Latest Cybersecurity News

Chinese Cyber Threat Lurks In Critical Asian Sectors for Years

Dark Reading

Chinese Cyber Threat Lurks In Critical Asian Sectors for Years

An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows and Linux, likely for spying.

Dark Reading22h ago1m1

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Alerts

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CISA Alerts22h ago1m1

Can the Security Platform Finally Deliver for the Mid-Market?

The Hacker News22h ago2m1

Can the Security Platform Finally Deliver for the Mid-Market?

Bitdefender GravityZone webinar shows how mid-market teams consolidate security tools to reduce complexity and improve resilience.

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

SecurityWeek

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

Threat actors replace legitimate commands on the cloned installation webpages with malicious commands.

SecurityWeek22h ago2m1

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

The Hacker News23h ago7m1

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, energy, and govt sectors

The Hacker News1d ago4m1

ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th)

SANS ISC

Krebs on Security1d ago11m1

ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th)

No description available.

SANS ISC1d ago1m1

How AI Assistants are Moving the Security Goalposts

Krebs on Security

Data Breaches

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over…

EU court adviser says banks must immediately refund phishing victims

BleepingComputer

Malware & Threats

EU court adviser says banks must immediately refund phishing victims

Athanasios Rantos, the Advocate General of the Court of Justice of the EU (CJEU), has issued a formal opinion suggesting that banks must immediately refund account holders affected by unauthorized transactions, even when it's their fault.

BleepingComputer1d ago3m1

Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

BleepingComputer

Malware & Threats

Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Threat actors are abusing the special-use ".arpa" domain and IPv6 reverse DNS in phishing campaigns that more easily evade domain reputation checks and email security gateways.

BleepingComputer1d ago6m1

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

SecurityWeek

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses.

SecurityWeek1d ago2m1

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues