Fixed Intel

Knowledge Hub

Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.

AllTools & TutorialsCompliance & Frameworks
Industry News

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

The Hacker News
Critical
Industry News
85/10

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development was first reported by MacRumors. "Apple is aware of attacks targeting out-of-date iOS software, inc...

Consumer TechnologyMobile
The Hacker NewsMar 27, 20261m1
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
The Hacker News
Critical
Industry News
91/10

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

TeamPCPTechnologySoftware Development
The Hacker NewsMar 27, 20265m2
Fake VS Code alerts on GitHub spread malware to developers
BleepingComputer
High
Malware & Threats
78/10

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading malware.

TechnologySoftware Development
BleepingComputerMar 27, 20263m2
Industry News

China Upgrades the Backdoor It Uses to Spy on Telcos Globally

Dark Reading
Critical
Industry News
92/10

China Upgrades the Backdoor It Uses to Spy on Telcos Globally

Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.

Red MenshenTelecommunicationsCritical Infrastructure
Dark ReadingMar 27, 20261m1
Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account
SecurityWeek
Critical
Industry News
88/10

Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account

The group that it was making available for download emails and other documents from Patel’s account.

HandalaGovernmentLaw Enforcement
SecurityWeekMar 27, 20262m1
Industry News

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Dark Reading
High
Industry News
78/10

Wartime Usage of Compromised IP Cameras Highlight Their Danger

The list of countries exploiting internet-connected cameras to give them eye's inside their adversaries' borders continues to expand, with Russia, Iran, Israel, Ukraine, and the United States all using the tactic. What should companies look out for?

Multiple Nation-State Actors (Russia, Iran, Israel, Ukraine, United States)GovernmentDefense
Dark ReadingMar 27, 20261m1
In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
SecurityWeek
High
Industry News
78/10

In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline

Other noteworthy stories that might have slipped under the radar: Heritage Bank data breach, new State Department unit tackles cyber threats, LA Metro disruptions.

Russian Intelligence Operatives (GRU/FSB), World Leaks Ransomware Group, Unknown Phishing ActorsGovernmentTransportation
SecurityWeekMar 27, 20265m1
Vulnerabilities

TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

SANS ISC
Critical
Vulnerabilities
92/10

TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

This is the second update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026.

TeamPCPTechnologySoftware Development
SANS ISCMar 27, 20261m3
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
BleepingComputer
Info
Malware & Threats
18/10

Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.

Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from execution to risk leadership.

FinanceHealthcare
BleepingComputerMar 27, 20266m2
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
The Hacker News
High
Industry News
78/10

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

Software DevelopmentTechnology
The Hacker NewsMar 27, 20263m1
OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
SecurityWeek
Medium
Industry News
55/10

OpenAI Launches Bug Bounty Program for Abuse and Safety Risks

Through the new program, OpenAI will reward reports covering design or implementation issues leading to material harm.

TechnologyArtificial Intelligence
SecurityWeekMar 27, 20262m1
Industry News

Google Sets 2029 Deadline for Quantum-Safe Cryptography

Dark Reading
High
Industry News
78/10

Google Sets 2029 Deadline for Quantum-Safe Cryptography

The post-quantum future may be coming sooner than you think, as Google plans to have PQC migration in place by 2029.

TechnologyFinancial Services
Dark ReadingMar 27, 20261m1