Fixed Intel

Knowledge Hub

Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.

AllTools & TutorialsCompliance & Frameworks
UK sanctions Xinbi marketplace linked to Asian scam centers
BleepingComputer
Critical
Malware & Threats
92/10

UK sanctions Xinbi marketplace linked to Asian scam centers

The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia.

Xinbi Marketplace, Prince Group Crime Ring, North Korean Threat Actors, Chen ZhiFinancial ServicesCryptocurrency
BleepingComputerMar 26, 20263m2
Industry News

How Organizations Can Use Blunders to Level Up Their Security Programs

Dark Reading
Info
Industry News
30/10

How Organizations Can Use Blunders to Level Up Their Security Programs

The industry highlights how organizations repeatedly make common security mistakes but one session during RSAC detailed ways to avoid them.

All SectorsEnterprise
Dark ReadingMar 26, 20261m1
Industry News

AI-Powered Dependency Decisions Introduce, Ignore Security Bugs

Dark Reading
High
Industry News
72/10

AI-Powered Dependency Decisions Introduce, Ignore Security Bugs

AI models often hallucinate or make costly mistakes when tasked with recommending software versions, upgrade paths, and security fixes — leading to significant technical debt.

TechnologySoftware Development
Dark ReadingMar 26, 20261m1
TikTok for Business accounts targeted in new phishing campaign
BleepingComputer
High
Malware & Threats
78/10

TikTok for Business accounts targeted in new phishing campaign

Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages.

AdvertisingDigital Marketing
BleepingComputerMar 26, 20263m2
Hightower Holding Data Breach Impacts 130,000
SecurityWeek
High
Industry News
72/10

Hightower Holding Data Breach Impacts 130,000

The holdings company says hackers stole names, Social Security numbers, and driver’s license numbers from its environment.

FinanceWealth Management
SecurityWeekMar 26, 20262m1
WhatsApp rolls out more AI features, iOS multi-account support
BleepingComputer
Medium
Malware & Threats
45/10

WhatsApp rolls out more AI features, iOS multi-account support

WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer between iOS and Android devices.

Russian State-Backed HackersGovernmentTechnology
BleepingComputerMar 26, 20262m2
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
BleepingComputer
High
Malware & Threats
78/10

Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers

Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it.

Financial ServicesE-Commerce
BleepingComputerMar 26, 20266m2
BIND Updates Patch High-Severity Vulnerabilities
SecurityWeek
High
Industry News
72/10

BIND Updates Patch High-Severity Vulnerabilities

Specially crafted domains could be used to cause out-of-memory conditions, leading to memory leaks in the BIND resolvers.

GovernmentTelecommunications
SecurityWeekMar 26, 20262m2
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
The Hacker News
Critical
Industry News
88/10

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until Feb 19, 2026 fix.

TechnologyFinancial Services
The Hacker NewsMar 26, 20262m1
Coruna iOS exploit framework linked to Triangulation attacks
BleepingComputer
Critical
Malware & Threats
93/10

Coruna iOS exploit framework linked to Triangulation attacks

The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits.

Operation Triangulation Threat Actor (likely nation-state, multiple secondary threat actors)TechnologyFinancial Services
BleepingComputerMar 26, 20264m2
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
SecurityWeek
Critical
Industry News
95/10

Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure

The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage.

China-linked State-Sponsored APT (unattributed; related activity by Volt Typhoon and Salt Typhoon noted)TelecommunicationsGovernment
SecurityWeekMar 26, 20264m1
Russia arrests suspected owner of LeakBase cybercrime forum
BleepingComputer
High
Malware & Threats
78/10

Russia arrests suspected owner of LeakBase cybercrime forum

Russian police arrested a Taganrog resident believed to be the owner of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools.

ARES threat group / LeakBase operatorsFinancial ServicesTechnology
BleepingComputerMar 26, 20263m2