Latest IT News, Cybersecurity Alerts & Tech Innovations
Microsoft confirms ongoing Windows 11 File Explorer flash bug
Microsoft acknowledges persistent white flash issue affecting Windows 11 File Explorer on some systems, with no timeline for complete resolution.
Chrome Extensions Turn Malicious After Ownership Transfer
Two Google Chrome extensions became malicious following ownership transfers, enabling attackers to inject code and steal user data.
Claude Opus 4.6 discovers 22 vulnerabilities in Firefox 148
Anthropic's Claude Opus 4.6 AI identified 22 security vulnerabilities in Firefox 148, all now fixed by Mozilla.
Chinese APT Targets Asian Organizations in Multi-Year Campaign
Palo Alto Networks Unit 42 discovered a previously unknown Chinese threat group conducting multi-year espionage operations across Asia's critical sectors.
Microsoft 365 Backup: Granular File and Folder Restoration Now Available for SharePoint, OneDrive & Teams
Microsoft is rolling out granular file and folder restoration in Microsoft 365 Backup, allowing IT admins to recover specific items from SharePoint, OneDrive, and Teams without restoring entire backups. A major step forward for enterprise data recovery.
Hackers Exploit .arpa DNS to Bypass Email Security
Threat actors abuse special-use .arpa domains and IPv6 reverse DNS to evade phishing detection systems and email gateways.
OpenAI Launches Codex Security AI Agent for Vulnerability Detection
OpenAI released Codex Security, an AI-powered security agent that automatically finds and fixes code vulnerabilities for enterprise customers.
Cognizant TriZetto breach exposes 3.4M patient records
Healthcare IT provider TriZetto Provider Solutions disclosed a data breach affecting 3.4 million patients' sensitive medical information on March 6.
North Korean IT Workers Use AI to Enhance Remote Job Scams
North Korean operatives leverage AI face-swapping and automated tools to infiltrate Western companies through sophisticated remote work fraud schemes.
China APT Targets South American Telecom Infrastructure
China-linked UAT-9244 threat group compromises telecommunications networks across South America using three custom implants since 2024.
ClickFix Campaign Exploits Windows Terminal for Lumma Stealer
Microsoft reveals new ClickFix social engineering attack using Windows Terminal to deploy Lumma Stealer malware in February 2026.
CISA Adds Hikvision, Rockwell Flaws to KEV Catalog
CISA added two actively exploited vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities catalog on March 6.
Wikipedia Hit by Self-Propagating JavaScript Worm
Wikimedia Foundation confirms JavaScript worm vandalized pages and modified user scripts across multiple wikis on March 5.
Windows 11 March 2026 update brings native Sysmon, WebP wallpapers
Microsoft's March 2026 Windows 11 update introduces nine new features including native Sysmon integration and WebP wallpaper support.
WordPress Plugin Bug Lets Hackers Create Admin Accounts
Critical flaw in User Registration plugin affects 60,000+ WordPress sites, enabling unauthorized admin account creation.
Windows XP Bliss Wallpaper Gets Windows 11 Bloom Remix
A creative Windows XP Bliss wallpaper remix incorporating Windows 11's Bloom design elements gains popularity on Reddit among Windows enthusiasts.
APT41-Linked Silver Dragon Hits EU and Asian Governments
New APT41-affiliated threat group Silver Dragon targets government networks across Europe and Southeast Asia using phishing and legitimate services.
Chrome switches to bi-monthly updates starting in September
Google accelerates the pace of Chrome updates by moving from a monthly cycle to a two-week cycle starting in September 2026.
OpenClaw AI Critical RCE Flaw Patched — All Developers Must Update Immediately
OpenClaw developers released an emergency security patch on March 2, 2026, fixing a critical remote code execution (RCE) vulnerability in their widely-adopted AI agent development platform. The flaw, discovered via responsible disclosure, exposed AI systems to remote attack. Immediate update required.
Cisco Confirms Active Exploitation of Max-Severity CVE
Cisco confirms active exploitation of maximum-severity vulnerability CVE-2026-20127 by sophisticated attackers leaving minimal forensic evidence.
North Korean Hackers Use Fake Next.js Repos in Job Scams
North Korean threat actors deploy malicious Next.js repositories through fake job recruitment campaigns to gain persistent access to developer systems.