3/31/2026

April 1, 2026April 1, 2026 ~ The Cyber Beat ~ Leave a comment

Iran’s Revolutionary Guard Threatens to Strike U.S. Companies in Mideast

…Iran Threatens to Start Attacking Major U.S. Tech Firms on April 1

Iran’s Hackers Are on the Offensive Against the U.S. and Israel

Iran Targets M365 Accounts With Password-Spraying Attacks

North Korea-Linked Hack Hits Largely Invisible Software That Powers Online Services

…Critical Compromise: Axios NPM Library With 100M Weekly Downloads Is Delivering Malware

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

Pro-Russian Hackers Pose as Ukraine’s Cyber Agency to Target Government, Businesses

Employee Data Breaches Surge to Seven-Year High

Cybercriminals Exploit Tax Season With New Phishing Tactics

Hacker Charged With Stealing $53 Million From Uranium Crypto Exchange

Claude Code Leak Exposes a Tamagotchi-Style ‘Pet’ and an Always-on Agent

…Claude Code Source Code Accidentally Leaked in NPM Package

Cisco Source Code Stolen in Trivy-Linked Dev Environment Breach

Hackers Hit Minot Water Treatment Plant (ND) Server in Ransomware Case, FBI Investigating

Dutch Finance Ministry Takes Treasury Banking Portal Offline After Breach

Don’t Open That WhatsApp Message, Microsoft Warns

Leak Bazaar: New Criminal Service Plans to Monetize Data Stolen by Ransomware Gangs

CISA Orders Feds to Patch Actively Exploited Citrix Flaw by Thursday

GIGABYTE Control Center Vulnerable to Arbitrary File Write Flaw

Claude AI Finds Vim, Emacs RCE Bugs that Trigger on File Open

Android Developer Verification Rollout Begins Ahead of September Enforcement

Google’s Vertex AI Has an Over-Privileged Problem

3/30/2026

March 31, 2026March 31, 2026 ~ The Cyber Beat ~ Leave a comment

European Commission Confirms Data Breach After europa.eu Hack

…European Commission Downplays ShinyHunters Cyberattack Impact

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

State Department Reissues $10 Million Reward for Info on Iranian Hackers

ICO Fines UK Nuisance Call Scammers £100,000

Russian Court Sentences Notorious Card Fraud Ringleader ‘Flint’ and 25 Associates

Italian Regulator Fines Financial Giant $36 Million for Data Protection Failures

Microsoft Pulls KB5079391 Windows Update Over Install Issues

Healthcare Tech Firm CareCloud Says Hackers Stole Patient Data

Liberal Unified School District 480 (KS) Reports Computer Hack

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

New RoadK1ll WebSocket Implant Used to Pivot on Breached Networks

Critical Fortinet Forticlient EMS Flaw Now Exploited in Attacks

OpenAI Patches ChatGPT Flaw That Smuggled Data Over DNS

Apple Adds macOS Terminal Warning to Block ClickFix Attacks

3/27-29/2026

March 30, 2026March 30, 2026 ~ The Cyber Beat ~ Leave a comment

Iran-Linked Hackers Breach FBI Director’s Personal Email, Publish Photos and Documents

Iran War Drives Urgent Need to Counter Underwater Attack Drones

Latvia Accuses Russia of of Unorthodox Disinformation Campaign Targeting Baltic States

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google

Dutch Court Threatens zAI With Fines Over Grok’s Nonconsensual Nude Images

European Parliament Rejects Extension of CSAM Scanning Rules for Tech Platforms

Anti-Piracy Coalition Takes Down AnimePlay App With 5 Million Users

Cybersecurity Stocks Fall on Report Anthropic Is Testing a Powerful New Model

European Commission Investigating Breach After Amazon Cloud Account Hack

Dutch Police Discloses Security Breach After Phishing Attack

Rocky Mountain Care Discloses Data Breach Following Ransomware Attack

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

New Infinity Stealer Malware Grabs macOS Data via ClickFix Lures

Fake VS Code Alerts on GitHub Spread Malware to Developers

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

File Read Flaw in Smart Slider Plugin Impacts 500K WordPress Sites

3/26/2026

March 26, 2026March 26, 2026 ~ The Cyber Beat ~ Leave a comment

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

Iran-Linked Pay2Key Ransomware Group Re-Emerges

Pro-Ukraine Hacker Group Bearlyfy Targets Russian Companies With Custom Ransomware

Indian Government Probes CCTV Espionage Operation Linked to Pakistan

Using a VPN May Subject You to NSA Spying

Invoice Fraud Costs UK Construction Sector Millions, NCA Warns

A $20 Billion Crypto Scam Market Xinbi Guarantee Faces a New Government Crackdown

U.S. Official Accuses China of Supporting, Exploiting Cyber Scam Crisis in Southeast Asia

Suspected RedLine Infostealer Malware Admin Extradited to U.S.

Brit Lawmaker Targeted by AI Deepfake Fails to Get Answers From U.S. Big Tech

EU Investigating Snapchat and Pornography Sites in Child Safety Crackdown

Ajax Football Club Hack Exposed Fan Data, Enabled Ticket Hijack

TikTok for Business Accounts Targeted in New Phishing Campaign

EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks

Supply Chain Attack Hits Widely-Used AI Package, Risks Impacting Thousands of Companies

CISA: New Langflow Flaw Actively Exploited to Hijack AI Workflows

Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

GitHub Adds AI-Powered Bug Detection to Expand Security Coverage

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

3/25/2026

March 25, 2026March 25, 2026 ~ The Cyber Beat ~ Leave a comment

UK Cyber Chief Urges ‘Full Court Press’ to Counter Rising Cyber Threats

CISA’s Acting Chief Warns Shutdown Is Increasing Cyber Risks, Causing Resignations

When Satellite Data Becomes a Weapon

Iranians Don’t Have a Missile Alert System, So Volunteers Built Their Own Warning Map

Cloud Phones Linked to Rising Financial Fraud Threat

Fake X-Rays Created by AI Fool Radiologists and Even AI Itself

Meta and YouTube Lose Landmark Social-Media Addiction Trial

Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

Puerto Rico Government Agency Cancels Driver’s License Appointments After Cyberattack

Ransomware Attack Disrupts Operation at Major Spanish Fishing Port

New Torg Grabber Infostealer Malware Targets 728 Crypto Wallets

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Bubble AI App Builder Abused to Steal Microsoft Account Credentials

AI Supply Chain Attacks Don’t Even Require Malware…Just Post Poisoned Documentation

PTC Warns of Imminent Threat from Critical Windchill, FlexPLM RCE Bug

TP-Link Warns Users to Patch Critical Router Auth Bypass Flaw

Kali Linux 2026.1 Released with 8 New Tools, New BackTrack Mode

Blame Game: Why Public Cyber Attribution Carries Risks

3/24/2026

March 25, 2026March 25, 2026 ~ The Cyber Beat ~ Leave a comment

Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage

Iran-Linked Ransomware Gang Targeted U.S. Healthcare Org Amid Military Conflict

Stryker Says Malware Was Involved in Recent Cyberattack as Production Lines Reopen

DarkSword: Someone Has Publicly Leaked an Exploit Kit That Can Hack Millions of iPhones

Your Body Is Betraying Your Right to Privacy

‘Your Data Will Be Used Against You’: Author of New Book on the Dangers of a Surveillance Society

U.S. Settles Social Media Censorship Case, Bars Agencies From Threatening Penalties

UK Pilot Program to Test Social Media Restrictions on Families Before Government Decides on Ban

Russian Initial Access Broker Handed 81-Month Sentence

Firefox Now Has a Free Built-in VPN with 50GB Monthly Data Limit

How a Large Bank Uses AI Digital Twins for Threat Hunting

Dutch Ministry of Finance Discloses Breach Affecting Employees

Infinite Campus Warns of Breach After ShinyHunters Claims Data Theft

HackerOne Discloses Employee Data Breach After Navia Hack

Crunchyroll Confirms Data Breach After Hacker Claims Unauthorized Access

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

…TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

New Npm ‘Ghost Campaign’ Uses Fake Install Logs to Hide Malware

Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

PTC Warns of Imminent Threat From Critical Windchill, FlexPLM RCE Bug

Vibe Coding Could Reshape SaaS Industry and Add Security Risks, Warns UK Cyber Agency

3/23/2026

March 24, 2026March 24, 2026 ~ The Cyber Beat ~ Leave a comment

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

FBI Warns of Handala Hackers Using Telegram in Malware Attacks

Krebs: ‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A Mysterious Numbers Station Is Broadcasting Through the Iran War

U.S. Soldier Sentenced for Helping North Korean IT Workers

U.S. Regulator Bans Imports of New Foreign-Made Routers, Citing Security Concerns

High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports

Smooth Criminals Talking Their Way Into Cloud Environments, Google Says

U.S. Sentences Nigerian National to 7 Years in $6 Million Email Fraud Scheme

Russia-Linked Malware Operation Collapses After Security Failures, Developer’s Arrest

Online Crime Busts Are Teaching Hackers How to Avoid Getting Caught

Tycoon2FA Phishing Service Resumes Activity Post-Takedown

Crunchyroll Probes Breach After Hacker Claims to Steal 6.8m Users’ Data

Mazda Discloses Security Breach Exposing Employee and Partner Data

California-Based Semiconductor Testing Company Trio-Tech International Reports Ransomware Attack to SEC

Education Company Kaplan Reports Data Breach Impacting More Than 230,000

Hacker Walks Away With $24.5 Million After Breaching Resolv DeFi Platform

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems

Claude Attacks Were ‘Rorschach Test’ for Infosec Community, Scaring Former NSA Boss

Google Unleashes Gemini AI Agents on the Dark Web

OpenAI Rolls Out ChatGPT Library to Store Your Personal Files and Images

3/20-22/2026

March 23, 2026March 23, 2026 ~ The Cyber Beat ~ Leave a comment

White House AI Plan Favors Speed Over New Rules

Private-Sector Role Clarified in Offensive U.S. Cyber Strategy

Ex-Data Analyst Stole Company Data in $2.5m Extortion Scheme

Musician Admits to $10M Streaming Royalty Fraud Using AI Bots

Krebs: Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

Police Take Down 373,000 Fake CSAM Sites in Operation Alice

FBI Takes Down Leak Sites Tied to Iran’s Ministry of Intelligence and Security

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online

A Top Democrat Is Urging Colleagues to Support Trump’s Spy Machine

Cryptographers Engage in War of Words Over RustSec Bug Reports and Subsequent Ban

Cyberattack on Vehicle Breathalyzer Company Intoxalock Leaves Drivers Stranded Across the U.S.

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Foster City (CA) Hit by Ransomware Attack, Plans to Declare State of Emergency

VoidStealer Malware Steals Chrome Master Key via Debugger Trick

Microsoft Azure Monitor Alerts Abused for Callback Phishing Attacks

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

AI Conundrum: Why Model Context Protocol (MCP) Security Can’t Be Patched Away

3/19/2026

March 19, 2026March 19, 2026 ~ The Cyber Beat ~ Leave a comment

Russian Hackers Exploit Zimbra Flaw in Ukrainian Gov’t Attacks

Bitrefill Blames North Korean Lazarus Group for Cyberattack

CISA Urges U.S. Orgs to Secure Microsoft Intune Systems After Stryker Breach

FBI Seizes Handala Data Leak Site After Stryker Cyberattack

Orthodox Jewish News Site Yeshiva World News Hacked After Threats of Iran Cyber Attack

Ransomware Affiliate Exposes Details of ‘The Gentlemen’ Operation

Jeff Bezos in Talks to Raise $100 Billion for AI Manufacturing Fund

Signal’s Creator Is Helping Encrypt Meta AI

U.S. Intel Chiefs Urge Lawmakers to Extend Section 702 Surveillance Power Without Changes

Google Gives Android Users a Way to Install Unverified Apps if They Prove They Really, Really Want To

Navia Discloses Data Breach Impacting 2.7 Million People

Aura Confirms Data Breach Exposing 900,000 Marketing Contacts

Financial Brands Targeted in Global Mobile Banking Malware Surge

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

C2 Implant ‘SnappyClient’ Targets Crypto Wallets

54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security

Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers

Unknown Attackers Exploit Yet Another Critical Sharepoint Bug

New ‘PolyShell’ Flaw Allows Unauthenticated RCE on Magento e-Stores

Max Severity Ubiquiti Unifi Flaw May Allow Account Takeover

3/18/2026

March 18, 2026March 24, 2026 ~ The Cyber Beat ~ Leave a comment

Thank you for reading our 1,500th post!

Russia-Linked Hackers UNC6353 Use Advanced iPhone Exploit to Target Ukrainians

…DarkSword: Hackers Can Raid iOS 18 With an Infected Link

Israel Is Hunting Down Iranian Regime Members in Their Hideouts, One by One

Israel Behind ‘Highly Accurate’ Cyber Attack on Iranian Port

Greek Firms Scan Computer Systems as Iran War Raises Cyberattack Risks

CISA Official Says Agency Has Not Seen Uptick in Cyber Threats Amid Iran War

North Korea’s 100,000-Strong Fake IT Worker Army Rake in $500M a Year for Kim Jong Un

Crypto E-Commerce Platform Bitrefill Accuses North Korea of Stealing 18,500 Purchase Records

Crypto Scam “ShieldGuard” Dismantled After Malware Discovery

Moscow Seeks to Limit Internet to State-Approved Websites Amid Ongoing Outages

Marquis: Ransomware Gang Stole Data of 672K People in Cyberattack

Nordstrom’s Email System Abused to Send Crypto Scams to Customers

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

CISA Orders Feds to Patch Zimbra XSS Flaw Exploited in Attacks

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

ConnectWise Patches New Flaw Allowing ScreenConnect Hijacking

New Ubuntu Flaw Enables Local Attackers to Gain Root Access

AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure

Users Hate It, but Age-Check Tech Is Coming: Here’s How It Works

3/17/2026

March 17, 2026March 17, 2026 ~ The Cyber Beat ~ Leave a comment

U.S. Cyber Assault on Iran Before Bombing Hasn’t Stopped Hackers

…Stryker Says Cyberattack on Its Network Contained

…Stryker Says It’s Restoring Systems After Pro-Iran Hackers Wiped Thousands of Employee Devices

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

Surge in Nation State Attacks on UK Firms Amid Cyber Warfare Fears

EU Sanctions Iranian Cyber Front Over Election Meddling, Charlie Hebdo Breach

…Europe Sanctions Chinese and Iranian Firms for Cyberattacks

Russia Is Sharing Satellite Imagery and Drone Technology With Iran

How World ID Wants to Put a Unique Human Identity on Every AI Agent

Finance Bros to Tech Bros: Don’t Mess With My Bloomberg Terminal

Georgia Man Charged for Robbing NBA, NFL Players Through Stolen Apple Account Details

Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026

Sears Exposed AI Chatbot Phone Calls and Text Chats to Anyone on the Web

Medusa Ransomware Gang Claims Attacks on Prominent Mississippi Hospital, New Jersey County

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

GlassWorm Malware hits 400+ Code Repos on GitHub, npm, VSCode, OpenVSX

Warlock Ransomware Group Augments Post-Exploitation Activities

Android OS-Level Attack Bypasses Mobile Payment Security

New Font-Rendering Trick Hides Malicious Commands From AI Tools

Researchers Disclose Vulnerabilities in IP KVMs From Four Manufacturers

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

‘CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment

Energy Department Set to Release Its First-Ever Cyber Strategy

3/16/2026

March 17, 2026March 17, 2026 ~ The Cyber Beat ~ Leave a comment

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

EU Sanctions Chinese and Iranian Companies for Cyber Attacks

Stryker Attack Wiped Tens of Thousands of Devices, No Malware Needed

…Stryker Says Hospital Tools Are Safe, but Digital Ordering Systems Still Down After Cyberattack

Cybercrime Has Skyrocketed 245% Since the Start of the Iran War

‘100 Video Calls per Day’: Models Are Applying to Be the Face of AI Scams

OpenAI’s Bid to Allow X-Rated Talk Is Freaking Out Its Own Advisers

OpenAI Says ChatGPT Ads Are Not Rolling Out Globally for Now

Firms Urged to Check if Other Users Edited Their Data on Companies House

Cyberattack Disrupts Parking Payments in Russian City

Researchers Warn of Global Surge in Fake Shipment Tracking Scams

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

CISA Flags Wing FTP Server Flaw as Actively Exploited in Attacks

Security Flaw in AWS Bedrock Code Interpreter Raises Alarms

Luxembourg Court Overturns $858 Million Privacy Fine Against Amazon

SEC Prepares Proposal to Eliminate Quarterly Reporting Requirement

3/13-15/2026

March 15, 2026March 15, 2026 ~ The Cyber Beat ~ Leave a comment

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

Poland’s Nuclear Research Centre Targeted by Cyberattack

Cyberwarfare Puts Civilian Businesses at Risk

What Does the Iran War Mean for the Threat of Attacks in the U.S.? Here’s What Experts Say

Rogue AI Agents Can Work Together to Hack Systems and Steal Secrets

Trump Administration Set to Receive $10 Billion Fee for Brokering TikTok Deal

Interpol’s ‘Operation Synergia III’ Nets 94 Arrests in Major Cybercrime Sweep

FBI Seeks Victims of Steam Games Used to Spread Malware

European Council Includes Ban on Nudification Tools in Its Proposal for Amending AI Act

Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026

Betterleaks, a New Open-Source Secrets Scanner to Replace Gitleaks

Canadian Retail Giant Loblaw Notifies Customers of Data Breach

Starbucks Discloses Data Breach Affecting Hundreds of Employees

Fake Enterprise VPN Sites Used to Steal Company Credentials

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

AppsFlyer Web SDK Hijacked to Spread Crypto-Stealing JavaScript Code

Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Microsoft Releases Windows 11 OOB Hotpatch to Fix RRAS RCE Flaw

A CEO’s Hack: Ask AI for A Performance Review

3/12/2026

March 12, 2026March 12, 2026 ~ The Cyber Beat ~ Leave a comment

Stryker Tells SEC That Timeline for Recovery From Cyberattack Unknown

Stryker Cyberattack Adds to Fears of New Front in Iran War

How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks

What Role Has Cyber Warfare Played in Iran?

New Data Shows Increase in FBI Searches of Americans’ Data Last Year

U.S. Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access

Police Scotland Fined After Sharing Victim’s Phone Data

U.S. Charges Another Ransomware Negotiator Linked to BlackCat Attacks

Operation Lightning Takes Down SocksEscort Proxy Network Blamed for Tens of Millions in Fraud

U.S. Sanctions North Korea IT Worker Networks in Laos, Vietnam

China’s CERT Warns OpenClaw Can Inflict Nasty Wounds

Israeli Cyber Firm Onyx Security Launches Operations With $40 Million Funding Round

UK Regulators Demand Social Media Platforms Make It Harder for Kids Under 13 to Access Sites

Lloyds, Bank of Scotland and Halifax Apps Showed Customers Other Users’ Transactions

Telus Says It Is Investigating Hack of Its Systems

England Hockey Investigating Ransomware Data Breach

INC Ransomware Group Holds Healthcare Hostage in Oceania

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

PixRevolution Malware Hijacks Brazil’s PIX Transfers in Real Time

…Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Veeam Warns of Critical Flaws Exposing Backup Servers to RCE Attacks

Google Paid $17.1 Million for Vulnerability Reports in 2025

3/11/2026

March 11, 2026March 11, 2026 ~ The Cyber Beat ~ Leave a comment

Krebs: Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

…Iran Plots ‘Infrastructure Warfare’ Against Multiple U.S. Tech Giants

…Iran-Linked Hackers Claim Cyberattack on Albania’s Parliament Email Systems

…Iranian Influence Operation Using Fake Personas to Deceive U.S. Instagram Users Disrupted, Meta Says

Meta Ramps up Efforts to Disrupt Industrialized Scamming

AI Cyber Startup Kai Raises $125 Million

Senators Propose Federal AI Commission Days After Anthropic Ban

Researchers Discover Major Security Gaps in LLM Guardrails

Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes

Foreign Hacker in 2023 Compromised Epstein Files Held by FBI, Source and Documents Show

238,000 Impacted by Bell Ambulance Data Breach

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

New Phantomraven npm Attack Wave Steals Dev Data via 88 Packages

Xygeni GitHub Action Compromised Via Tag Poison

SQLi Flaw in Elementor Ally Plugin Impacts 250k+ WordPress Sites

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

Krebs: Microsoft Patch Tuesday, March 2026 Edition

France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025

Cyber-Attacks on UK Firms Increase at Four Times Global Rate

WhatsApp Introduces Parent-Managed Accounts for Pre-Teens

3/10/2026

March 11, 2026March 11, 2026 ~ The Cyber Beat ~ Leave a comment

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

Finnish Intelligence Warns of Persistent Cyber Espionage From Russia, China

Israeli Cyber Authority Uses AI to Mock Iranian Hackers, Counter Psychological Warfare

Cybercrime Isn’t Just a Cover for Iran’s Government Goons – It’s a Key Part of Their Operations

GPS Attacks Near Iran Are Wreaking Havoc on Delivery and Mapping Apps

Signal Issues Scam Warning to Users After Hackers Target Officials

Your Data Has Been Breached! (And This Notice Is a Scam!)

Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds

U.S. Judiciary to Fast-Track Court Records System Upgrade After Hacking

Meta Acquires AI Agent Social Network Moltbook

OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap

Microsoft Brings Phishing-Resistant Windows Sign-Ins via Entra Passkeys

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

New BeatBanker Android Malware Poses as Starlink App to Hijack Devices

New ‘BlackSanta’ EDR Killer Spotted Targeting HR Departments

Crooks Compromise WordPress Sites to Push Infostealers via Fake CAPTCHA Prompts

New ‘Zombie ZIP’ Technique Lets Malware Slip Past Security Tools

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

HPE Warns of Critical AOS-CX Flaw Allowing Admin Password Resets

Critical Microsoft Excel Bug Weaponizes Copilot Agent for Zero-Click Information Disclosure Attack

UK Plans to Shift Fraud Fight Onto Telecoms, Tech Companies

Rudd Confirmed to Head NSA, Cyber Command After Near Year-Long Vacancy

3/9/2026

March 9, 2026March 9, 2026 ~ The Cyber Beat ~ Leave a comment

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

Dutch Gov’t Warns of Russian Signal, WhatsApp Account Hijacking Attacks

Krebs: How AI Assistants are Moving the Security Goalposts

AI vs AI: Agent Hacked McKinsey’s Chatbot and Gained Full Read-Write Access in Just Two Hours

FBI Warns of Phishing Attacks Impersonating U.S. City, County Officials

UK Launches New Crackdown Unit to Tackle Cyber-Fraud at the Source

White House Floats Victims Restoration Program for Millions Affected by Cyber Fraud

New White House Cyber Strategy Pledges to Ease Regulations, ‘Impose Costs’ on Bad Actors

CrowdStrike Sues Rival AiStrike for Trademark Infringement

ShinyHunters Claims More High-Profile Victims in Latest Salesforce Customers Data Heist

Ericsson U.S. Discloses Data Breach After Service Provider Hack

Ontario Health Agency Vendor Suffered Major Ransomware Attack in 2025

Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data

Microsoft Teams Phishing Targets Employees With A0Backdoor Malware

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Google: Cloud Attacks Exploit Flaws More Than Weak Credentials

Are We Ready for Auto Remediation With Agentic AI?

Trump Nominee Lt. Gen. Joshua Rudd to Lead Cyber Command, NSA Clears Key Senate Hurdle

3/6-8/2026

March 8, 2026March 8, 2026 ~ The Cyber Beat ~ Leave a comment

FBI Investigates Breach of Surveillance and Wiretap Systems

…China Suspected in Breach of FBI Surveillance Network

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

Mojtaba Khamenei to Succeed His Father as Iran’s Supreme Leader

Iran Internet Blackout Reaches 6th Day as Rights Groups Call for End to Digital Shutdown

The Future of Iran’s Internet Is More Uncertain Than Ever

Iran’s MuddyWater Hackers Hit US Firms with New ‘Dindoor’ Backdoor

White House Publishes Long-Awaited Cybersecurity Strategy

Trump Signs Executive Order Aimed at Cybercrime Gangs

CBP Used Online Ad Data to Track Phone Locations

Online Age-Verification Tools Spread Across U.S. For Child Safety, but Adults Are Being Surveilled

Proton Mail Helped FBI Unmask Anonymous ‘Stop Cop City’ Protester

Palantir Rallies 15% for the Week as Iran War Boosts Prospects, Muting Anthropic Concern

AI Agents Now Help Attackers, Including North Korea, Manage Their Drudge Work

Speakeasies to Shadow AI: Banning AI Browsers Will Fail

EU Court Adviser Says Banks Must Immediately Refund Phishing Victims

Ghanain Man Pleads Guilty to Role in $100 Million Fraud Ring

TfL Hack in 2024 Affected Around 10 Million People, BBC Can Reveal

DeKalb County (IN) Officials Release Data Breach Notice to Residents

Tennis Player Shares Threats Sent to Personal Phone, WTA Tour Says No Breach of Private Data

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

Bing AI Promoted Fake OpenClaw GitHub Repo Pushing Info-Stealing Malware

Fake Claude Code Install Guides Push Infostealers in InstallFix Attacks

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Termite Ransomware Breaches Linked to ClickFix CastleRAT Attacks

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Hackers Abuse .arpa DNS and ipv6 to Evade Phishing Defenses

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

CISA Warns Feds to Patch iOS Flaws Exploited in Crypto-Theft Attacks

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Ransomware’s New Target: The Systems Built to Recover From It

Indonesia to Ban Children Under 16 From Social Media

3/5/2026

March 5, 2026March 5, 2026 ~ The Cyber Beat ~ Leave a comment

Israel Says It Knocked Out Iran’s Cyber Warfare Headquarters

How Israel’s Cyber Chief Is Navigating Through the Dystopian Cyber-AI Period

Iran’s Pro-Regime Hackers Cannot Back Up Their Claims of Successful Cyber Attacks

How a Music Streaming CEO Built an Open-Source Global Threat Map in His Spare Time

Trump, Bondi Face Lawsuit Over Approval of ByteDance TikTok U.S. Asset Sale

Police Dismantles Online Gambling Ring Exploiting Ukrainian Women

FBI Arrests Suspect Linked to $46M Crypto Theft From U.S. Marshals

62 People Indicted by Taiwanese Prosecutors Over Ties to Cyber Scam Company Prince Group

Phobos Ransomware Admin Pleads Guilty to Wire Fraud Conspiracy

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

Italian Prosecutors Confirm Journalist Was Hacked With Paragon Spyware

Passaic County (NJ) IT Systems Hacked as Officials Warn Other NJ Towns May Be Targeted

Wikipedia Hit by Self-Propagating JavaScript Worm That Vandalized Pages

ContextCrush Flaw Exposes AI Development Tools to Attacks

AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns

Cisco Flags More SD-WAN Flaws as Actively Exploited in Attacks

WordPress Membership Plugin Bug Exploited to Create Admin Accounts

Google Says 90 Zero-Days Were Exploited in Attacks Last Year

3/4/2026

March 5, 2026March 5, 2026 ~ The Cyber Beat ~ Leave a comment

Multi-Stage “BadPaw” Malware Campaign Targets Ukraine

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Surge in Attacks on Surveillance Cameras Linked to Iranian Hackers

149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict

How Vulnerable Are Computers to an 80-Year-Old Spy Technique? Congress Wants Answers

Spyware-Grade Coruna iOS Exploit Kit Now Used in Crypto Theft Attacks

Kaspersky Dismisses Claims Coruna iPhone Exploit Kit Is Connected to NSA-Linked Operation

Anthropic ‘Made a Mistake’ in Pentagon Talks and Should ‘Correct Course,’ FCC Boss Says

U.S. and EU Police Shut Down LeakBase, a Site Accused of Sharing Stolen Passwords and Hacking Tools

Microsoft Helps Bust Global Hacking Service Tycoon 2FA

Mississippi Medical Center Reopens Clinics Hit by Ransomware Attack

Hacker Mass-Mails HungerRush Extortion Emails to Restaurant Patrons

Fake LastPass Support Email Threads Try to Steal Vault Passwords

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Cisco Warns of Max Severity Secure FMC Flaws Giving Root Access

Mail2Shell Zero-Click Attack Lets Hackers Hijack FreeScout Mail Servers

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

Bitwarden Adds Support for Passkey Login on Windows 11

Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows

Stranger Things Meets Cybersecurity: Lessons from the Hive Mind

3/3/2026

March 3, 2026March 3, 2026 ~ The Cyber Beat ~ Leave a comment

Hack of Cameras, AI Use: Wide Cyberattack on Iran Preceded Khamenei Killing

Israel: RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App

Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign

Iranian Drone Strikes Hit Amazon Data Centers in Gulf, Disrupting Cloud Services

Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion

The Lead U.S. Cyber Agency Is Stretched Thin as Iran Hacking Threat Escalates

Cyberwarriors Elevated to Big Leagues in U.S. War With Iran

U.S. Banks on High Alert for Cyberattacks as Iran War Escalates

A Possible U.S. Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals

How Journalists Are Reporting From Iran With No Internet

With Developer Verification, Google’s Apple Envy Threatens to Dismantle Android’s Open Legacy

Western Allies Form 6G Security Coalition Amid Tech Rivalry With China

Google Urges Supreme Court to Strike Down Geofence Warrants as Unconstitutional

LexisNexis Confirms Data Breach as Hackers Leak Stolen Files

Paint Maker Giant AkzoNobel Confirms Cyberattack on u.s. Site

Star Citizen Game Dev Discloses Breach Affecting User Data

Until Last Month, Attackers Could’ve Stolen Info From Perplexity Comet Users Just by Sending a Calendar Invite

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

AI and Deepfakes Supercharge Sophisticated Cyber-Attacks, Says Cloudflare

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Google Chrome Shifts to Two-Week Release Cycle for Increased Stability

Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks

Half of U.S. CISOs Work the Equivalent of a Six-Day Week

Chat at Your Own Risk! Data Brokers Are Selling Deeply Personal Bot Transcripts

Turns Out Most Cybercriminals Are Old Enough to Know Better

California Fines National High School Ticketing Platform $1.1 Million for Privacy Violations

3/2/2026

March 3, 2026March 3, 2026 ~ The Cyber Beat ~ Leave a comment

Cyber Command Disrupted Iranian Comms, Sensors, Top General Says

Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel

…UK Warns of Iranian Cyberattack Risks Amid Middle-East Conflict

…Iran-Backed Hackers Aim for Economic Disruption

…Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity

…Attacks on GPS Spike Amid U.S. and Israeli War on Iran

Space Has Become ‘War-Fighting Domain’ as Militaries Race to Orbit, SES Chief Says

CyberStrikeAI Tool Adopted by Hackers for AI-Powered Attacks

Florida Woman Imprisoned for Massive Microsoft License Fraud Scheme

Alabama Man Pleads Guilty to Hacking, Extorting Hundreds of Women

German Court Convicts Alleged Mastermind Behind Global Investment Scam Network

Anthropic Confirms Claude Is Down in a Worldwide Outage Across All Platforms

Cyberattack Briefly Disrupts Russian Internet Regulator and Defense Ministry Websites

Russian Propaganda Network Uses ChatGPT to Plan Influence Operations in Africa

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

Alleged India-Linked Espionage Campaign Targeted Pakistan, Bangladesh, Sri Lanka

Phish of the Day: Microsoft OAuth Scams Abuse Redirects for Malware Delivery

Fake Google Security Site Uses PWA App to Steal Credentials, MFA Codes

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome Unveils Plan For Quantum-Safe HTTPS Certificates

2/27-3/1/2026

March 2, 2026March 2, 2026 ~ The Cyber Beat ~ Leave a comment

Iran’s Supreme Leader Ayatollah Ali Khamenei Killed in Major Attack by U.S. and Israel

…Ahead of Strikes, Trump Was Told Iran Attack Is High Risk, High Reward

…Israel Hacked Popular Iranian Prayer App to Urge Defections, Resistance

…Hackers Hit Iranian Apps, Websites After U.S.-Israeli Strikes

…Why the U.S. and Israel Struck When They Did: A Chance to Kill Iran’s Leaders

…This Is the System That Intercepted Iran’s Missiles Over the UAE

…The 5 Big ‘Known Unknowns’ of Donald Trump’s New War With Iran

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute

CISA Is Getting a New Acting Director After Less Than a Year: Nick Andersen is Replacing Madhu Gottumukkala

New York State Elevates Its Cyber Chief to a Broader New Security Role

Krebs: Who is the Kimwolf Botmaster “Dort”?

‘Silent Failure at Scale’: The AI Risk That Can Tip the Business World Into Disorder

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

Ukrainian Man Pleads Guilty to Running AI-Powered Fake ID Site

‘Project Compass’ Cracks Down on ‘The Com’: 30 Members of Notorious Cybercrime Gang Arrested

Intellexa Founder, Three Others Sentenced to 8 Years in Prison Over Greek Spyware Scandal

Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams

South Korea’s Tax Office Apologizes for Leaking Seed Phrase to Seized Crypto

Personal Data Stolen in Ransomware Attack on Hong Kong’s Ngong Ping 360 Attraction

University of Hawaii Cancer Center Hack Exposed Social Security Numbers Of Up To 1.15 Million

North Korea’s APT37 Expands Toolkit to Breach Air-Gapped Networks

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

QuickLens Chrome Extension Steals Crypto, Shows ClickFix Attack

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

CISA Warns That RESURGE Malware Can Be Dormant on Ivanti Devices

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

UK Vulnerability Monitoring Service Cuts Unresolved Security Flaws by 75%

Microsoft Testing Windows 11 Batch File Security Improvements

EU Lawmakers Propose That Youth Under 16 Be Barred From Social Media Without Parental Consent

Instagram to Start Alerting Parents When Children Search for Terms Relating to Self-Harm

Life Mirrors Art: Ransomware Hits Hospitals on Television (TV) & In Real Life (IRL)

Samsung TVs to Stop Collecting Texans’ Data Without Express Consent

2/26/2026

February 26, 2026March 2, 2026 ~ The Cyber Beat ~ Leave a comment

UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor

Ransomware Payment Rate Drops to Record Low as Attacks Surge

…Scattered Lapsus$ Hunters Auditioning Female Voices to Sharpen Social Engineering

This AI Agent Is Designed to Not Go Rogue

Momentum Builds for Offensive Private-Sector Cyber Roles

NATO Says iPhones & iPads Are Secure Enough to Handle Classified Data

Greece’s Watergate: Four Convicted Over Spyware Scandal That Shook Greece

Former Air Force Officer Arrested for Conspiring With Hacker to Provide Flight Training to Chinese Military

Justice Department Exposed Cooperating Witnesses in Epstein Files

New York Sues Valve for Promoting Illegal Gambling via Game Loot Boxes

Olympique Marseille Confirms ‘Attempted’ Cyberattack After Data Leak

European DYI Chain ManoMano Data Breach Impacts 38 Million Customers

ShinyHunters Hacking Group Begins Leaking Customer Data in Dutch Telecom Odido Hack

Aeternum Botnet Shifts Command Control to Polygon Blockchain

New AirSnitch Attack Breaks Wi-Fi Encryption in Homes, Offices, and Enterprises

Previously Harmless Google API Keys Now Expose Gemini AI Data

Critical Juniper Networks PTX Flaw Allows Full Router Takeover

Trend Micro Warns of Critical Apex One Code Execution Flaws

Exploitable Vulnerabilities Present in 87% of Organizations

Microsoft Expands Windows Restore to More Enterprise Devices

Wyden Blocks Rudd Confirmation to Lead Cyber Command, NSA

2/25/2026

February 25, 2026February 25, 2026 ~ The Cyber Beat ~ Leave a comment

Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries

…Chinese Cyberspies Breached Dozens of Telecom Firms, Gov’t Agencies

Iran-Linked Group Claims Hack of Israel’s Largest Healthcare Network

Critical Cisco SD-WAN Bug Exploited in Zero-Day Attacks Since 2023

U.S. Orders Diplomats to Fight Data Sovereignty Initiatives

How Mexico’s ‘CJNG’ Drug Cartel Embraced AI, Drones, and Social Media

Here’s What a Google Subpoena Response Looks Like, Courtesy of the Epstein Files

ADT Just Bought the Company That Invented Wi-Fi Motion Sensing

Cyber Startups Ride AI Wave to Funding Highs

Israeli AI-Cyber Firm Gambit Security Raises $61 Million

Nvidia Beats Back Bubble Fears With Record $68 Billion in Sales in Fourth Quarter

Former Defense Contractor Boss Gets 7+ Years for Selling Zero Days

…Inside the Story of the U.S. Defense Contractor Who Leaked Hacking Tools to Russia

Moscow Man Accused of Posing as FSB Officer to Extort Conti Ransomware Gang

Popular Sex Toy Company Tenga Admits Hacker Stole Sensitive Customer Information

Medical Device Maker UFP Technologies Warns of Data Stolen in Cyberattack

Health Insurance Tech Provider TriZetto Says More Than 3 Million Impacted by 2024 Breach

Phishing Campaign ‘Diesel Vortex’ Targets Freight and Logistics Orgs in the U.S., Europe

New York City Transit Union Purportedly Targeted by Qilin

Malicious NuGet Package Targets Stripe Developers

Fake ‘Interview’ Repos Lure Next.js Devs Into Running Secret-Stealing Malware

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Zyxel Warns of Critical RCE Flaw Affecting Over a Dozen Routers

U.S. Cybersecurity Agency CISA Reportedly in Dire Shape Amid Trump Cuts and Layoffs

FTC Says It Won’t Enforce COPPA Against Proper Use of Age Verification Tools

Discord Puts Global Age Verification Policy on Hold After Backlash

Chinese Prosecutors Raise Alarm About Growth of Domestic IP Theft

2/24/2026

February 24, 2026February 24, 2026 ~ The Cyber Beat ~ Leave a comment

North Korean Lazarus Group Expands Ransomware Activity With Medusa

Phishing Operation With Links to Russia, Armenia Compromised Western Cargo Companies, Researchers Find

Chinese AI Firms Hit Claude with Distillation Attacks, Anthropic Warns

AI Has Gotten Good at Finding Bugs, Not So Good at Swatting Them

AI Is Transformative, but Won’t Replace Established Software Anytime Soon

Cost of Insider Incidents Surges 20% to Nearly $20m

UK Fines Reddit $19 Million for Using Children’s Data Unlawfully

Marquis Sues Firewall Provider SonicWall, Alleges Security Failings With Its Firewall Backup Led to Ransomware Attack

Binance Fired Staff Who Flagged $1 Billion Moving to Sanctioned Iran Entities

U.S. ‘Committed’ to Fighting Transnational Gangs Behind Southeast Asian Scam Compounds: FBI

U.S. Sanctions Russian Exploit Broker for Buying Cyber Tools Stolen From Defense Contractor

Ukraine Pushes Tighter Telegram Regulation, Citing Russian Recruitment of Locals

CarGurus Data Breach Exposes Information of 12.4 Million Accounts

Conduent Data Breach Grows, Affecting at Least 25M People

Wynn Resorts Says Hackers Stole Employee Data

ShinyHunters Extortion Gang Claims Odido Breach Affecting Millions

University of Mississippi Medical Center Clinics Remain Closed Nearly a Week After Cyber Attack

Crypto Platform Step Finance Shutting Down After $40 Million Theft

Multifaceted Phishing Scheme Deceives Bitpanda Customers

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

1Campaign Platform Helps Malicious Google Ads Evade Detection

Android Mental Health Apps With 14.7m Installs Filled With Security Flaws

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

Critical SolarWinds Serv-U Flaws Offer Root Access to Servers

2/23/2026

February 23, 2026February 23, 2026 ~ The Cyber Beat ~ Leave a comment

APT28 Targeted European Entities Using Webhook-Based Macro Malware

Ukraine Says Cyberattacks on Energy Grid Now Used to Guide Missile Strikes

Ransomware Gangs Advancing Moscow’s Geopolitical Aims, Romanian Cyber Chief Warns

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

Cybersecurity Stocks Drop for a Second Day as New Anthropic Tool Fuels AI Disruption Fears

IQM Quantum Computers to List Shares in Us at Initial $1.8 Billion Valuation

Suspected Anonymous Members Detained in Spain Over Post-Flood DDoS Blitz

Air Côte d’Ivoire Confirms Cyberattack Following Ransomware Claims

Ad Tech Firm Optimizely Confirms Data Breach Affecting Customers After Vishing Attack

Supply Chain Shai-Hulud-Like Worm Targets Developers via npm and AI Tools

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

PayPal Fraud Investigation Reveals Sophisticated Python Malware

CISA: Two Recently Patched RoundCube Webmail Flaws Now Exploited in Attacks

Global Data Protection Authorities Warn Generative AI Companies Against Replicating Real People

2/20-22/2026

February 22, 2026February 22, 2026 ~ The Cyber Beat ~ Leave a comment

UAE Foils Cyber Attacks, State News Agency Says

Hackers Breach Contractor Linked to Ukraine’s Central Bank Collectible Coin Store

Russia Stepping up Hybrid Attacks, Preparing for Long Standoff With West, Dutch Intelligence Warns

Dramatic Escalation in Frequency and Power of DDoS Attacks

Predator Spyware Hooks iOS SpringBoard to Hide Mic, Camera Activity

Krebs: ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

DHS Wants a Single Search Engine to Flag Faces and Fingerprints Across Agencies

New Cybersecurity Rules for U.S. Defense Industry Create Barrier for Some Small Suppliers

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case

Two Former Google Engineers and Spouse Indicted Over Trade Secret Transfers to Iran

ShinyHunters Demands $1.5m Not to Leak Vegas Casino Wynn Resorts and Resort Chain Data

Japanese Tech Giant Advantest Hit by Ransomware Attack

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

PayPal App Code Error Leaked Personal Info and a ‘Few’ Unauthorized Transactions

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

Arkanix Stealer Pops up as Short-Lived AI Info-Stealer Experiment

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

Romanian Hacker Faces up to 7 Years for Breaching Oregon Emergency Management Dept

2/19/2026

February 19, 2026February 19, 2026 ~ The Cyber Beat ~ Leave a comment

Researchers Warn Volt Typhoon Still Embedded in U.S. Utilities and Some Breaches May Never Be Found

Nation-State Hackers Hit Businesses For Commercial Edge

Industrial Control System Vulnerabilities Hit Record Highs

The AI Security Nightmare Is Here and It Looks Suspiciously Like Lobster

…Researchers Reveal Six New OpenClaw Vulnerabilities

How to Organize Safely in the Age of Surveillance

Crims Hit a $20M Jackpot via Malware-Stuffed ATMs

INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown

Nigerian Man Gets Eight Years in Prison for Hacking Tax Firms

UK to Demand Social Platforms Take Down Abusive Intimate Images Within 48 Hours

West Virginia Sues Apple for Alleged Child Sexual Abuse Material Failures

Google Blocked Over 1.75 Million Play Store App Submissions From Obtaining Excessive Access in 2025

Orange Shares Hit 16-Year High on Profit Beat, New Targets and M&A Hopes

Cyberattack Cripples University of Mississippi Medical Center Systems, Forces Clinic Closures

Attackers Breach France’s National Bank Account Database

Rhysida Ransomware Gang Threatens Cheyenne and Arapaho Tribes After Shutting Down Schools

Microsoft Error Sees Confidential Emails Exposed to AI Tool Copilot

Bug in Student Admissions Website Ravenna Hub Exposed Children’s Personal Information

Billions of Records Exposed by Unsecured IDMerit Database

Industrial-Scale Fake Coretax Apps Drive $2m Fraud in Indonesia

Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA

Hackers Target Microsoft Entra Accounts in Device Code Vishing Attacks

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

Remcos RAT Expands Real-Time Surveillance Capabilities

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

2/18/2026

February 18, 2026February 18, 2026 ~ The Cyber Beat ~ Leave a comment

New Backdoor Found in Android Tablets Targeting Users in Russia, Germany and Japan

Predator Spyware Used to Infect Phone Belonging to Angolan Journalist

Parents Angered by Lack of Online Safety Strategy

Spain Orders NordVPN, ProtonVPN to Block LaLiga Piracy Sites

Glendale Man Gets 5 Years in Prison for Role in Darknet Drug Ring

Fraudster Hacked Hotel System, Paid 1 Cent for Luxury Rooms, Spanish Cops Say

Texas Sues TP-Link Over China Links and Security Vulnerabilities

Poland Bans Chinese-Made Cars From Entering Military Sites

Hacking Conference Def Con Bans Three People Linked to Jeffrey Epstein

A Vast Trove of Exposed Social Security Numbers May Put Millions at Risk of Identity Theft

Data Breach at Fintech Firm Figure Affects Nearly 1 Million Accounts

ShinyHunters Allegedly Drove off With 1.7m Cargurus Records

Cryptojacking Campaign Exploits Driver to Boost Monero Mining

Telegram Channels Expose Rapid Weaponization of SmarterMail Flaws

Fed Agencies Ordered to Patch Dell Bug by Saturday After Exploitation Warning

…Dell’s Hard-Coded Flaw: A Nation-State Goldmine

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical Infra Honeywell CCTVs Vulnerable to Auth Bypass Flaw

2/17/2026

February 17, 2026February 17, 2026 ~ The Cyber Beat ~ Leave a comment

China Remains Embedded in U.S. Energy Networks ‘For the Purpose of Taking It Down’

Chinese Hackers Exploiting Dell Zero-Day Flaw Since Mid-2024

A Defector Explains the Remote-Work Scam Helping North Korea Pay for Nukes

Low-Skilled Cybercriminals Use AI to Perform “Vibe Extortion” Attacks

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

Significant Rise in Ransomware Attacks Targeting Industrial Operations

Wrongly Sent Emails ‘Most Common Data Breach’

Palo Alto Networks Slumps 6% as Third Quarter Profit Guidance Falls Short

U.S. Lawyers Fire Up Privacy Class Action Accusing Lenovo of Bulk Data Transfers to China

Poland Arrests Suspect Linked to Phobos Ransomware Operation

Hackers Target Supporters of Iran Protests in New Espionage Campaign

Citizen Lab: Kenyan Authorities Used Cellebrite to Break Into Phone of Dissident

Fake Milano Cortina Sites Target Thousands With Discount Scams, Cybersecurity Firm Says

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

RMM Abuse Explodes as Hackers Ditch Malware

Flaws in Popular VSCode Extensions Expose Developers to Attacks

Notepad++ Boosts Update Security With ‘Double-Lock’ Mechanism

Android 17 Beta Introduces Secure-By-Default Architecture

Apple Expands RCS Encryption and Memory Protections in iOS 26.4

Ireland Now Also Investigating X Over Grok-Made Sexual Images

2/13-16/2026

February 16, 2026February 16, 2026 ~ The Cyber Beat ~ Leave a comment

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

China May Be Rehearsing a Digital Siege, Taiwan Warns

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third

NATO Must Impose Costs on Russia, China Over Cyber and Hybrid Attacks, Says Deputy Chief

Europe Must Adapt to ‘Permanent’ Cyber and Hybrid Threats, Sweden Warns

EU Can’t Be ‘Naive’ About Enemies Shutting Down Critical Infrastructure, Warns Tech Official

Space Emerges as New Front in Great Power Competition, Officials Warn

AI Coding Platform’s Flaws Allow BBC Reporter to Be Hacked

Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords

The El Paso No-Fly Debacle Is Just the Beginning of a Drone Defense Mess

Robot Dogs Are on Going on Patrol at the 2026 World Cup in Mexico

Ring Ends Partnership Plans With Flock Days After Privacy Blowback From Super Bowl Ad

Dutch Cops Arrest Man After Sending Him Confidential Files by Mistake

Louis Vuitton, Dior, and Tiffany Fined $25 Million Over Data Breaches

U.S. Needs to Impose ‘Real Costs’ on Bad Actors, State Department Cyber Official Says

Washington Hotel in Japan Discloses Ransomware Infection Incident

Canada Goose Ruffles Feathers Over 600K Record Dump, Says Leak Is Old News

Eurail Says Stolen Traveler Data Now up for Sale on Dark Web

Over 500,000 Vkontakte Accounts Hijacked Through Malicious Chrome Extensions

Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft

Snail Mail Letters Target Trezor and Ledger Users in Crypto-Theft Attacks

Pastebin Comments Push ClickFix JavaScript Attack to Hijack Crypto Swaps

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

New ClickFix Attack Abuses Nslookup to Retrieve Powershell Payload via DNS

Claude LLM Artifacts Abused to Push Mac Infostealers in ClickFix Attack

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

OysterLoader Evolves With New C2 Infrastructure and Obfuscation

CISA Flags Critical Microsoft Sccm Flaw as Exploited in Attacks

CISA Gives Feds 3 Days to Patch Actively Exploited BeyondTrust Flaw

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Starlink Restrictions Hit Russian Forces as Moscow Seeks Workarounds

Infosec Exec Sold Eight Zero-Day Exploit Kits to Russia, Says DOJ

2/12/2026

February 12, 2026February 12, 2026 ~ The Cyber Beat ~ Leave a comment

Palo Alto Chose Not to Tie China to Hacking Campaign for Fear of Retaliation From Beijing, Sources Say

Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Kim Jong Un Chooses Teen Daughter as Heir, Says Seoul

Cloudflare Rises 5% as AI Agent Wave Led by Viral Moltbot Boosts Security Demand

Check Point Software Lifts Profit Outlook as AI-Driven Cyber Threats Surge

AI Skills Represent Dangerous New Attack Surface, Says TrendAI

Those ‘Summarize With AI’ Buttons May Be Lying to You

Crypto-Funded Human Trafficking Is Exploding

Guthrie Doorbell Video Delayed by Difficult Data Recovery, but Privacy Advocates Still Worry

FTC Push for Age Verification a ‘Major Landmark’ for Spread of the Tool

WhatsApp Says Russia Tried to Fully Block Platform, Push Users to State App

Odido Data Breach Exposes Personal Info of 6.2 Million Customers

Romania’s Oil Pipeline Operator Conpet Confirms Data Stolen in Attack

Fake AI Chrome Extensions With 300K Users Steal Credentials, Emails

World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

Critical BeyondTrust RCE Flaw Now Exploited in Attacks, Patch Now

WordPress Plugin With 900K Installs Vulnerable to Critical RCE Flaw

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Microsoft: New Windows LNK Spoofing Issues Aren’t Vulnerabilities

Bitwarden Introduces ‘Cupid Vault’ for Secure Password Sharing

A Hard Truth in Munich: Cyber Defense Runs Through Silicon Valley

U.S. Wants Cyber Partnerships to Send ‘Coordinated, Strategic Message’ to Adversaries

2/11/2026

February 12, 2026February 12, 2026 ~ The Cyber Beat ~ Leave a comment

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Krebs: Kimwolf Botnet Swamps Anonymity Network I2P

Posting AI-Generated Caricatures on Social Media Is Risky, Infosec Killjoys Warn

CBP Signs Clearview AI Deal to Use Face Recognition for ‘Tactical Targeting’

AI Rising: Do We Know Enough About the Data Populating It?

40 State AGs Warn House KOSA Bill Falls Short of Protecting Children Online

Police Arrest Seller of JokerOTP MFA Passcode Capturing Tool

Moscow Moves to Throttle Telegram as Kremlin Pushes Its Own Messaging App

UK Blames Legacy Systems as Ministers Promise No Repeat of Afghan Breach

Georgia Healthcare Company ApolloMD Data Breach Impacts More Than 620,000

Tulsa International Airport Hit With Ransomware Attack

LummaStealer Infections Surge After Castleloader Malware Campaigns

Crazy Ransomware Gang Abuses Employee Monitoring Tool in Attacks

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

Microsoft Fixes Notepad Flaw That Could Trick Users Into Clicking Malicious Markdown Links

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

Interim CISA Chief: ‘When the Government Shuts Down, Cyber Threats Do Not’

Is Spyware Hiding on Your Phone? How to Find Out and Remove It – Fast

2/10/2026

February 11, 2026February 11, 2026 ~ The Cyber Beat ~ Leave a comment

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

North Korean Hackers Use New macOS Malware in Crypto-Theft Attacks

“Digital Parasite” Warning as Attackers Favor Stealth for Extortion

White House to Meet With GOP Lawmakers on FISA Section 702 Renewal

Cyber Command, NSA Nominee Rudd Advances to Senate Floor

British Army Splashes $86M on AI Gear to Speed up the Battlefield Kill Chain

Fugitive Behind $73M ‘Pig Butchering’ Scheme Gets 20 Years in Prison

Google Secures EU Antitrust Approval for $32 Billion Wiz Acquisition

Microsoft Announces New Mobile-Style Windows Security Controls

Nearly 17,000 Volvo Staff Dinged in Supplier Breach

Phorpiex Phishing Delivers Low-Noise Global Group Ransomware

New Mobile Spyware ZeroDayRAT Targets Android and iOS

Malicious 7-Zip Site Distributes Installer Laced With Proxy Tool

Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

New Linux Botnet SSHStalker Uses Old-School IRC for C2 Comms

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Krebs: Patch Tuesday, February 2026 Edition

Microsoft Is Keeping Secure Boot Alive With Windows Updates

What Organizations Need to Change When Managing Printers

2/9/2026

February 9, 2026February 9, 2026 ~ The Cyber Beat ~ Leave a comment

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

Senegal Confirms Breach of National ID Card Department After Ransomware Claims

EU, Dutch Government Announce Hacks Following Ivanti Zero-Days

European Commission Discloses Breach That Exposed Staff Data

Leaked Technical Documents Show China Rehearsing Cyberattacks on Neighbors’ Critical Infrastructure

Iran’s Digital Surveillance Machine Is Almost Complete

AI Is Here to Replace Nuclear Treaties. Scared Yet?

Researchers Find 40,000+ Exposed OpenClaw Instances

Social Media Platforms Earn Billions from Scam Ads

Hacked, Leaked, Exposed: Why You Should Never Use Stalkerware Apps

Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme

Hackers Breach SmarterTools Network Using Flaw in Its Own Software

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Discord Faces Backlash Over Age Checks After Data Breach Exposed 70,000 IDs

Payment Tech Provider for Texas, Florida Governments BridgePay Working With FBI to Resolve Ransomware Attack

Suspected Sabotage Disrupts Trains in Northern Italy as Winter Games Begin

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

BeyondTrust Warns of Critical RCE Flaw in Remote Support Software

Microsoft: Exchange Online Flags Legitimate Emails as Phishing

Russia Grants Asylum to Spanish Professor Wanted for Alleged Pro-Moscow Cyber Operations

2/6-8/2026

February 9, 2026February 9, 2026 ~ The Cyber Beat ~ Leave a comment

German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists

Norwegian Intelligence Discloses Country Hit by Salt Typhoon Campaign

Unsettled Cyber Intel Law Erodes Private-Sector Trust

U.S. Software Stocks Slammed on Mounting Fears Over AI Disruption, Lose $1 Trillion in Week

NYC Explores Using AI Cameras to Spot Subway Fare Evaders

EU Says TikTok Faces Large Fine Over “Addictive Design”

Illinois Man Pleads Guilty to Hacking Nearly 600 Women’s Snapchat Accounts

DKnife: Chinese-Made Malware Kit Targets Chinese-Based Routers and Edge Devices

Flickr Emails Users About Data Breach, PINs It on 3rd Party

Payments Platform BridgePay Confirms Ransomware Attack Behind Outage

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

CISA Warns of SmarterMail RCE Flaw Used in Ransomware Attacks

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

New Tool Blocks Imposter Attacks Disguised as Safe Commands

2/5/2026

February 5, 2026February 5, 2026 ~ The Cyber Beat ~ Leave a comment

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

Protests Don’t Impede Iranian Spying on Expats, Syrians, Israelis

Russian Hackers Attacking European Maritime and Transport Orgs Using Microsoft Office Exploit

Asia-Based Government Spies TGR-STA-1030 Quietly Broke Into Critical Networks Across 37 Countries

ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are

Smartphones Now Involved in Nearly Every Police Investigation

AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+

UNICEF Calls for Criminalization of AI Content Depicting Child Sex Abuse

Dark Patterns Undermine Security, One Click at a Time

CISA Gives Federal Agencies One Year to Rip Out End-Of-Life Devices

Spain’s Ministry of Science Shuts Down Systems After Breach Claims

Romanian Oil Pipeline Operator Conpet Discloses Cyberattack

Italian University la Sapienza Goes Offline After Cyberattack

Substack Data Breach Exposed Users’ Emails and Phone Numbers

Data Breach at Govtech Giant Conduent Balloons, Affecting Millions More Americans

Betterment Breach May Expose 1.4m Users After Social Engineering Attack

Zendesk Spam Wave Returns, Floods Users With ‘Activate Account’ Emails

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

Ransomware Gang Uses ISPsystem VMs for Stealthy Payload Delivery

Malicious Commands in GitHub Codespaces Enable RCE

2/4/2026

February 5, 2026February 5, 2026 ~ The Cyber Beat ~ Leave a comment

U.S. Used Cyber Weapons to Disrupt Iranian Air Defenses During 2025 Strikes

Ukraine Tightens Controls on Starlink Terminals to Counter Russian Drones

Italy Foiled Russia-Linked Cyberattacks on Embassies, Olympic Sites, Minister Says

…How 2026 Winter Olympics Security Is Preparing for the Opening Ceremony

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

OpenClaw’s AI ‘Skill’ Extensions Are a Security Nightmare

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Google Cloud’s Customer Chief Returns to Microsoft as Head of Security

With AI Accountability Stalling, Boards Must Push Tech Giants for Greater Transparency

Super Bowl Prepares for Potential AI Cybersecurity Threat

Owner of Incognito Dark Web Drugs Market Gets 30 Years in Prison

DragonForce Ransomware Gang Goes Full ‘Godfather’ With Cartel

Hackers Compromise NGINX Servers to Redirect User Traffic

Coinbase Confirms Insider Breach Linked to Leaked Support Tool Screenshots

Cybercrime Group Claims Responsibility for Penn Email Hack, Leaks Additional Internal Files

…Hackers Publish Personal Information Stolen During Harvard, UPenn Data Breaches

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Global SystemBC Botnet Found Active Across 10,000 Infected Systems

New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure

EDR Killer Tool Uses Signed Kernel Driver From Forensic Software

Nitrogen Ransomware Is So Broken Even the Crooks Can’t Unlock Your Files

CISA Warns of Five-Year-Old GitLab Flaw Exploited in Attacks

CISA: VMware ESXi Flaw Now Exploited in Ransomware Attacks

Critical n8n Flaws Disclosed Along With Public Exploits

2/3/2026

February 3, 2026February 5, 2026 ~ The Cyber Beat ~ Leave a comment

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days

Poland Detains Defense Ministry Employee on Suspicion of Spying for Russia

U.S. Senator Says AT&T, Verizon Blocking Release of Salt Typhoon Security Assessment Reports

CISA Official Says CIRCIA Cyber Reporting Update Is ‘Weeks’ Away

CISA Updated Ransomware Intel on 59 Bugs Last Year Without Telling Defenders

Trump Administration Eyes 10-Year Extension of Cybersecurity Law

How Data Brokers Can Fuel Violence Against Public Servants

X Marks the Raid: French Cops Swoop on Musk’s Paris Ops

…UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery

UK Investigating First Suspected Breach of Cyber Sanctions

Polish Cops Bail 20-Year-Old Bedroom Botnet Operator

Varonis to Acquire AllTrue as AI Security Concerns Mount

OpenAI CEO Altman Dismisses Moltbook as Likely Fad, Backs the Tech Behind It

…The Rise of Moltbook Suggests Viral AI Prompts May Be the Next Big Security Threat

Iron Mountain: Data Breach Mostly Limited to Marketing Materials

Step Finance Says Compromised Execs’ Devices Led to $40M Crypto Theft

New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials

Wave of Citrix NetScaler Scans Use Thousands of Residential Proxies

Researchers Warn of New “Vect” RaaS Variant

DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon

Critical React Native Metro Dev Server Bug Under Attack as Researchers Scream Into the Void

…Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

CISA Flags Critical SolarWinds RCE Flaw as Exploited in Attacks

SQL Injection Flaw Affects 40,000 WordPress Sites

8-Minute Access: AI Accelerates Breach of AWS Environment

Microsoft Finally Sends TLS 1.0 and 1.1 to the Cloud Retirement Home

California City Turns off Flock Cameras After Company Shared Data Without Authorization

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

Spain Will Ban Social Media for Kids Under 16

2/2/2026

February 2, 2026February 2, 2026 ~ The Cyber Beat ~ Leave a comment

Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

Notepad++ Updates Got Hijacked for Months and Could Have Spied for China

Spyware Maker Is Hijacking Diplomatic Efforts to Limit Commercial Hacking, Civil Society Warns

From Clawdbot to Moltbot to OpenClaw: Meet the AI Agent Generating Buzz and Fear Globally

…OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

…Malicious MoltBot Skills Used to Push Password-Stealing Malware

…Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site

Hackers Recruit Unhappy Insiders to Bypass Data Security

Drone Sightings Have Doubled Near UK Military Bases, Warns British Government

Krebs: Please Don’t Feed the Scattered Lapsus ShinyHunters

Hackers Attempt to Extort Parents After School Refuses to Pay Ransom Fee

StopICE Hacked to Send Alarming Text Messages, Admins Accuse Border Patrol Agent of Sabotage

Panera Bread Breach Impacts 5.1 Million Accounts, Not 14 Million Customers

McDonald’s Is Not Lovin’ Your BigMac, Happy Meal, and McNuggets McPasswords

NationStates Confirms Data Breach, Shuts Down Game Site

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

NSA Publishes New Zero Trust Implementation Guidelines

Netherlands Latest European Country to Mull Social Media Ban for Children

1/30-2/1/2026

February 2, 2026February 2, 2026 ~ The Cyber Beat ~ Leave a comment

Labyrinth Chollima Evolves into Three North Korean Hacking Groups

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

RedKitten: New AI-Developed Malware SloppyMIO Campaign Targets Iranian Protests

I Mocked the Saudi Leader on YouTube – Then My Phone Was Hacked and I Was Beaten up in London

Informant Told FBI That Jeffrey Epstein Had a ‘Personal Hacker’

Ex-Google Engineer Convicted for Stealing AI Secrets for China Startup

Coupang CEO Questioned by Police Investigating Obstruction of Probe Into Data Breach

Thoma Bravo Explores Sale of Identity Software Firm Imprivata, Sources Say

Operation Switch Off Dismantles Major Pirate TV Streaming Services

Department of Justice Seizes Domains for Bulgarian Piracy Sites

Crypto Wallets Received a Record $158 Billion in Illicit Funds Last Year

New Britain (CT) ‘Network Disruption’ Was Due to Ransomware Attack, Mayor Says

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Cloud Storage Payment Scam Floods Inboxes With Fake Renewals

National Crime Agency and NatWest Issue Joint Warning Over Invoice Fraud Threat

Exposed MongoDB Instances Still Targeted in Data Extortion Attacks

Researcher Reveals Evidence of Private Instagram Profiles Leaking Photos

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

New Apple Privacy Feature Limits Location Tracking on iPhones, iPads

AI Security Startup CEO Posts a Job. Deepfake Candidate Applies, Inner Turmoil Ensues.

Open-Source AI Is a Global Security Nightmare Waiting to Happen, Say Researchers

1/29/2026

January 29, 2026January 29, 2026 ~ The Cyber Beat ~ Leave a comment

Latvia Says Russia Remains Its Top Cyber Threat as Attacks Hit Record High

Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity

Google Disrupts Extensive Residential Proxy Networks IPIDEA

Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups

How Can CISOs Respond to Ransomware Getting More Violent?

Patch or Perish: Vulnerability Exploits Now Dominate Intrusions

An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account

Open-Source AI Models Vulnerable to Criminal Misuse, Researchers Warn

U.S. Software Stocks Slump as AI Disruption Fears Take Over

ICE Is Using Palantir’s AI Tools to Sort Through Tips

Italy’s Winter Games Security Plan Keeps U.S. ICE in Advisory Role

Cybersecurity Teams Embrace AI, Just Not at the Scale Marketing Suggests

AV Vendor eScan Goes to War With Security Shop Morphisec Over Update Server Scare

France Fines National Employment Agency €5m Over 2024 Data Breach

Cyberattack on Large Russian Bread Factory The Vladimir Bread Factory Disrupts Supply Deliveries

ShinyHunters Swipes Right on 10M Records in Alleged Dating App Match Group Data Grab

…Match Group Breach Exposes Data from Hinge, Tinder, OkCupid, and Match

Contractor Data Breach at TriZetto Provider Solutions May Have Exposed the Protected Health Info of Thousands of Central Oregonians

Fintech Marquis Blames Ransomware Breach on SonicWall Cloud Backup Hack

Initial Access Hackers TA584 Switch to Tsundere Bot for Ransomware Attacks

Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries

Hugging Face Abused to Spread Thousands of Android Malware Variants

Aisuru Botnet Sets New Record with 31.4 Tbps DDoS Attack

Ivanti Warns of Two EPMM flaws Exploited in Zero-Day Attacks

Google Rolls Out Android Theft Protection Feature Updates

New Apple Feature Will Block Cell Networks From Capturing Precise Location Data

New Microsoft Teams Feature Will Let You Report Suspicious Calls

NSA Pick Champions Foreign Spying Law as Nomination Advances

1/28/2026

January 28, 2026January 28, 2026 ~ The Cyber Beat ~ Leave a comment

Cyberattack on Polish Energy Grid Impacted Around 30 Facilities

Ransomware Crims Forced to Take Off-RAMP as FBI Seizes Forum

Virginia Man & Empire Cybercrime Market Owner, with Partner from Florida, Pleads Guilty to Drug Conspiracy

Teen Swatting Suspects Arrested in Hungary and Romania

Slovakian Man Pleads Guilty to Operating Darknet Marketplace

OpenAI’s ChatGPT’s Ad Costs Are on Par With Live NFL Broadcasts

Ex-Palantir Engineer Raises $40 Million for Cyber Startup Outtake, With Backing From Microsoft CEO Nadella

Trump’s Acting Cybersecurity Chief Madhu Gottumukkala Uploaded Sensitive Government Docs to ChatGPT

eScan Confirms Update Server Breached to Push Malicious Update

Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign

Hackers Hijack Exposed LLM Endpoints in Bizarre Bazaar Operation

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

Autonomous System Uncovers Long-Standing OpenSSL Flaws

SolarWinds Warns of Critical Web Help Desk RCE, Auth Bypass Flaws

Critical and High Severity n8n Sandbox Flaws Allow RCE

UK Leaders Warned Country Risks ‘Absorbing’ Cyber and Hybrid Attacks Without Offensive Deterrence

FTC Commissioner Says Online Age Verification ‘Offers a Better Way’ to Protect Kids

1/27/2026

January 27, 2026January 27, 2026 ~ The Cyber Beat ~ Leave a comment

Chinese Mustang Panda Hackers Deploy Infostealers via CoolClient Backdoor

PeckBirdy Framework Tied to China-Aligned Cyber Campaigns

Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities

Over 80% of Ethical Hackers Now Use AI

Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce

He Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive

WhatsApp’s New ‘Lockdown’ Settings Add Another Layer of Protection Against Cyberattacks

France to Replace U.S. Videoconferencing Wares With Unfortunately Named Sovereign Alternative

Private Equity Firm Audax Group Seeks Over $1.5 Billion for BlueCat Networks

U.S. Charges 31 More Suspects Linked to Tren de Aragua ATM Malware Attacks

Chinese Money Launderers Moved More Than $16 Billion of Illicit Crypto in 2025, Report Finds

Let Them Eat Sourdough: ShinyHunters Claims Panera Bread as Stolen Credentials Victim

Nike Investigates Data Breach After Extortion Gang Leaks Files

Russian Security Systems Firm Delta Hit by Cyberattack, Services Disrupted

Ransomware Attacks Hits Winona County (MN)

Have I Been Pwned: SoundCloud Data Breach Impacts 29.8 Million Accounts

New Malware Service ‘Stanley’ Guarantees Phishing Extensions on Chrome Web Store

WinRAR Path Traversal Flaw Still Exploited by Numerous Hackers

Fortinet Blocks Exploited FortiCloud SSO Zero Day Until Patch is ready

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

Critical Sandbox Escape Flaw Found in Popular vm2 NodeJS Library

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

UK Plans Sweeping Overhaul of Policing Amid Surge in Online Crimes

1/26/2026

January 26, 2026January 26, 2026 ~ The Cyber Beat ~ Leave a comment

Krebs: Who Operates the Badbox 2.0 Botnet?

Deepfake ‘Nudify’ Technology Is Getting Darker—And More Dangerous

EU Launches Investigation Into X Over Grok-Generated Sexual Images

2025 Was a Wake-up Call to Protect Human Decisions, Not Just Systems

CISA Releases List of Post-Quantum Cryptography Product Categories

Upwind Raises $250 Million to Expand Cloud Security

Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline

Google Agrees to Pay $68 Million to Settle Voice Recording Lawsuit

Judge Awards British Critic of Saudis $4.1 Million, Finds the Regime Hacked His Devices

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

New ClickFix Attacks Abuse Windows App-V Scripts to Push Malware

eScan Antivirus Supply Chain Breach Delivers Signed Malware

Researchers Uncover “Haxor” SEO Poisoning Marketplace

Cloudflare Misconfiguration Behind Recent BGP Route Leak

Hackers Can Bypass npm’s Shai-Hulud Defenses via Git Dependencies

Microsoft Patches Actively Exploited Office Zero-Day Vulnerability

Supreme Court to Hear Facebook Pixel Tracking Case

Romania Probes Two Suspects Over Alleged Hitman-For-Hire Website

1/23-25/2026

January 25, 2026January 25, 2026 ~ The Cyber Beat ~ Leave a comment

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

Konni Hackers Target Blockchain Engineers With AI-Built Malware

Millions of People Imperiled Through Sign-in Links Sent by SMS

Gmail’s Spam Filter and Automatic Sorting Are Broken

Ring Can Verify Videos Now, but That Might Not Help You With Most AI Fakes

TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order

U.S. to Deport Venezuelans Who Emptied Bank ATMs Using Malware

UK Border Tech Budget Swells by £100M as Home Office Targets Small Boat Crossings

Germany Expels Russian Diplomat Accused of Spying on Ukraine War Effort

China Investigates Top General Zhang Youxia in Rare Purge of Senior Military Leaders

U.S. Storm Leaves 850,000 Without Power, Forces 10,000 Flight Cancellations

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

Cyberattack Disrupts Digital Systems at Renowned Dresden Museum Network

149 Million Usernames and Passwords Exposed by Unsecured Database

ShinyHunters Claims Okta Customer Breaches, Leaks Data Belonging to 3 Orgs

Nike Probing Potential Security Incident as Hackers Threaten to Leak Data

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Malicious AI Extensions on VSCode Marketplace Steal Developer Data

Fortinet Confirms Critical FortiCloud Auth Bypass Not Fully Patched

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

Hackers Get $1,047,000 for 76 Zero-Days at Pwn2Own Automotive 2026

1/22/2026

January 22, 2026January 22, 2026 ~ The Cyber Beat ~ Leave a comment

From a Whisper to a Scream: Europe Frets About Overreliance on U.S. Tech

Risky Chinese Electric Buses Spark Aussie Gov’t Review

Spanish Judge Closes NSO Group Spyware Probe Due to Lack of Cooperation From Israel

Claude’s New AI File-Creation Feature Ships With Security Risks Built In

Crims Compromised Energy Firms’ Microsoft Accounts, Sent 600 Phishing Emails

Microsoft Teams to Add Brand Impersonation Warnings to Calls

1Password Is Introducing a New Phishing Prevention Feature

House of Lords Backs Legislation to Ban Social Media for Children Under 16

Bank of England: Financial Sector Failing to Implement Basic Cybersecurity Controls

Over 160,000 Companies Notify Regulators of GDPR Breaches

Europe’s GDPR Cops Dished Out €1.2B in Fines Last Year as Data Breaches Piled Up

INC Ransomware Opsec Fail Allowed Data Recovery for 12 U.S. Orgs

Hackers Breach Fortinet FortiGate Devices, Steal Firewall Configs

…Fortinet Firewalls Hit With Malicious Configuration Changes

Jordan Used Cellebrite Phone-Hacking Tools Against Activists Critical of Gaza War, Report Finds

Okta SSO Accounts Targeted in Vishing-Based Data Theft Attacks

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

Critical Appsmith Flaw Enables Account Takeovers

Hackers Exploit 29 Zero-Days on Second Day of Pwn2Own Automotive

Curl Ending Bug Bounty Program After Flood of AI Slop Reports

1/21/2026

January 21, 2026January 21, 2026 ~ The Cyber Beat ~ Leave a comment

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

Phishing and Spoofed Sites Remain Primary Entry Points For Olympics

Hackers Exploit Security Testing Apps to Breach Fortune 500 Firms

Fortinet Admins Report Patched FortiGate Firewalls Getting Hacked

New Android Malware Uses AI to Click on Hidden Browser Ads

Greek Police Arrest Scammers Using Fake Cell Tower Hidden in Car Trunk

Ireland Wants to Give Its Cops Spyware, Ability to Crack Encrypted Messages

EU Unveils Cybersecurity Overhaul with Proposed Update to Cybersecurity Act

UK’s NCC Group to Sell Escode for $369.4 Million

Everest Ransomware Gang Said to Be Sitting on Mountain of Under Armour Data

Online Retailer PcComponentes Says Data Breach Claims are Fake

Peruvian Loan Scam Harvests Cards and PINs via Fake Applications

LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Cisco Fixes Unified Communications RCE Zero Day Exploited in Attacks

Tesla Hacked, 37 Zero-Days Demoed at Pwn2Own Automotive 2026

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

1/20/2026

January 20, 2026January 20, 2026 ~ The Cyber Beat ~ Leave a comment

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

EU Plan to Phase-Out High-Risk Tech Draws Fire From China’s Huawei

Greece, Israel to Cooperate on Anti-Drone Systems, Cybersecurity, Greek Minister Says

Krebs: Kimwolf Botnet Lurking in Corporate, Gov’t Networks

UK Launches Landmark ‘Report Fraud’ Service to Tackle Cybercrime and Fraud

Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion

Cyber Risks Among CEOs’ Top Worries Amid Weak Short Term Growth Outlook

AI Supercharges Attacks in Cybercrime’s New ‘Fifth Wave’

VoidLink Cloud Malware Shows Clear Signs of Being AI-Generated

True Agentic AI Is Years Away – Here’s Why and How We Get There

Supreme Court to Consider Whether Geofence Warrants Are Constitutional

UK Says It Will Consider Banning Social Media for Children

Hackers Target Afghan Government Workers With Fake Correspondence From Senior Officials

Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs

Numerous Mass Spam Attacks Leverage Zendesk Instances

UStrive Security Lapse Exposed Personal Data of Its Users, Including Children

Minnesota Department of Human Services Data Breach Affects Over 300K Individuals

Everest Ransomware Claims McDonalds India Breach Involving Customer Data

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

ACF Plugin Bug Gives Hackers Admin on 50,000 WordPress Sites

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

Lawmakers Move to Extend Two Cyber Programs (Again) in Funding Proposal