-
Threat intelligence researchers at Team Cymru have uncovered an open-source AI-powered offensive security tool called CyberStrikeAI, actively used to target Fortinet FortiGate devices at scale, with its developer carrying suspected ties to China’…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On Feb. 28, 2026, the United States and Israel launched coordinated military operations against Iran, codenamed Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel, opening a new phase where cyber operations are tightly coupled with ki…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in the MS-Agent framework, a lightweight software tool used to build and run autonomous AI agents. Tracked as CVE-2026-2256, this command injection flaw allows remote attackers to hijack these AI agents, pot…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed “malext,” which steals sensitive data such as browser credential…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) “PKI, Logs, And Tre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full rep…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security flaw has been discovered in Angular, one of the most popular web application frameworks. This vulnerability, tracked as CVE-2026-27970, affects the framework’s internationalization (i18n) pipeline. If exploited, it allows…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors compromised the Aqua Trivy VS Code extension on OpenVSX by publishing malicious versions 1.8.12 and 1.8.13 on February 27-28, 2026. These versions injected prompts to hijack local AI coding tools for system reconnaissance and data exfiltr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has rolled out the highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
