AI is pushing attackers beyond a handful of popular CVEs and toward exploiting the full vulnerability landscape. Fortinet’s Aamir Lakhani explains what that means for patch strategy, threat hunting, and the future of threat intelligence. This article has been…
Tag: EN
Firefox is getting a free built-in VPN
Mozilla is adding a free built-in VPN to Firefox, with the feature arriving in Firefox 149 on March 24. Privacy concerns often follow free VPN services, especially when unclear data practices put user information at risk. Mozilla says its version…
UIDAI Introduces Bug Bounty Program to Strengthen Aadhaar Defenses
The Unique Identification Authority of India (UIDAI) has officially launched its first structured bug bounty program to fortify the Aadhaar system. As the foundation of a massive national identity database, securing Aadhaar requires continuous innovation and rigorous testing. This new…
Telegram’s Crackdown in 2026 and Why Cyber Criminals Are Still Winning
If you’ve been following the Telegram crackdown news, then you’ll know that Telegram entered 2026 under significant pressure. After years of being a largely permissive environment, the platform dramatically increased enforcement following the arrest of CEO Pavel Durov in late 2024…
Iran-Linked Cyber Campaigns Converge With Electronic and Psychological Warfare as Regional Conflict Escalates
On February 28, 2026, a joint US-Israeli military operation launched strikes inside Iran, opening a conflict that rapidly extended into cyberspace. Iran responded with ballistic missiles and drone strikes across Bahrain, Kuwait, Iraq, Saudi Arabia, the UAE, Israel, and Qatar.…
ForceMemo Hijacks GitHub Accounts, Backdoors Hundreds of Python Repos via Force-Push
A new malware campaign tracked as ForceMemo is quietly compromising hundreds of GitHub accounts and injecting hidden malicious code into Python repositories, leaving almost no visible trace. The earliest confirmed infections date back to March 8, 2026, and the campaign…
Critical Telnetd Vulnerability Enables Remote Attacker to Execute Arbitrary Code via Port 23
A critical buffer overflow vulnerability in the GNU Inetutils telnetd daemon. Tracked as CVE-2026-32746, this flaw allows an unauthenticated remote attacker to execute arbitrary code and gain root access to affected systems. The vulnerability requires zero user interaction and possesses…
Britain’s satellite-watching gap to be plugged with £17.5M eyeball in Cyprus
No 1 Space Operations Squadron will get a persistent stare capability The Ministry of Defence (MoD) plans to spend £17.5 million on a remotely-operated satellite monitoring facility in Cyprus, partly to protect the UK’s secure communications system Skynet.… This article…
Apple Debuts Background Security Improvements With Fresh WebKit Patches
The lightweight updates are meant to deliver security protections between security updates. The post Apple Debuts Background Security Improvements With Fresh WebKit Patches appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Apple Debuts…
Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers. The post Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Is All OAuth The Same For MCP?
Is the “S” in MCP missing? Explore the current state of Model Context Protocol security, from stdio vs. HTTP transport risks to the complexities of CIMD and OAuth implementations across different AI clients. The post Is All OAuth The Same…
TrojAI unveils new capabilities to secure agentic AI beyond the prompt layer
TrojAI has announced major new capabilities designed to secure the growing deployment of agentic AI in the enterprise going beyond the prompt layer. “The innovations we are unveiling this week address some of the most significant and rapid changes to…
Corelight’s Agentic Triage turns SOC alerts into evidence-backed investigations
Corelight has introduced a new set of agentic AI capabilities aimed at helping security operations centers (SOCs) cut down on repetitive, time-consuming tasks. The updates are designed to boost analyst efficiency, speed up response times, and build trust through greater…
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can grant attackers extensive control over compromised hosts. The nine vulnerabilities, discovered by Eclypsium, span four different products from GL-iNet…
Claude Code Security and Magecart: Getting the Threat Model Right
When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo. As teams adopt Claude Code Security for static analysis,…
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746, carries a CVSS score…
AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
Rapid7 says median time from publication to CISA KEV inclusion dropped to five days This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
New .NET AOT Malware Hides Code as a Black Box to Evade Detection
Researchers at Howler Cell have discovered a new .NET AOT malware campaign that uses a clever scoring system… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: New .NET AOT…
Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks
Apple has released emergency security updates to address a critical WebKit vulnerability that currently exposes iPhone, iPad, and Mac users to sophisticated content-based bypass attacks. Delivered seamlessly via the Background Security Improvements mechanism on March 17, 2026, this targeted patch…
Rethinking Cyber Awareness: From Blame to Belonging
Stop treating employees like the “weakest link.” Discover why traditional cybersecurity awareness training fails and how to build a culture of belonging through human-centered design, security guardrails, and collaborative resilience. The post Rethinking Cyber Awareness: From Blame to Belonging appeared…