Latest Cybersecurity News

The Hacker NewsMar 17, 20263m5

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

Konni uses spear-phishing ZIP files to deploy EndRAT via KakaoTalk, enabling persistence and data theft, turning victims into attack relays.

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The Hacker News

The Hacker NewsMar 17, 20262m6

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

CISA adds Wing FTP CVE-2025-47813 to KEV after active exploitation, exposing server paths and aiding attacks; patch by March 30, 2026.

Vulnerabilities

ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)

SANS ISC

Vulnerabilities

ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)

No description available.

SANS ISCMar 17, 20261m8

China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years

Dark Reading

Dark ReadingMar 17, 20261m8

China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years

Researchers uncovered an extensive cyberespionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.

GlassWorm Malware Evolves to Hide in Dependencies

Dark Reading

Dark ReadingMar 16, 20261m8

GlassWorm Malware Evolves to Hide in Dependencies

Researchers have identified dozens of malicious GlassWorm extensions that come with new evasion techniques.

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to supply-chain compromise.

GlassWormTechnologySoftware Development

The Hacker NewsMar 16, 20263m8

Stryker attack wiped tens of thousands of devices, no malware needed

BleepingComputerMar 16, 20263m8

Stryker attack wiped tens of thousands of devices, no malware needed

Last week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.

CISA flags Wing FTP Server flaw as actively exploited in attacks

BleepingComputerMar 16, 20262m8

CISA flags Wing FTP Server flaw as actively exploited in attacks

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks.

Free parking in Russia after Distributed Denial-of-Service attack knocks city’s parking system offline

Graham Cluley

Graham CluleyMar 16, 20262m5

Free parking in Russia after Distributed Denial-of-Service attack knocks city’s parking system offline

Drivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking.

UK’s Companies House confirms security flaw exposed business data

BleepingComputerMar 16, 20263m8

UK’s Companies House confirms security flaw exposed business data

Companies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies' information since October 2025.

Microsoft Exchange Online outage blocks access to mailboxes

BleepingComputerMar 16, 20262m8

Microsoft Exchange Online outage blocks access to mailboxes

Microsoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars.

Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact

SecurityWeek