Cybersecurity News, Threats & Vulnerability Alerts
Chinese APT Targets Asian Organizations in Multi-Year Campaign
Palo Alto Networks Unit 42 discovered a previously unknown Chinese threat group conducting multi-year espionage operations across Asia's critical sectors.
Hackers Exploit .arpa DNS to Bypass Email Security
Threat actors abuse special-use .arpa domains and IPv6 reverse DNS to evade phishing detection systems and email gateways.
Cognizant TriZetto breach exposes 3.4M patient records
Healthcare IT provider TriZetto Provider Solutions disclosed a data breach affecting 3.4 million patients' sensitive medical information on March 6.
North Korean IT Workers Use AI to Enhance Remote Job Scams
North Korean operatives leverage AI face-swapping and automated tools to infiltrate Western companies through sophisticated remote work fraud schemes.
China APT Targets South American Telecom Infrastructure
China-linked UAT-9244 threat group compromises telecommunications networks across South America using three custom implants since 2024.
ClickFix Campaign Exploits Windows Terminal for Lumma Stealer
Microsoft reveals new ClickFix social engineering attack using Windows Terminal to deploy Lumma Stealer malware in February 2026.
CISA Adds Hikvision, Rockwell Flaws to KEV Catalog
CISA added two actively exploited vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities catalog on March 6.
Wikipedia Hit by Self-Propagating JavaScript Worm
Wikimedia Foundation confirms JavaScript worm vandalized pages and modified user scripts across multiple wikis on March 5.
WordPress Plugin Bug Lets Hackers Create Admin Accounts
Critical flaw in User Registration plugin affects 60,000+ WordPress sites, enabling unauthorized admin account creation.
APT41-Linked Silver Dragon Hits EU and Asian Governments
New APT41-affiliated threat group Silver Dragon targets government networks across Europe and Southeast Asia using phishing and legitimate services.
OpenClaw AI Critical RCE Flaw Patched — All Developers Must Update Immediately
OpenClaw developers released an emergency security patch on March 2, 2026, fixing a critical remote code execution (RCE) vulnerability in their widely-adopted AI agent development platform. The flaw, discovered via responsible disclosure, exposed AI systems to remote attack. Immediate update required.
Cisco Confirms Active Exploitation of Max-Severity CVE
Cisco confirms active exploitation of maximum-severity vulnerability CVE-2026-20127 by sophisticated attackers leaving minimal forensic evidence.
North Korean Hackers Use Fake Next.js Repos in Job Scams
North Korean threat actors deploy malicious Next.js repositories through fake job recruitment campaigns to gain persistent access to developer systems.
Interpol Operation Recovers $4.3M in African Cybercrime Bust
African law enforcement agencies partnered with Interpol to recover over $4.3 million from cybercrime operations across the continent.
Lazarus Group 2026: North Korea Deploys Medusa Ransomware and Backdoors in Global Cyberattacks
In 2026, North Korea's Lazarus Group expanded its arsenal by integrating Medusa ransomware, the Blindingcan RAT, and Comebacker backdoor in global cyberattack campaigns targeting finance, defense, and critical infrastructure worldwide. Security researchers from Dark Reading confirm this major tactical evolution.