Cybersecurity News, Threats & Vulnerability Alerts

APT28 Deploys Custom Covenant Framework for Espionage

Russian APT28 hackers modified the open-source Covenant tool for persistent espionage campaigns targeting government and defense sectors.

Evan Mael2m69

microsoft-teams March 9 — 11:50 PM

Teams Phishing Campaign Deploys A0Backdoor Malware

Hackers targeted financial and healthcare employees via Microsoft Teams to deploy A0Backdoor malware through Quick Assist remote access.

Evan Mael2m63

cloud-security March 9 — 10:45 PM

Cloud Attacks Exploit Fresh Bugs Within Days

Hackers now exploit newly disclosed third-party vulnerabilities to breach cloud environments within days instead of weeks.

Evan Mael2m62

russian-hackers March 9 — 10:24 PM

Russian hackers target Signal, WhatsApp in govt phishing

Dutch intelligence warns Russian state hackers are targeting government officials through Signal and WhatsApp phishing attacks to steal sensitive communications.

Evan Mael2m75

clickfix March 9 — 09:42 PM

ClickFix Malware Campaign Targets AI Coding Assistants

Cybercriminals launched a malvertising campaign using ClickFix techniques to exploit AI coding assistant users through fake command-line interfaces.

Evan Mael2m65

ericsson March 9 — 08:07 PM

Ericsson US Hit by Data Breach Through Service Provider

Ericsson's U.S. subsidiary disclosed a data breach on March 9, 2026, after attackers compromised a third-party service provider and stole employee and customer data.

Evan Mael2m89

npm-malware March 9 — 07:31 PM

Malicious npm Package Mimics OpenClaw AI to Deploy RAT

Cybersecurity researchers found a fake OpenClaw AI npm package that installs remote access trojans and steals data from infected systems.

Evan Mael2m68

salesforce March 9 — 06:12 PM

Salesforce warns of Experience Cloud data exposure attacks

Salesforce alerts customers about hackers exploiting misconfigured Experience Cloud platforms while ShinyHunters claims active data theft.

Evan Mael2m61

phishing March 9 — 04:30 PM

FBI Warns of Phishing Attacks Targeting Permit Applicants

FBI alerts businesses and individuals that criminals impersonate city officials in phishing campaigns targeting permit applications.

Evan Mael2m68

chrome-extensions March 9 — 11:28 AM

Chrome Extensions Turn Malicious After Ownership Transfer

Two Google Chrome extensions became malicious following ownership transfers, enabling attackers to inject code and steal user data.

Evan Mael2m94

firefox March 9 — 10:01 AM

Claude Opus 4.6 discovers 22 vulnerabilities in Firefox 148

Anthropic's Claude Opus 4.6 AI identified 22 security vulnerabilities in Firefox 148, all now fixed by Mozilla.

Evan Mael2m64

chinese-apt March 9 — 08:21 AM

Chinese APT Targets Asian Organizations in Multi-Year Campaign

Palo Alto Networks Unit 42 discovered a previously unknown Chinese threat group conducting multi-year espionage operations across Asia's critical sectors.

Evan Mael2m63

phishing March 8 — 03:12 PM

Hackers Exploit .arpa DNS to Bypass Email Security

Threat actors abuse special-use .arpa domains and IPv6 reverse DNS to evade phishing detection systems and email gateways.

Evan Mael2m62

healthcare-breach March 6 — 08:50 PM

Cognizant TriZetto breach exposes 3.4M patient records

Healthcare IT provider TriZetto Provider Solutions disclosed a data breach affecting 3.4 million patients' sensitive medical information on March 6.

Evan Mael2m66

dprk-workers March 6 — 06:49 PM

North Korean IT Workers Use AI to Enhance Remote Job Scams

North Korean operatives leverage AI face-swapping and automated tools to infiltrate Western companies through sophisticated remote work fraud schemes.

Evan Mael2m59

uat-9244 March 6 — 09:22 AM

China APT Targets South American Telecom Infrastructure

China-linked UAT-9244 threat group compromises telecommunications networks across South America using three custom implants since 2024.

Evan Mael2m58

clickfix-campaign March 6 — 07:44 AM

ClickFix Campaign Exploits Windows Terminal for Lumma Stealer

Microsoft reveals new ClickFix social engineering attack using Windows Terminal to deploy Lumma Stealer malware in February 2026.

Evan Mael2m66

cve-2017-7921 March 6 — 07:30 AM

CISA Adds Hikvision, Rockwell Flaws to KEV Catalog

CISA added two actively exploited vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities catalog on March 6.

Evan Mael2m63

javascript-worm March 5 — 09:42 PM

Wikipedia Hit by Self-Propagating JavaScript Worm

Wikimedia Foundation confirms JavaScript worm vandalized pages and modified user scripts across multiple wikis on March 5.

Evan Mael2m55

wordpress March 5 — 07:44 PM

WordPress Plugin Bug Lets Hackers Create Admin Accounts

Critical flaw in User Registration plugin affects 60,000+ WordPress sites, enabling unauthorized admin account creation.

Evan Mael2m63

apt41 March 4 — 12:26 PM

APT41-Linked Silver Dragon Hits EU and Asian Governments

New APT41-affiliated threat group Silver Dragon targets government networks across Europe and Southeast Asia using phishing and legitimate services.

Evan Mael2m61

1 2 3 4 5 6 7 8 9 10 11 12 13 14