-
A newly disclosed vulnerability in AWS Bedrock AgentCore Code Interpreter allows threat actors to bypass network isolation and establish stealthy command-and-control (C2) channels. AWS originally advertised this mode as providing complete isolation wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers are abusing fake court documents and GitHub‑hosted payloads in a focused spear‑phishing campaign that deploys a stealthy Rust‑based COVERT RAT against Argentina’s judicial sector. This operation chains Windows LNK shortcuts, BAT loaders, and …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iranian cyber actors are expanding operations targeting US organizations while also exploiting internet-connected cameras across the Middle East for intelligence collection and battlefield awareness. Recent incidents tied to APT group MuddyWater, camer…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has rolled out an unexpected out-of-band hotpatch, KB5084897, targeting Windows 11 versions 25H2 and 24H2. Released on March 16, 2026, this specific update resolves a highly disruptive visual bug affecting Bluetooth connectivity management. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google is warning that ransomware gangs are reinventing their business model as traditional encryption‑for‑ransom attacks become less profitable and data‑theft extortion surges. Better cybersecurity controls, improved backup strategies, and stronger r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially released a new open-source tool designed to simplify how IT and security administrators manage data governance. Announced on March 16, 2026, the DLM Diagnostics Model Context Protocol (MCP) Server brings artificial intelligence…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-32635, has been discovered in Angular, one of the world’s most widely used web application frameworks. This flaw resides in the Angular runtime and compiler and affects…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new Glassworm-linked supply chain attack has briefly turned two popular React Native npm packages into delivery vehicles for Windows credential-stealing malware. On March 16, 2026, malicious versions of AstrOOnauta’s react-native-country-select@0.3.9…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new OphimCMS supply chain attack in which six Packagist themes ship trojanized jQuery and other JavaScript to compromise site visitors rather than servers. Researchers found six malicious Composer packages under the “ophimcms” namespace on Packagist…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical vulnerability in the Wing FTP Server. On March 16, 2026, the agency officially added this security flaw to its Known Exploited Vulnerab…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
