Cybersecurity News, Threats & Vulnerability Alerts
Russian APT Targets Ukrainian Defense with New Malware
Russian-linked threat actors launched a fresh campaign against Ukrainian entities in February 2026, deploying new malware variants.
Poland Nuclear Research Center Hit by Cyberattack
Poland's nuclear research facility suffered a cyberattack with initial evidence pointing to Iranian threat actors.
Loblaw Data Breach Exposes Customer Personal Information
Canadian retail giant Loblaw disclosed a data breach affecting customer names, email addresses, and phone numbers accessed by unauthorized attackers.
Microsoft Patches Windows 11 Enterprise Hotpatch Flaw
Microsoft issued an emergency out-of-band update fixing security vulnerabilities in Windows 11 Enterprise hotpatch systems.
China's CNCERT Warns of OpenClaw AI Agent Security Flaws
China's cybersecurity agency alerts organizations about critical security weaknesses in OpenClaw autonomous AI agent platform configurations.
AppsFlyer Web SDK Hijacked in Supply Chain Attack
AppsFlyer's Web SDK was compromised with malicious code designed to steal cryptocurrency from users' wallets.
HPE AOS-CX Flaw Lets Attackers Reset Admin Passwords
Critical HPE AOS-CX vulnerability enables remote attackers to bypass authentication and reset administrator passwords without credentials.
FBI Probes 8 Malicious Steam Games Spreading Malware
FBI launches investigation into eight Steam games containing malware, seeking victim information from affected gamers.
China-Linked APT Targets Southeast Asian Military Since 2020
Palo Alto Networks Unit 42 exposes CL-STA-1087, a China-based cyber espionage group targeting Southeast Asian military organizations since 2020.
Poland Nuclear Research Centre Blocks Cyberattack
Poland's National Centre for Nuclear Research detected and stopped hackers targeting its IT infrastructure on March 13, 2026.
Interpol Sinks 45,000 Criminal IPs in Global Crackdown
Operation Synergia III dismantled cybercrime infrastructure across 95 countries, sinkholing 45,000 malicious IP addresses and seizing 59 servers.
Storm-2561 Distributes Fake VPN Clients to Steal Credentials
Threat group Storm-2561 uses fake Ivanti, Cisco, and Fortinet VPN installers to harvest enterprise credentials through SEO poisoning attacks.
CrackArmor Flaws Let Attackers Bypass Linux Kernel Security
Nine vulnerabilities in Linux AppArmor module allow unprivileged users to escalate privileges and break container isolation.
Starbucks Data Breach Exposes Employee Personal Info
Starbucks disclosed a data breach affecting hundreds of employees after attackers accessed Partner Central accounts containing personal information.
Google Patches Two Chrome Zero-Days Under Active Attack
Google released emergency Chrome updates on March 13, 2026, fixing two high-severity vulnerabilities actively exploited by attackers.
Loblaw Logs Out All Users After Security Incident
Canadian retailer Loblaw automatically logged out all digital account holders following an unspecified security incident discovered March 12.
England Hockey Probes AiLock Ransomware Attack Claims
England Hockey investigates potential data breach after AiLock ransomware group lists the sports governing body as victim on March 12, 2026.
AI-Generated Slopoly Malware Powers Interlock Ransomware
Hackers deployed AI-created Slopoly malware to maintain week-long server access during Interlock ransomware attacks targeting multiple organizations.
Veeam Patches Four Critical RCE Flaws in Backup Software
Veeam Software fixed four critical remote code execution vulnerabilities in its Backup & Replication solution on March 12, 2026.
US-Europe Task Force Shuts Down SocksEscort Proxy Network
International law enforcement disrupted SocksEscort proxy network exploiting Linux devices through AVRecon malware on March 12, 2026.
Telus Digital Confirms Breach After 1 Petabyte Data Theft
Canadian BPO giant Telus Digital confirmed a security breach after hackers claimed stealing nearly 1 petabyte of data over multiple months.