-2026-21513, allows attackers to bypass security features and execute arbitrary files. With a CVSS score of 8.8, it impacts all Windows…
DuckDuckGo Browser UXSS Flaw in Auto Consent JS Bridge Enables Cross-Origin Code Execution
A critical Universal Cross-Site Scripting (UXSS) vulnerability was recently discovered in the DuckDuckGo Android browser. This flaw allowed untrusted, cross-origin iframes to execute arbitrary JavaScript in the top-level origin, tracked with a high-severity CVSS score of 8.6. The vulnerability was…
PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation
A critical local privilege escalation (LPE) vulnerability affecting Microsoft Windows has recently come to light following the public release of a Proof-of-Concept (PoC) exploit. Tracked as CVE-2026-20817, this security flaw resides within the Windows Error Reporting (WER) service. The vulnerability…
OCRFix Botnet Trojan Leveraging ClickFix Phishing and EtherHiding to Conceal Blockchain-Based Command Infrastructure
A newly identified botnet trojan campaign, dubbed OCRFix, has been discovered combining social engineering tricks with blockchain-based command infrastructure to quietly build a network of compromised machines. The campaign blends the well-known ClickFix phishing technique with EtherHiding — a method…