Cyber Daily News

Cyber Daily News for March 27, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks https://securityaffairs.com/190029/malware/china-linked-red-menshen-apt-deploys-stealthy-bpfdoor-implants-in-telecom-networks.html - U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/190044/security/u-s-cisa-adds-an-aquasecurity-trivy-flaw-to-its-known-exploited-vulnerabilities-catalog.html - U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/190018/security/u-s-cisa-adds-a-langflow-flaw-to-its-known-exploited-vulnerabilities-catalog.html - Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds https://www.infosecurity-magazine.com/news/critical-oracle-weblogic-rce/ - Coruna iOS Exploit Kit Likely an Update to Operation Triangulation https://www.securityweek.com/coruna-ios-exploit-kit-likely-an-update-to-operation-triangulation/ - EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts https://www.infosecurity-magazine.com/news/etherrat-bypass-security-ethereum/ - Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/ - Congress Wants a GPS Tracker on Every Advanced AI Chip America Exports https://thecyberexpress.com/advanced-ai-chip-chip-security-act/

Cyber Daily News for March 26, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Alleged RedLine Malware Administrator Extradited to US https://www.securityweek.com/alleged-redline-malware-administrator-extradited-to-us/ - FCC Bans Foreign-Made Routers Over National Security Concerns https://www.infosecurity-magazine.com/news/us-fcc-bans-foreign-made-routers/ - Three Individuals Charged for Trying to Smuggle 'America-Made' AI Tech Worth $170M https://thecyberexpress.com/charged-for-smuggling-america-made-ai-tech/ - Port of Vigo Hit by Ransomware Attack, Cargo Systems Disrupted https://thecyberexpress.com/port-of-vigo-cyberattack-disrupts-systems/ - Iran-Linked Pay2Key Ransomware Group Re-Emerges https://www.infosecurity-magazine.com/news/iranlinked-pay2key-ransomware/ - Patch now: TP-Link Archer NX Routers Vulnerable to Firmware Takeover https://securityaffairs.com/189980/iot/patch-now-tp-link-archer-nx-routers-vulnerable-to-firmware-takeover.html - Russian authorities arrest alleged LeakBase admin behind stolen data marketplace https://securityaffairs.com/189994/cyber-crime/russian-authorities-arrest-alleged-leakbase-admin-behind-stolen-data-marketplace.html - Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update https://thecyberexpress.com/nodejs-cve-2026-21637/

Cyber Daily News for March 25, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Malicious LiteLLM versions linked to TeamPCP supply chain attack https://securityaffairs.com/189948/hacking/malicious-litellm-versions-linked-to-teampcp-supply-chain-attack.html - Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca https://securityaffairs.com/189936/data-breach/cybercrime-group-lapsus-claims-the-hack-of-pharma-giant-astrazeneca.html - CISA, FBI Warn of Phishing Campaign Targeting Messaging App Users https://thecyberexpress.com/phishing-campaign-targeting-messaging-apps/ - Citrix NetScaler critical flaw could leak data, update now https://securityaffairs.com/189908/security/citrix-netscaler-critical-flaw-could-leak-data-update-now.html - HackerOne Employee Data Exposed in Massive Navia Breach https://www.securityweek.com/hackerone-employee-data-exposed-in-massive-navia-breach/ - New Npm 'Ghost Campaign' Uses Fake Install Logs to Hide Malware https://www.infosecurity-magazine.com/news/npm-ghost-campaign-fake-install/ - Dutch Finance Ministry Investigates Data Breach in Internal Systems https://thecyberexpress.com/ministry-of-finance-cyberattack/ - Head of Russian Cybercrime Group Mario Kart Sentenced for Locking Out Dozens of U.S. Businesses https://thecyberexpress.com/head-of-russian-mario-kart-sentenced/

Cyber Daily News for March 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Oracle Issues Emergency Patch for Critical Flaw Enabling Remote Code Execution https://thecyberexpress.com/oracle-identity-manager-cve-2026-21992-patch/ - Trivy Supply Chain Attack Expands With New Compromised Docker Images https://www.infosecurity-magazine.com/news/trivy-supply-chain-attack-expands/ - M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds https://www.securityweek.com/m-trends-2026-initial-access-handoff-shrinks-from-hours-to-22-seconds/ - North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware https://securityaffairs.com/189880/security/north-korea-linked-threat-actors-abuse-vs-code-auto-run-to-spread-stoatwaffle-malware.html - Russian Initial Access Broker Handed 81-Month Sentence https://www.infosecurity-magazine.com/news/russian-initial-access-broker/ - Handala Group Tied to Iranian Hack-and-Leak Operations, FBI Reveals https://www.infosecurity-magazine.com/news/handala-group-iranian-hack-and/ - Tycoon2FA Phishing Service Resumes Activity Post-Takedown https://www.infosecurity-magazine.com/news/tycoon2fa-phishing-service-resumes/ - Mazda Says Employee, Partner Information Stolen in Cyberattack https://www.securityweek.com/mazda-says-employee-partner-information-stolen-in-cyberattack/

Cyber Daily News for March 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CISA Orders US Government to Patch Maximum Severity Cisco Flaw https://www.infosecurity-magazine.com/news/cisa-orders-us-government-patch/ - Operation Alice Takes Down 373,000+ Dark Web Sites https://www.infosecurity-magazine.com/news/operation-alice-370000-dark-web/ - Iran-Linked Actors Use Telegram as C2 in Malware Attacks on Dissidents https://securityaffairs.com/189820/malware/iran-linked-actors-use-telegram-as-c2-in-malware-attacks-on-dissidents.html - Russia-Linked Actors Target WhatsApp and Signal in Phishing Campaign https://securityaffairs.com/189808/intelligence/russia-linked-actors-target-whatsapp-and-signal-in-phishing-campaign.html - Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability https://www.securityweek.com/oracle-releases-emergency-patch-for-critical-identity-manager-vulnerability/ - Tycoon 2FA Fully Operational Despite Law Enforcement Takedown https://www.securityweek.com/tycoon-2fa-fully-operational-despite-law-enforcement-takedown/ - NIST Updates DNS Security Guidance After 12 Years with SP 800-81r3 https://thecyberexpress.com/dns-security-guidance-nist-sp-800-81r3-update/ - Foster City Cyberattack Disrupts Services, Raises Data Breach Fears https://thecyberexpress.com/foster-city-cyberattack/

Cyber Daily News for March 22, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - WorldLeaks Ransomware Group Breaches City of Los Angeles and Metro System https://securityaffairs.com/189753/data-breach/worldleaks-group-breached-the-city-of-los-angels.html - Apple Urges iPhone Users to Update as Coruna and DarkSword Exploit Kits Emerge https://securityaffairs.com/189716/security/apple-urges-iphone-users-to-update-as-coruna-and-darksword-exploit-kits-emerge.html - Navia Data Breach Impacts Nearly 2.7 Million People https://securityaffairs.com/189726/data-breach/navia-data-breach-impacts-nearly-2-7-million-people.html - Global Law Enforcement Operation Targets AISURU, Kimwolf, JackSkid Botnet Operators https://securityaffairs.com/189710/cyber-crime/global-law-enforcement-operation-targets-aisuru-kimwolf-jackskid-botnet-operators.html - Suspected China-Based Espionage Campaign Against Military Targets in Southeast Asia https://unit42.paloaltonetworks.com/espionage-campaign-against-military-targets/ - DarkSword iOS Exploit Chain Adopted by Multiple Threat Actors https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain - French Aircraft Carrier Charles de Gaulle Tracked via Strava in OPSEC Failure https://securityaffairs.com/189696/intelligence/french-aircraft-carrier-charles-de-gaulle-tracked-via-strava-activity-in-opsec-failure.html - 7,500+ Magento Sites Defaced in Global Hacking Campaign https://securityaffairs.com/189734/hacking/7500-magento-sites-defaced-in-global-hacking-campaign.html

Cyber Daily News for March 21, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - 7,500+ Magento sites defaced in global hacking campaign https://securityaffairs.com/189734/hacking/7500-magento-sites-defaced-in-global-hacking-campaign.html - PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks https://securityaffairs.com/189744/security/polyshell-flaw-exposes-magento-and-adobe-commerce-to-file-upload-attacks.html - US Confirms Handala Link to Iran Government Amid Takedown of Hackers' Sites https://www.securityweek.com/us-confirms-handala-link-to-iran-government-amid-takedown-of-hackers-sites/ - Iran-Linked Handala Hackers Launch New Domain Hours After FBI Seized the Older One https://thecyberexpress.com/handala-hackers-launch-new-domain/ - Navia data breach impacts nearly 2.7 Million people https://securityaffairs.com/189726/data-breach/navia-data-breach-impacts-nearly-2-7-million-people.html - 3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China https://www.securityweek.com/3-men-charged-with-conspiring-to-smuggle-us-artificial-intelligence-to-china/ - Eclypsium Raises $25 Million for Device Supply Chain Security https://www.securityweek.com/eclypsium-raises-25-million-for-device-supply-chain-security/ - In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting https://www.securityweek.com/in-other-news-new-android-safeguards-operation-alice-uk-toughens-cyber-reporting/

Cyber Daily News for March 20, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Hackers Exploit Critical Langflow Bug in Just 20 Hours https://www.infosecurity-magazine.com/news/hackers-exploit-critical-langflow/ - Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking https://securityaffairs.com/189689/security/critical-ubiquiti-unifi-unifi-security-flaw-allows-potential-account-hijacking.html - DarkSword emerges as powerful iOS exploit tool in global attacks https://securityaffairs.com/189662/hacking/darksword-emerges-as-powerful-ios-exploit-tool-in-global-attacks.html - Financial Brands Targeted in Global Mobile Banking Malware Surge https://www.infosecurity-magazine.com/news/financial-brands-mobile-banking/ - Thousands of Magento Sites Hit in Ongoing Defacement Campaign https://www.securityweek.com/thousands-of-magento-sites-hit-in-ongoing-defacement-campaign/

Cyber Daily News for March 19, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cisco Firewall Zero-Day Exploited by Interlock Ransomware Since January https://www.securityweek.com/cisco-firewall-vulnerability-exploited-as-zero-day-in-interlock-ransomware-attacks/ - DarkSword iOS Exploit Kit Used by State-Sponsored Hackers https://thecyberexpress.com/ios-exploit-kit-dubbed-darksword/ - CISA Adds SharePoint and Zimbra Flaws to Known Exploited Vulnerabilities Catalog https://www.securityweek.com/cisa-warns-of-attacks-exploiting-recent-sharepoint-vulnerability/ - Critical Unpatched Telnetd Flaw Allows Remote Code Execution on All Versions https://securityaffairs.com/189620/hacking/researchers-warn-of-unpatched-critical-telnetd-flaw-affecting-all-versions.html - Agentic AI Fraud Campaigns Earn 4.5 Times More Than Conventional Tactics https://thecyberexpress.com/agentic-ai-run-fraud-campaigns-interpol/ - AI-Enabled Adversaries Compress Time-to-Exploit to Just Days https://www.infosecurity-magazine.com/news/exploitation-accelerates-in-2025/ - CISA Urges Endpoint Management Hardening After Stryker Cyberattack https://thecyberexpress.com/endpoint-management-systems-cisa/ - New Ubuntu Flaw Enables Local Attackers to Gain Root Access https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/

Cyber Daily News for March 18, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - EU Sanctions Chinese and Iranian Actors Over Cyberattacks on Critical Infrastructure https://securityaffairs.com/189585/security/eu-sanctions-chinese-and-iranian-actors-over-cyberattacks-on-critical-infrastructure.html - Android OS-Level Attack Bypasses Mobile Payment Security https://www.infosecurity-magazine.com/news/android-attack-bypasses-payment/ - Robotic Surgery Firm Intuitive Reports Data Breach After Phishing Attack https://securityaffairs.com/189598/data-breach/robotic-surgery-firm-intuitive-reports-data-breach-after-targeted-phishing-attack.html - RondoDox Botnet Targets 174 Flaws With 15,000 Daily Exploit Attempts https://securityaffairs.com/189569/malware/rondodox-botnet-expands-arsenal-targeting-174-flaws-and-hits-15000-daily-exploit-attempts.html - CursorJack Attack Exposes Code Execution Risk in AI Development Environment https://www.infosecurity-magazine.com/news/cursor-jack-attack-path-ai/ - AI Issues Will Drive Half of Incident Response Efforts by 2028, Says Gartner https://www.infosecurity-magazine.com/news/ai-issues-half-incident-response/ - Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won't Patch https://www.securityweek.com/researcher-discovers-4th-whatsapp-view-once-bypass-meta-wont-patch/ - Tech Giants Invest $12.5 Million in Open Source Security https://www.securityweek.com/tech-giants-invest-12-5-million-in-open-source-security/

Cyber Daily News for March 17, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Attack on Stryker's Microsoft environment wiped employee devices without malware https://securityaffairs.com/189535/hacking/attack-on-stryker-s-microsoft-environment-wiped-employee-devices-without-malware.html - EU Sanctions Chinese, Iranian Hacking Groups for Device Breaches and Olympic Cyberattacks https://thecyberexpress.com/eu-sanctions-chinese-iranian-hacking-groups/ - FBI launches inquiry into Steam games spreading malware https://securityaffairs.com/189515/cyber-crime/fbi-launches-inquiry-into-steam-games-spreading-malware.html - From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures https://securityaffairs.com/189542/cyber-crime/from-windows-to-macos-clickfix-attacks-shift-tactics-with-chatgpt-based-lures.html - Average Number of Daily API Attacks Up 113% Annually https://www.infosecurity-magazine.com/news/average-number-daily-api-attacks/ - GlassWorm Campaign Expands Through Malicious Open VSX Extensions https://thecyberexpress.com/glassworm-malicious-campaign/ - Security Flaw in AWS Bedrock Code Interpreter Raises Alarms https://www.infosecurity-magazine.com/news/security-flaw-aws-bedrock/ - Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets https://securityaffairs.com/189519/malware/russia-linked-apt-uses-drillapp-backdoor-to-spy-on-ukrainian-targets.html

Cyber Daily News for March 16, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Unprivileged users could exploit AppArmor bugs to gain root access https://securityaffairs.com/189487/hacking/unprivileged-users-could-exploit-apparmor-bugs-to-gain-root-access.html - Hacking Attempt Reported at Poland's Nuclear Research Center https://www.securityweek.com/hack-attempt-reported-at-polands-nuclear-research-center/ - China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack https://thecyberexpress.com/ice-cyberattack-china-costa-rica/ - Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services https://securityaffairs.com/189497/security/advanced-protection-mode-in-android-17-prevents-apps-from-misusing-accessibility-services.html - Europe Moves to Ban AI Nudification Tools Under Updated AI Act https://thecyberexpress.com/eu-ai-act-ban-proposed-for-ai-nudification/ - UK: Companies House Web Glitch Exposes Corporate Details to Fraudsters https://www.infosecurity-magazine.com/news/companies-house-glitch-exposes/ - Payload Ransomware claims the hack of Royal Bahrain Hospital https://securityaffairs.com/189467/cyber-crime/payload-ransomware-claims-the-hack-of-royal-bahrain-hospital.html - AI Legal Risks: Lisa Fitzgerald on Why Businesses Must Vet AI Use Cases https://thecyberexpress.com/ai-legal-risks-lisa-fitzgerald-warns/

Cyber Daily News for March 15, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CISA Adds Actively Exploited Chrome Flaws to KEV Catalog https://securityaffairs.com/189411/security/u-s-cisa-adds-google-chrome-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Interpol Operation Synergia III Nets 94 Arrests and 45,000 Malicious IPs https://www.infosecurity-magazine.com/news/interpol-operation-synergia3-94/ - Storm-2561 Lures Victims to Spoofed VPN Sites to Harvest Corporate Logins https://securityaffairs.com/189426/cyber-crime/storm-2561-lures-victims-to-spoofed-vpn-sites-to-harvest-corporate-logins.html - Starbucks Data Breach Exposes SSNs and Bank Data of 889 Employees https://securityaffairs.com/189438/security/starbucks-data-breach-impacts-889-employees.html - AI-Assisted Slopoly Malware Powers Hive0163 Ransomware Campaigns https://securityaffairs.com/189378/malware/ai-assisted-slopoly-malware-powers-hive0163s-ransomware-campaigns.html - Iran-Linked Hackers Target US Critical Infrastructure During War https://www.securityweek.com/iran-linked-hackers-take-aim-at-us-and-other-targets-raising-risk-of-cyberattacks-during-war/ - SocksEscort Proxy Botnet Disrupted After Infecting 360,000 Devices https://securityaffairs.com/189391/security/us-and-european-authorities-disrupt-socksescort-proxy-service-tied-to-avrecon-botnet.html - Critical HPE AOS-CX Vulnerability Allows Unauthenticated Admin Password Resets https://www.securityweek.com/critical-hpe-aos-cx-vulnerability-allows-admin-password-resets/

Cyber Daily News for March 14, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Interpol's Operation Synergia III Nets 94 Arrests, Takes Down 45,000 Malicious IPs https://www.infosecurity-magazine.com/news/interpol-operation-synergia3-94/ - CISA Adds Two Actively Exploited Google Chrome Flaws to KEV Catalog https://securityaffairs.com/189411/security/u-s-cisa-adds-google-chrome-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Iran-Linked Hackers Take Aim at US and Other Targets During War https://www.securityweek.com/iran-linked-hackers-take-aim-at-us-and-other-targets-raising-risk-of-cyberattacks-during-war/ - Hackers Targeted Poland's National Centre for Nuclear Research https://securityaffairs.com/189399/security/hackers-targeted-polands-national-centre-for-nuclear-research.html - US and European Authorities Disrupt SocksEscort Proxy Service Tied to AVrecon Botnet https://securityaffairs.com/189391/security/us-and-european-authorities-disrupt-socksescort-proxy-service-tied-to-avrecon-botnet.html - Critical HPE AOS-CX Vulnerability Allows Admin Password Resets https://www.securityweek.com/critical-hpe-aos-cx-vulnerability-allows-admin-password-resets/ - Starbucks Data Breach Impacts Employees https://www.securityweek.com/starbucks-data-breach-impacts-employees/ - N8n Flaw Exploited, Slopoly Malware Emerges https://www.securityweek.com/in-other-news-n8n-flaw-exploited-slopoly-malware-interpol-cybercrime-crackdown/

Cyber Daily News for March 13, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Iran-Linked Handala Group Wipes 200,000 Stryker Devices, Disrupts Supply Chain https://www.securityweek.com/iran-linked-hacker-attack-on-stryker-disrupted-manufacturing-and-shipping/ - Chrome 146 Patches Two Actively Exploited Zero-Day Vulnerabilities https://www.securityweek.com/chrome-146-update-patches-two-exploited-zero-days/ - Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning https://www.infosecurity-magazine.com/news/socksescort-proxy-network-op/ - CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws https://www.infosecurity-magazine.com/news/cisa-cisco-sd-wan-flaws-directive/ - Hive0163 Ransomware Operators Deploy AI-Generated Slopoly Malware https://thecyberexpress.com/slopoly-ai-generated-malware/ - Apple Patches Coruna Exploit Kit Flaws in Legacy iOS Versions https://www.securityweek.com/apple-updates-older-ios-versions-to-patch-coruna-exploits/ - Veeam Fixes Critical RCE Bugs in Backup and Replication Platform https://thecyberexpress.com/veeam-security-patch-for-backup-replication/ - Critical Zero-Click Flaw in n8n Allows Full Server Compromise https://www.infosecurity-magazine.com/news/critical-zeroclick-flaw-n8n-pillar/

Cyber Daily News for March 12, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - MedTech Giant Stryker Crippled by Iran-Linked Hacker Attack https://www.securityweek.com/medtech-giant-stryker-crippled-by-iran-linked-hacker-attack/ - Vulnerability in MediaTek Chips Could Impact 25% Android Smartphones https://thecyberexpress.com/android-phone-vulnerability-mediatek-chipsets/ - Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX https://securityaffairs.com/189278/security/hewlett-packard-enterprise-fixes-critical-authentication-bypass-in-aruba-aos-cx.html - Compromised WordPress Sites Deliver ClickFix Attacks in Global Infostealer Campaign https://www.infosecurity-magazine.com/news/wordpress-clickfix-infostealer/ - Wiz Joins Google Cloud as Landmark Acquisition Closes https://www.securityweek.com/wiz-joins-google-cloud-as-landmark-acquisition-closes/ - Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command https://www.securityweek.com/senate-confirms-joshua-rudd-to-lead-nsa-and-us-cyber-command/ - BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign https://www.infosecurity-magazine.com/news/blacksanta-edr-killer-targets-hr/ - Researchers Discover Major Security Gaps in LLM Guardrails https://www.infosecurity-magazine.com/news/major-security-gaps-llm-guardrails/

Cyber Daily News for March 11, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs https://securityaffairs.com/189266/security/microsoft-patch-tuesday-security-updates-for-march-2026-fixed-84-bugs.html - Attackers exploit FortiGate devices to access sensitive network information https://securityaffairs.com/189241/security/attackers-exploit-fortigate-devices-to-access-sensitive-network-information.html - Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials https://www.infosecurity-magazine.com/news/russian-hackers-target-military/ - APT28 conducts long-term espionage on Ukrainian forces using custom malware https://securityaffairs.com/189230/apt/apt28-conducts-long-term-espionage-on-ukrainian-forces-using-custom-malware.html - Threat actors use custom AuraInspector to harvest data from Salesforce systems https://securityaffairs.com/189214/security/threat-actors-use-custom-aurainspector-to-harvest-data-from-salesforce-systems.html - Ericsson Breach Exposes Data of 15k Employees and Customers https://www.infosecurity-magazine.com/news/ericsson-breach-exposes-data-15k/ - Iran's Fake Shelter Danger Calls Part of Psychological Cyber Warfare Playbook https://thecyberexpress.com/irans-psychological-cyber-warfare-playbook/ - FBI Flags Phishing Campaign Collecting Planning and Zoning Permit Payments https://thecyberexpress.com/planning-and-zoning-permit-phishing-scam/

Cyber Daily News for March 10, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform https://securityaffairs.com/189205/cyber-crime/law-enforcement-disrupted-tycoon-2fa-phishing-as-a-service-platform.html - Russia-linked hackers target Signal, WhatsApp of officials globally https://securityaffairs.com/189156/intelligence/russia-linked-hackers-target-signal-whatsapp-of-officials-globally.html - TriZetto Provider Solutions Breach Hits 3.4 Million Patients https://www.infosecurity-magazine.com/news/trizetto-provider-solutions-breach/ - Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data https://thecyberexpress.com/cve-2026-27944-nginx-ui-backup-vulnerability/ - Trump Administration Unveils New Cyber Strategy for America https://www.infosecurity-magazine.com/news/usa-unveils-new-cyber-strategy/ - ClickFix Attack Uses Windows Terminal to Evade Detection https://www.securityweek.com/clickfix-attack-uses-windows-terminal-to-evade-detection/ - Cyberattack Forces Polish Hospital Revert to Paper-Based Operations https://thecyberexpress.com/szczecin-public-regional-hospital-cyberattack/ - Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data https://www.infosecurity-magazine.com/news/elastic-cloud-siem-manage-stolen/

Cyber Daily News for March 09, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Anthropic Claude Opus AI model discovers 22 Firefox bugs https://securityaffairs.com/189131/ai/anthropic-claude-opus-ai-model-discovers-22-firefox-bugs.html - Critical Nginx UI flaw CVE-2026-27944 exposes server backups https://securityaffairs.com/189123/security/critical-nginx-ui-flaw-cve-2026-27944-exposes-server-backups.html - Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited https://www.securityweek.com/recent-cisco-catalyst-sd-wan-vulnerability-now-widely-exploited/ - Pentagon ditches Anthropic AI over security risk and OpenAI takes over https://www.malwarebytes.com/blog/news/2026/03/pentagon-ditches-anthropic-ai-over-security-risk-and-openai-takes-over - Massive GitHub malware operation spreads BoryptGrab stealer https://securityaffairs.com/189110/malware/massive-github-malware-operation-spreads-boryptgrab-stealer.html - Ring doorbells Search Party surveillance concerns https://www.malwarebytes.com/blog/podcast/2026/03/ring-doorbells-wont-you-see-my-neighbor-lock-and-code-s07e05 - ClipXDaemon Malware, a Stealthy Cryptocurrency Clipboard Hijacker on Linux https://thecyberexpress.com/clipxdaemon-linux-malware/ - Ghanaian Man Pleads Guilty in U.S. Court for Romance Scams That Stole $100M https://thecyberexpress.com/online-romance-scams/

Cyber Daily News for March 8, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - FBI Probing Intrusion Into System Managing Sensitive Surveillance Information https://securityaffairs.com/189087/hacking/fbi-probing-intrusion-into-system-managing-sensitive-surveillance-information.html - Iran-Linked Hackers Target IP Cameras Across Israel and Gulf States for Military Intelligence https://securityaffairs.com/189069/cyber-warfare-2/iran-linked-hackers-target-ip-cameras-across-israel-and-gulf-states-for-military-intelligence.html - White House Releases President Trump's Cyber Strategy for America https://securityaffairs.com/189083/security/reading-white-house-president-trumps-cyber-strategy-for-america-march-2026.html - Over 100 GitHub Repositories Distributing BoryptGrab Stealer https://www.securityweek.com/over-100-github-repositories-distributing-boryptgrab-stealer/ - Pentagon CTO Says He Clashed With AI Company Anthropic Over Autonomous Warfare https://www.securityweek.com/pentagons-chief-tech-officer-says-he-clashed-with-ai-company-anthropic-over-autonomous-warfare/ - Women in Cybersecurity Reveal the Skills That Built Their Confidence https://thecyberexpress.com/women-in-cybersecurity-give-to-gain/ - Top 50 Women Leaders in Cybersecurity to Watch in 2026 https://thecyberexpress.com/top-50-women-in-cybersecurity-to-watch-in-2026/

Cyber Daily News for March 7, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - FBI Investigating 'Suspicious' Cyber Activity on System Holding Sensitive Surveillance Information https://www.securityweek.com/fbi-investigating-suspicious-cyber-activity-on-system-holding-sensitive-surveillance-information/ - Zero-Day Attacks on Enterprise Software Reach Record High, Google Warns https://www.infosecurity-magazine.com/news/zero-day-enterprise-record-high/ - Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor https://www.infosecurity-magazine.com/news/iran-muddywater-hackers-us-firms/ - Cisco Flags Ongoing Exploitation of Two Recently Patched Catalyst SD-WAN Flaws https://securityaffairs.com/189056/security/cisco-flags-ongoing-exploitation-of-two-recently-patched-catalyst-sd-wan-flaws.html - One Click on This Fake Google Meet Update Can Give Attackers Control of Your PC https://www.malwarebytes.com/blog/threat-intel/2026/03/one-click-on-this-fake-google-meet-update-can-give-attackers-control-of-your-pc - CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List https://www.securityweek.com/cisa-adds-ios-flaws-from-coruna-exploit-kit-to-kev/ - Microsoft Warns of ClickFix Campaign Exploiting Windows Terminal to Deliver Lumma Stealer https://securityaffairs.com/189046/malware/microsoft-warns-of-clickfix-campaign-exploiting-windows-terminal-for-lumma-stealer.html - A Satellite Receiver Trusted by Pentagon, ESA Has More Than 20 Security Flaws — and the Maker Never Responded https://thecyberexpress.com/satellite-receiver-vulnerabilities-unpatched/

Cyber Daily News for March 6, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Google GTIG: 90 Zero-Day Flaws Exploited in 2025 as Enterprise Targets Grow https://securityaffairs.com/188993/security/google-gtig-90-zero-day-flaws-exploited-in-2025-as-enterprise-targets-grow.html - Israel Claims it Struck Iran's Cyber Warfare Headquarters https://thecyberexpress.com/israel-hit-iran-cyber-warfare-headquarters/ - CISA Adds Apple, Rockwell, and Hikvision Flaws to Known Exploited Vulnerabilities Catalog https://securityaffairs.com/189005/security/u-s-cisa-adds-apple-rockwell-and-hikvision-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild https://www.securityweek.com/cisco-warns-of-more-catalyst-sd-wan-flaws-exploited-in-the-wild/ - Phobos Ransomware Admin Faces Up to 20 Years After Guilty Plea https://securityaffairs.com/188984/security/phobos-ransomware-admin-faces-up-to-20-years-after-guilty-plea.html - Fake CleanMyMac Site Installs SHub Stealer and Backdoors Crypto Wallets https://www.malwarebytes.com/blog/threat-intel/2026/03/fake-cleanmymac-site-installs-shub-stealer-and-backdoors-crypto-wallets - ContextCrush Flaw Exposes AI Development Tools to Attacks https://www.infosecurity-magazine.com/news/contextcrush-ai-development-tools/ - Russian APT Targets Ukraine with BadPaw and MeowMeow Malware https://securityaffairs.com/188974/apt/russian-apt-targets-ukraine-with-badpaw-and-meowmeow-malware.html

Cyber Daily News for March 5, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Nation-State iOS Exploit Kit 'Coruna' Found Powering Global Attacks https://www.securityweek.com/nation-state-ios-exploit-kit-coruna-found-powering-global-attacks/ - Cisco Patches Maximum-Severity Secure FMC Bugs Threatening Firewall Security https://securityaffairs.com/188921/security/cisco-fixes-maximum-severity-secure-fmc-bugs-threatening-firewall-security.html - Tycoon 2FA Phishing Platform Dismantled in Global Takedown https://www.securityweek.com/tycoon-2fa-phishing-platform-dismantled-in-global-takedown/ - High-Severity Qualcomm Bug Hits Android Devices in Targeted Attacks https://www.malwarebytes.com/blog/news/2026/03/high-severity-qualcomm-bug-hits-android-devices-in-targeted-attacks - FBI and Europol Dismantle LeakBase Cybercrime Forum With 142,000 Users https://thecyberexpress.com/leakbase-cybercrime-forum-taken-down/ - Silver Dragon Expands APT41 Playbook With Google Drive C2 https://securityaffairs.com/188895/apt/from-phishing-to-google-drive-c2-silver-dragon-expands-apt41-playbook.html - Attackers Abuse OAuth Redirects to Launch Phishing and Malware Attacks https://www.malwarebytes.com/blog/news/2026/03/attackers-abuse-oauths-built-in-redirects-to-launch-phishing-and-malware-attacks - New LexisNexis Data Breach Confirmed After Hackers Leak Files https://www.securityweek.com/new-lexisnexis-data-breach-confirmed-after-hackers-leak-files/

Cyber Daily News for March 4, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Pentagon Ditches Anthropic AI Over 'Security Risk,' OpenAI Takes Over https://www.malwarebytes.com/blog/news/2026/03/pentagon-ditches-anthropic-ai-over-security-risk-and-openai-takes-over - Iranian Strikes on Amazon Data Centers Highlight Industry's Vulnerability to Physical Disasters https://www.securityweek.com/iranian-strikes-on-amazon-data-centers-highlight-industrys-vulnerability-to-physical-disasters/ - Chrome Flaw Let Extensions Hijack Gemini's Camera, Mic, and File Access https://www.malwarebytes.com/blog/news/2026/03/chrome-flaw-let-extensions-hijack-geminis-camera-mic-and-file-access - VMware Aria Operations Vulnerability Exploited in the Wild https://www.securityweek.com/vmware-aria-operations-vulnerability-exploited-in-the-wild/ - Data Breach at University of Hawaii Cancer Center Impacts 1.2 Million Individuals https://securityaffairs.com/188876/data-breach/data-breach-at-university-of-hawai%ca%bbi-cancer-center-impacts-1-2-million-individuals.html - Quantum Decryption of RSA Is Much Closer Than Expected https://www.securityweek.com/quantum-decryption-of-rsa-is-much-closer-than-expected/ - Phishing Campaign Exploits OAuth Redirection to Bypass Defenses https://securityaffairs.com/188829/hacking/phishing-campaign-exploits-oauth-redirection-to-bypass-defenses.html - RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App https://www.infosecurity-magazine.com/news/redalert-israel-spyware-campaign/

Cyber Daily News for March 3, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel https://www.infosecurity-magazine.com/news/iran-cyber-attacks-global-google/ - US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates https://www.securityweek.com/us-israel-and-iran-trade-cyberattacks-pro-west-hacks-cause-disruption-as-tehran-retaliates/ - North Korean APT Targets Air-Gapped Systems in Recent Campaign https://www.securityweek.com/north-korean-apt-targets-air-gapped-systems-in-recent-campaign/ - University of Hawaii Cancer Center Breach Exposes SSNs of 87,000+ Participants https://thecyberexpress.com/uh-cancer-center-cyberattack/ - Vulnerability Allowed Hijacking Chrome's Gemini Live AI Assistant https://www.securityweek.com/vulnerability-allowed-hijacking-chromes-gemini-live-ai-assistant/ - A fake FileZilla site hosts a malicious download https://www.malwarebytes.com/blog/threat-intel/2026/03/a-fake-filezilla-site-hosts-a-malicious-download - Chrome Unveils Plan For Quantum-Safe HTTPS Certificates https://www.infosecurity-magazine.com/news/chrome-quantum-safe-https/ - ClawJacked Bug Enables Covert AI Agent Hijacking https://www.infosecurity-magazine.com/news/clawjacked-bug-covert-ai-agent/

Cyber Daily News for March 2, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Hackers Weaponize Claude Code AI to Steal 150GB from Mexican Government https://securityaffairs.com/188696/ai/claude-code-abused-to-steal-150gb-in-cyberattack-on-mexican-agencies.html - ShinyHunters Dumps Full Odido Dataset in Netherlands' Biggest Data Leak https://securityaffairs.com/188709/data-breach/shinyhunters-leaked-the-full-odido-dataset.html - OnlyFake AI ID Scam Operator Pleads Guilty to Selling 10,000+ Fake IDs https://securityaffairs.com/188734/cyber-crime/ukrainian-hacker-pleads-guilty-to-running-onlyfake-ai-id-scam-site.html - Ring Camera Super Bowl Ad Sparks Massive Privacy Backlash https://thecyberexpress.com/ring-camera-doorbells-privacy-security-cameras/ - Vietnam Announces National Cybersecurity Firewall Plan https://thecyberexpress.com/vietnam-cybersecurity-firewall/ - Chilean National Extradited for Trafficking 26,000+ Stolen Credit Cards https://thecyberexpress.com/stolen-credit-card-data-trafficking-case/ - Purchase Order Phishing Uses Double Extension Trick to Harvest Credentials https://www.malwarebytes.com/blog/threat-intel/2026/03/purchase-order-attachment-isnt-a-pdf-its-phishing-for-your-password

Cyber Daily News for March 01, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Canadian Tire Data Breach Impacts 38 Million Accounts https://securityaffairs.com/188659/data-breach/canadian-tire-2025-data-breach-impacts-38-million-users.html - Iran's Internet Near-Totally Blacked Out Amid US, Israeli Strikes https://securityaffairs.com/188648/cyber-warfare-2/iran-s-internet-near-totally-blacked-out-amid-us-israeli-strikes.html - Aeternum Botnet Hides Commands in Polygon Smart Contracts https://securityaffairs.com/188627/mobile-2/aeternum-botnet-hides-commands-in-polygon-smart-contracts.html - Microsoft Warns of RAT Delivered Through Trojanized Gaming Utilities https://securityaffairs.com/188639/malware/microsoft-warns-of-rat-delivered-through-trojanized-gaming-utilities.html - Juniper Issues Emergency Patch for Critical PTX Router RCE https://securityaffairs.com/188609/security/juniper-issues-emergency-patch-for-critical-ptx-router-rce.html - iPhone and iPad First Consumer Devices Cleared for NATO RESTRICTED Classification https://securityaffairs.com/188618/security/iphone-and-ipad-are-the-first-consumer-devices-cleared-for-natos-restricted-classification.html - How AI Is Transforming Incident Response Operations https://securityaffairs.com/188599/ai/how-ai-aids-incident-response-why-humans-alone-cannot-do-ir-efficiently.html

Cyber Daily News for February 28, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Juniper Issues Emergency Patch for Critical PTX Router RCE https://securityaffairs.com/188609/security/juniper-issues-emergency-patch-for-critical-ptx-router-rce.html - Public Google API Keys Can Be Used to Expose Gemini AI Data https://www.malwarebytes.com/blog/news/2026/02/public-google-api-keys-can-be-used-to-expose-gemini-ai-data - Fake Google Security Check Deploys Browser-Based Surveillance Toolkit https://www.malwarebytes.com/blog/privacy/2026/02/inside-a-fake-google-security-check-that-becomes-a-browser-rat - Aeternum Botnet Hides C2 Commands in Polygon Smart Contracts https://securityaffairs.com/188627/mobile-2/aeternum-botnet-hides-commands-in-polygon-smart-contracts.html - North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks https://www.infosecurity-magazine.com/news/north-korea-apt37-expands-toolkit/ - Microsoft Warns of RAT Delivered Through Trojanized Gaming Utilities https://securityaffairs.com/188639/uncategorized/microsoft-warns-of-rat-delivered-through-trojanized-gaming-utilities.html - 38 Million Allegedly Impacted by ManoMano Data Breach https://www.securityweek.com/38-million-allegedly-impacted-by-manomano-data-breach/ - iPhone and iPad First Consumer Devices Cleared for NATO RESTRICTED https://securityaffairs.com/188618/security/iphone-and-ipad-are-the-first-consumer-devices-cleared-for-natos-restricted-classification.html

Cyber Daily News for February 27, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cisco SD-WAN Zero-Day Exploited Since 2023 — CVSS 10, Now on CISA KEV https://securityaffairs.com/188540/security/hackers-abused-cisco-sd-wan-zero-day-since-2023-to-gain-full-admin-control.html - Conduent Breach Balloons to 25 Million Victims https://www.malwarebytes.com/blog/news/2026/02/the-conduent-breach-from-10-million-to-25-million-and-counting - 12 Million Exposed .env Files Reveal Widespread Security Failures https://securityaffairs.com/188590/hacking/12-million-exposed-env-files-reveal-widespread-security-failures.html - UAT-10027 Hits US Education and Healthcare With Stealthy Dohdoor Backdoor https://securityaffairs.com/188558/apt/uat-10027-campaign-hits-u-s-education-and-healthcare-with-stealthy-dohdoor-backdoor.html - Aeternum Botnet Shifts Command Control to Polygon Blockchain https://www.infosecurity-magazine.com/news/aeternum-botnet-c2-polygon/

Cyber Daily News for February 26, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cisco Patches Catalyst SD-WAN Zero-Day Exploited for Three Years (CVSS 10.0) https://www.securityweek.com/cisco-patches-catalyst-sd-wan-zero-day-exploited-by-highly-sophisticated-hackers/ - Google Disrupts China-Linked APT UNC2814 Across 42 Countries https://securityaffairs.com/188521/apt/google-gtig-disrupted-china-linked-apt-unc2814-halting-attacks-on-53-orgs-in-42-countries.html - ShinyHunters Leaks 12.4 Million CarGurus User Records https://www.securityweek.com/over-12-million-users-impacted-by-cargurus-data-breach/ - IBM X-Force: 44% Surge in App Exploits as AI Accelerates Attacks https://www.infosecurity-magazine.com/news/app-exploits-surge-ai-speeds/ - Critical Claude Code Flaws Enable RCE via Malicious Repositories https://securityaffairs.com/188508/security/untrusted-repositories-turn-claude-code-into-an-attack-vector.html

Cyber Daily News February 25, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - U.S. Sanctions Russian Broker Over Zero-Day Exploits Theft https://thecyberexpress.com/zero-day-exploits-theft/

Cyber Daily News February 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration https://securityaffairs.com/188421/apt/operation-macromaze-apt28-exploits-webhooks-for-covert-data-exfiltration.html - Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen https://securityaffairs.com/188397/data-breach/everest-ransomware-hits-vikor-scientific-s-supplier-data-of-140000-patients-stolen.html - CVE-2026-1731 fuels ongoing attacks on BeyondTrust remote access products https://securityaffairs.com/188370/hacking/cve-2026-1731-fuels-ongoing-attacks-on-beyondtrust-remote-access-products.html - AI Content Generation Systems Face Global Pressure Over Privacy and Deepfake Risks https://thecyberexpress.com/ai-content-generation-systems/ - Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth https://securityaffairs.com/188388/malware/wormable-xmrig-campaign-leverages-byovd-and-timed-kill-switch-for-stealth.html

Cyber Daily News February 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - ATM Jackpotting Losses Cross $20M as Malware Targets U.S. Cash Machines https://thecyberexpress.com/fbi-flags-rise-in-atm-jackpotting-attacks/ - X vs EU: Platform Appeals Against €120M Digital Services Act Penalty https://thecyberexpress.com/e120m-digital-services-act-penalty/ - Anthropic unveils Claude Code Security to detect and fix code bugs https://securityaffairs.com/188358/ai/anthropic-unveils-claude-code-security-to-detect-and-fix-code-bugs.html

Cyber Daily News February 22, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/188324/security/u-s-cisa-adds-roundcube-webmail-flaws-to-its-known-exploited-vulnerabilities-catalog.html

Cyber Daily News February 21, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - PayPal discloses extended data leak linked to Loan App glitch https://securityaffairs.com/188309/data-breach/paypal-discloses-extended-data-leak-linked-to-loan-app-glitch.html - North Korean IT worker scam nets Ukrainian five-year sentence in the U.S. https://securityaffairs.com/188305/cyber-crime/north-korean-it-worker-scam-nets-ukrainian-five-year-sentence-in-the-u-s.html

Cyber Daily News February 20, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head https://thecyberexpress.com/israel-data-breach-incd-head/ - Cyberattack Forces Clinic Closures, Surgery Cancellations at University of Mississippi Medical Center https://thecyberexpress.com/ummc-cyberattack-clinic-closures-it-shutdown/ - First Android Malware Weaponizes Gemini AI to Evade Detection, Maintain Persistence https://thecyberexpress.com/first-android-malware-promptspy/ - Germany’s national rail operator Deutsche Bahn hit by a DDoS attack https://securityaffairs.com/188254/breaking-news/germanys-national-rail-operator-deutsche-bahn-hit-by-a-ddos-attack.html - U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/188243/hacking/u-s-cisa-adds-dell-recoverpoint-and-gitlab-flaws-to-its-known-exploited-vulnerabilities-catalog.html - CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs https://securityaffairs.com/188234/security/cisa-alerts-to-critical-auth-bypass-cve-2026-1670-in-honeywell-cctvs.html - Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions https://securityaffairs.com/188272/cyber-crime/red-card-2-0-interpol-busts-scam-networks-across-africa-seizes-millions.html

Cyber Daily News February 19, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Mozilla Firefox Issues Emergency Patch for Heap Buffer Overflow in Firefox v147 https://thecyberexpress.com/firefox-v147-cve-2026-2447/ - China-linked APT weaponized Dell RecoverPoint zero-day since 2024 https://securityaffairs.com/188176/apt/china-linked-apt-weaponized-dell-recoverpoint-zero-day-since-2024.html - Notepad++ patches flaw used to hijack update system https://securityaffairs.com/188192/hacking/notepad-patches-flaw-used-to-hijack-update-system.html - Critical Security Flaws Discovered in Four VS Code Extensions Affecting Millions https://thecyberexpress.com/vs-code-extensions-supply-chain-security-flaws/ - Advantest Cyberattack Triggers Ransomware Investigation Across Internal Network https://thecyberexpress.com/advantest-cyberattack-ransomware-investigation/ - French Ministry confirms data access to 1.2 Million bank accounts https://securityaffairs.com/188200/hacking/french-ministry-confirms-data-access-to-1-2-million-bank-accounts.html - Betterment data breach might be worse than we thought https://www.malwarebytes.com/blog/news/2026/02/betterment-data-breach-might-be-worse-than-we-thought

Cyber Daily News February 18, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Update Chrome now: Zero-day bug allows code execution via malicious webpages https://www.malwarebytes.com/blog/news/2026/02/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages - Attackers Deploy Dormant Backdoors in Ivanti EPMM to Bypass Patching of Latest 0-Days https://thecyberexpress.com/attackers-deploy-backdoors-in-ivanti-epmm/ - Zero-Day in Dell RecoverPoint Exploited by Chinese Hacker Group https://thecyberexpress.com/cve-2026-22769-dell-recoverpoint/ - South Korea slaps $25M fine on Dior, Louis Vuitton, Tiffany over Salesforce breach https://securityaffairs.com/188064/hacking/south-korea-slaps-25m-fine-on-dior-louis-vuitton-tiffany-over-salesforce-breach.html

Cyber Daily News February 17, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CleanTalk WordPress Plugin Vulnerability Puts 200,000 Sites at Risk https://thecyberexpress.com/cleantalk-cve-2026-1490/ - Eurail Breach Escalates as Stolen Passport Data and IBANs Surface on Dark Web for Sale https://thecyberexpress.com/eurail-breach-data-on-dark-web-for-sale/ - A security flaw at DavaIndia Pharmacy allowed attackers to access customers’ data and more https://securityaffairs.com/188056/security/a-security-flaw-at-davaindia-pharmacy-allowed-attackers-to-access-customers-data-and-more.html - ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached https://securityaffairs.com/188046/data-breach/shinyhunters-leaked-600k-canada-goose-customer-records-but-the-firm-denies-it-was-breached.html - Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup https://securityaffairs.com/188039/hacking/microsoft-alerts-on-dns-based-clickfix-variant-delivering-malware-via-nslookup.html

Cyber Daily News February 16, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Google Chrome Fixes Actively Exploited CVE-2026-2441 Bug https://thecyberexpress.com/cve-2026-2441-google-chrome/ - Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign https://securityaffairs.com/188009/apt/malicious-npm-and-pypi-packages-llinked-to-lazarus-apt-fake-recruiter-campaign.html - Japanese sex toys maker Tenga discloses data breach https://securityaffairs.com/188022/data-breach/japanese-sex-toys-maker-tenga-discloses-data-breach.html

Cyber Daily News February 15, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/187982/breaking-news/u-s-cisa-adds-a-flaw-in-beyondtrust-rs-and-pra-to-its-known-exploited-vulnerabilities-catalog.html - Suspected Russian hackers deploy CANFAIL malware against Ukraine https://securityaffairs.com/187976/hacking/suspected-russian-hackers-deploy-canfail-malware-against-ukraine.html

Cyber Daily News February 14, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release https://securityaffairs.com/187962/uncategorized/attackers-exploit-beyondtrust-cve-2026-1731-within-hours-of-poc-release.html - New threat actor UAT-9921 deploys VoidLink against enterprise sectors https://securityaffairs.com/187969/ai/new-threat-actor-uat-9921-deploys-voidlink-against-enterprise-sectors.html

Cyber Daily News February 13, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Apple patches zero-day flaw that could let attackers take control of devices https://www.malwarebytes.com/blog/news/2026/02/apple-patches-zero-day-flaw-that-could-let-attackers-take-control-of-devices - 8,000+ ChatGPT API Keys Left Publicly Accessible https://thecyberexpress.com/exposed-chatgpt-api-keys-github-websites/ - Odido confirms massive breach; 6.2 Million customers impacted https://securityaffairs.com/187927/uncategorized/odido-confirms-massive-breach-6-2-million-customers-impacted.html - ApolloMD data breach impacts 626,540 people https://securityaffairs.com/187921/data-breach/apollomd-data-breach-impacts-626540-people.html - U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/187937/security/u-s-cisa-adds-solarwinds-web-help-desk-notepad-microsoft-configuration-manager-and-apple-devices-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks https://thecyberexpress.com/gtig-ai-threat-tracker/ - Outlook add-in goes rogue and steals 4,000 credentials and payment data https://www.malwarebytes.com/blog/news/2026/02/outlook-add-in-goes-rogue-and-steals-4000-credentials-and-payment-data

Cyber Daily News February 12, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - February 2026 Patch Tuesday includes six actively exploited zero-days https://www.malwarebytes.com/blog/news/2026/02/february-2026-patch-tuesday-includes-six-actively-exploited-zero-days - Volvo Group hit in massive Conduent data breach https://securityaffairs.com/187875/security/volvo-group-hit-in-massive-conduent-data-breach.html - Reynolds ransomware uses BYOVD to disable security before encryption https://securityaffairs.com/187869/security/reynolds-ransomware-uses-byovd-to-disable-security-before-encryption.html - SMS and OTP Bombing Campaigns Found Abusing API, SSL and Cross-Platform Automation https://thecyberexpress.com/sms-and-otp-bombing-bypass-analysis/ - Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass https://securityaffairs.com/187882/uncategorized/multiple-endpoint-manager-bugs-patched-by-ivanti-including-remote-auth-bypass.html

Cyber Daily News February 11, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Microsoft Patch Tuesday February Update Flags Exchange and Azure Vulnerabilities as High-Priority Risks https://thecyberexpress.com/microsoft-patch-tuesday-february-2026/ - ZeroDayRAT spyware grants attackers total access to mobile devices https://securityaffairs.com/187820/malware/zerodayrat-spyware-grants-attackers-total-access-to-mobile-devices.html - Senegal shuts National ID office after ransomware attack https://securityaffairs.com/187811/data-breach/senegal-shuts-national-id-office-after-ransomware-attack.html - Romance, Fake Platforms, $73M Lost: Crypto Scam Leader Gets 20 Years https://thecyberexpress.com/global-cryptocurrency-investment-scam/ - 12 Lakh SIM Cards Cancelled, over 3 Lakh IMEI Numbers Blocked as Centre Intensifies Crackdown on Cybercrime https://thecyberexpress.com/sim-cards-cancelled-india-cybercrime/

Cyber Daily News February 10, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Senegal Confirms Cyberattack on Agency Managing National ID and Biometric Data https://thecyberexpress.com/senegal-cyberattack/ - FIIG Securities Fined AU$2.5 Million Following Prolonged Cybersecurity Failures https://thecyberexpress.com/fiig-cyberattack-au2-5m-fine-fiig-securities/ - AI chat app leak exposes 300 million messages tied to 25 million users https://www.malwarebytes.com/blog/news/2026/02/ai-chat-app-leak-exposes-300-million-messages-tied-to-25-million-users - China-linked APT UNC3886 targets Singapore telcos https://securityaffairs.com/187792/apt/china-linked-apt-unc3886-targets-singapore-telcos.html - Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor https://securityaffairs.com/187761/security/attackers-abuse-solarwinds-web-help-desk-to-install-zoho-agents-and-velociraptor.html - European Commission Hit by Mobile Infrastructure Data Breach https://thecyberexpress.com/european-commission-mobile-cyberattack/ - BeyondTrust fixes critical pre-auth bug allowing remote code execution https://securityaffairs.com/187776/security/beyondtrust-fixes-critical-pre-auth-bug-allowing-remote-code-execution.html - Critical Fortinet FortiClientEMS flaw allows remote code execution https://securityaffairs.com/187787/security/critical-fortinet-forticlientems-flaw-allows-remote-code-execution.html - SmarterTools Breached by Own SmarterMail Vulnerabilities https://thecyberexpress.com/smartertools-hit-by-smartermail-vulnerability/

Cyber Daily News February 9, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Singapore Launches Largest-Ever Cyber Defense Operation After UNC3886 Targets All Major Telcos https://thecyberexpress.com/singapore-unc3886-telecom-cyberattack/ - Romania’s national oil pipeline firm Conpet reports cyberattack https://securityaffairs.com/187736/cyber-crime/romanias-national-oil-pipeline-firm-conpet-reports-cyberattack.html - Illinois Man Charged in Massive Snapchat Hacking Scheme Targeting Hundreds of Women https://thecyberexpress.com/snapchat-hacking-investigation/ - Flickr moves to contain data exposure, warns users of phishing https://securityaffairs.com/187753/data-breach/flickr-moves-to-contain-data-exposure-warns-users-of-phishing.html - Why TikTok’s Addictive Design Is Now a Regulatory Problem https://thecyberexpress.com/tiktok-addictive-design-breaches/

Cyber Daily News February 8, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Italian university La Sapienza still offline to mitigate recent cyber attack https://securityaffairs.com/187702/cyber-crime/italian-university-la-sapienza-still-offline-to-mitigate-recent-cyber-attack.html

Cyber Daily News February 7, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare https://securityaffairs.com/187690/hacking/record-breaking-31-4-tbps-ddos-attack-hits-in-november-2025-stopped-by-cloudflare.html - Apple Pay phish uses fake support calls to steal payment details https://www.malwarebytes.com/blog/news/2026/02/apple-pay-phish-uses-fake-support-calls-to-steal-payment-details - The Cyber Express Weekly Roundup: Global Cybersecurity Incidents and Policy Shifts https://thecyberexpress.com/tce-weekly-roundup-february-2026/

Cyber Daily News February 6, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - La Sapienza Cyberattack Forces Italy’s Largest University Offline https://thecyberexpress.com/la-sapienza-cyberattack-bablock-ransomware/ - AI-Coded Moltbook Platform Exposes 1.5 Mn API Keys Through Database Misconfiguration https://thecyberexpress.com/moltbook-platform-exposes-1-5-mn-api-keys/ - Substack Discloses Breach Exposing its User Details After Four-Month Delay https://thecyberexpress.com/substack-discloses-breach/ - Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics https://securityaffairs.com/187654/hacktivism/pro-russian-group-noname05716-launched-ddos-attacks-on-milano-cortina-2026-winter-olympics.html - Why End-of-Support Edge Devices Have Become a National Security Risk https://thecyberexpress.com/end-of-support-edge-devices/