Cybersecurity News from Across the Internet
Best DeleteMe alternatives for 2026 compared, including Incogni, Optery, Aura, Kanary, and Privacy Bee for data broker removal and privacy protection. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. “The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, driving nearly 70% of all attack activity between February 28 and March 2,” Radware … Read More “149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict – The Hacker News” »
Authorities from 14 countries shut down LeakBase, seized its domains and arrested multiple people allegedly involved in the cybercrime marketplace for stolen data and hacking tools, the Justice Department said Wednesday. LeakBase had more than 142,000 members, ranking it among the world’s largest forums for cybercriminals. The site, which was available on the open web, … Read More “Authorities from 14 countries shut down major cybercrime forum LeakBase – CyberScoop” »
A coalition of seven Western nations has launched guidelines to help integrate security-by-design principles into future 6G standards – Read More –
New York, USA, 4th March 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Swap scams target traders through fake DEX sites, token approvals, and phishing. Learn how to detect swap scams and protect funds before you swap now. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The University of Hawaii Cancer Centre has confirmed a massive ransomware attack affecting 1.24 million people. Sensitive data, including Social Security numbers and historical voter records dating back to 1993, was compromised. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Law enforcers and industry partners have taken down notorious phishing-as-a-service platform Tycoon2FA – Read More –
Cloudflare’s inaugural threat intelligence report identifies a series of weaknesses in technology that attackers have abused and industrialized into professional “attack factories,” leaving most organizations unprepared to respond. Attackers are turning the very services victims deploy and pay for into tools for launching large-scale attacks. Researchers say the barrier to entry has vanished, as identities … Read More “Attackers are using your network against you, according to Cloudflare – CyberScoop” »
Malware campaign uses Ukrainian email service for credibility, deploying “BadPaw” to execute attacks – Read More –
Increased attempts to compromise surveillance cameras linked to Iran during Middle East conflict – Read More –
Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS. … Read More “Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1 – The Hacker News” »
As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need “AI Governance,” but they have no idea what they are actually looking for. The CISO’s Dilemma: … Read More “New RFP Template for AI Usage Control and AI Governance – The Hacker News” »
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy. – Read More – Hackread – Cybersecurity News, Data … Read More “Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge – Hackread – Cybersecurity News, Data Breaches, AI and More” »
Phishing drives about 90% of cyberattacks in 2026, using tactics like encrypted flows, QR code scams, and trusted cloud platforms to steal credentials. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The OpenID Foundation warns that fragmented policies on posthumous digital accounts could open the door for fraudsters to exploit AI deepfakes – Read More –
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems. The names of the packages are listed below – nhattuanbl/lara-helper (37 Downloads) nhattuanbl/simple-queue (29 Downloads) nhattuanbl/lara-swagger (49 Downloads) – Read More – The … Read More “Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux – The Hacker News” »
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. “Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point … Read More “APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2 – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an – … Read More “CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog – The Hacker News” »
An exploit kit that may have originated from a leaked U.S. government framework is behind what researchers are calling the first mass-scale attack on iOS, the operating system for Apple’s iPhones. Traces of the exploits, found in the work of Chinese cybercriminals, also have been spotted in Russian attacks on Ukraine and used by a … Read More “Possible U.S.-developed exploits linked to first known ‘mass’ iOS attack – CyberScoop” »
The chief information officer at the Cybersecurity and Infrastructure Security Agency announced his departure Tuesday, ending his nearly five-year run at CISA. Robert Costello, an 18-year veteran of the Department of Homeland Security, posted about the move on LinkedIn. “Serving as CIO at CISA has been one of the greatest privileges of my career,” he … Read More “CISA CIO Robert Costello exits agency – CyberScoop” »
Researchers have discovered multiple vulnerabilities that let attackers to quietly hijack agentic AI browsers. Researchers at Zenity Labs discovered these flaws, which affected multiple AI browsers, including Perplexity’s Comet. Before being patched, an attacker could exploit them via a legitimate calendar invite, using a prompt injection to force the AI browser to act against its … Read More “Researchers discover suite of agentic AI browser vulnerabilities – CyberScoop” »
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner organizations, involved the threat actors using email spam as … Read More “Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations – The Hacker News” »
South Korea’s National Tax Service (NTS) has found itself in the middle of a deeply embarrassing – and costly – blunder after accidentally handing thieves the master key to a seized cryptocurrency wallet. Read more in my article on the Hot for Security blog. – Read More – GRAHAM CLULEY
Espionage campaign exploits Israel-Iran conflict, distributing a trojanized Red Alert app via SMS – Read More –
Europol’s Project Compass targets The Com (aka 764 network), an online group exploiting minors. After 30 arrests, officials say the hunt for those involved is far from over. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
San Francisco, CA, United States, 3rd March 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Hackers abuse the .arpa Top-Level Domain to host phishing scams, using IPv6 tunnels, reverse DNS tricks, and shadow domains to bypass security checks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Hackers abuse the .arpa Top-Level Domain to host phishing scams, using IPv6 tunnels, reverse DNS tricks, and shadow domains to bypass security checks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cloudflare Threat Report warns that AI tools enable attackers who lacked required skills to generate effective attacks rapidly and at scale – Read More –
The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis of the IP address (“212.11.64[.]250”) that was used by the suspected – Read … Read More “Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries – The Hacker News” »
Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts sit at the front line of detection, and yet they are also the most vulnerable to the cognitive and organizational pressures that quietly erode … Read More “Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow – The Hacker News” »
Seemplicity finds US security leaders work 11 or more extra hours per week – Read More –
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors – Read More –
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It’s advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a dashboard that lets them select a brand to impersonate or enter a brand’s real … Read More “Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication – The Hacker News” »
The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automate end-to-end business workflows across the enterprise. This … Read More “AI Agents: The Next Wave Identity Dark Matter – Powerful, Invisible, and Unmanaged – The Hacker News” »
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches – Read More –
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with the end goal of redirecting victims to attacker-controlled infrastructure without stealing their tokens. It described – Read More … Read More “Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets – The Hacker News” »
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack – Read More –
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of two distinct attack chains to deliver malware families tracked as … Read More “SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains – The Hacker News” »
Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component. “Memory corruption when adding user-supplied data without checking available buffer space,” Qualcomm said in an … Read More “Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited – The Hacker News” »
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of two distinct attack chains to deliver malware families tracked as … Read More “SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains – The Hacker News” »
The Digital Personal Data Protection Act, 2023 (DPDP Act) in India is a structural change in the manner in… The post DPDP Act Phase 1: 10 Security Safeguards Every CISO Must Implement appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Hackers took over Iran’s BadeSaba Calendar prayer app, sending “Help Is on the Way” alerts and messages urging soldiers to lay down weapons. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Google disclosed one actively exploited zero-day vulnerability Monday, warning that the high-severity defect affecting an open-source Qualcomm display component for Android devices “may be under limited, targeted exploitation.” The memory-corruption vulnerability — CVE-2026-21385 — which Google’s Android security team reported to Qualcomm Dec. 18, affects 234 chipsets, Qualcomm said in a security bulletin. Qualcomm said … Read More “Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities – CyberScoop” »
The FBI’s cyber chief is prioritizing preparation for stepped-up Chinese threats, enhanced confrontation of adversaries in cyberspace and quicker intelligence sharing with industry as the bureau enters the second and final month of a unique cybersecurity awareness campaign. Brett Leatherman, who took over as assistant director of the FBI’s cyber division last summer, listed those … Read More “The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing – CyberScoop” »
Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers. “To ensure the scalability and efficiency of the ecosystem, Chrome has no immediate plan to add traditional X.509 certificates containing post-quantum cryptography to the Chrome Root Store,” the Chrome Secure … Read More “Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome – The Hacker News” »
Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the system. The vulnerability, tracked as CVE-2026-0628 (CVSS score: 8.8), has been described as a case of insufficient policy enforcement in the WebView tag. It was patched … Read More “New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel – The Hacker News” »
