Top Security News for Today
Pwning Supercomputers - A 20yo vulnerability in Munge
https://www.reddit.com/r/netsec/comments/1r3kavf/pwning_supercomputers_a_20yo_vulnerability_in/
Europe must adapt to ‘permanent’ cyber and hybrid threats, Sweden warns
https://therecord.media/sweden-cyber-threats-europe-permanent
US needs to impose ‘real costs’ on bad actors, State Department cyber official says
https://therecord.media/usa-cyber-actors-consequences
CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks
https://therecord.media/cisa-orders-federal-agencies-to-patch-solarwinds-microsoft-apple-bugs
Estonia spy chief calls on Europe to invest in its own offensive cyber capabilities
https://therecord.media/estonia-spy-chief-calls-on-europe-to-invest-in-own-offense
Brutus: Open-source credential testing tool for offensive security
https://www.reddit.com/r/netsec/comments/1r3s9wo/brutus_opensource_credential_testing_tool_for/
China may be rehearsing a digital siege, Taiwan warns
https://therecord.media/china-taiwan-digital-siege-munich
NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief
https://therecord.media/nato-must-impost-costs-russia-china-cyber-hybrid-deputy-secretary
EU can’t be ‘naive’ about enemies shutting down critical infrastructure, warns tech official
https://therecord.media/eu-cyber-critical-infrastructure-tech
Space emerges as new front in great power competition, officials warn
https://therecord.media/space-cybersecurity-new-front-war
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Pwning Supercomputers - A 20yo vulnerability in Munge
https://www.reddit.com/r/netsec/comments/1r3kavf/pwning_supercomputers_a_20yo_vulnerability_in/
Europe must adapt to ‘permanent’ cyber and hybrid threats, Sweden warns
https://therecord.media/sweden-cyber-threats-europe-permanent
US needs to impose ‘real costs’ on bad actors, State Department cyber official says
https://therecord.media/usa-cyber-actors-consequences
CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks
https://therecord.media/cisa-orders-federal-agencies-to-patch-solarwinds-microsoft-apple-bugs
Estonia spy chief calls on Europe to invest in its own offensive cyber capabilities
https://therecord.media/estonia-spy-chief-calls-on-europe-to-invest-in-own-offense
Brutus: Open-source credential testing tool for offensive security
https://www.reddit.com/r/netsec/comments/1r3s9wo/brutus_opensource_credential_testing_tool_for/
China may be rehearsing a digital siege, Taiwan warns
https://therecord.media/china-taiwan-digital-siege-munich
NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief
https://therecord.media/nato-must-impost-costs-russia-china-cyber-hybrid-deputy-secretary
EU can’t be ‘naive’ about enemies shutting down critical infrastructure, warns tech official
https://therecord.media/eu-cyber-critical-infrastructure-tech
Space emerges as new front in great power competition, officials warn
https://therecord.media/space-cybersecurity-new-front-war
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Pwning Supercomputers - A 20yo vulnerability in Munge
Explore this post and more from the netsec community
Top Security News for Today
Hacking a pharmacy to get free prescription drugs and more
https://www.reddit.com/r/netsec/comments/1r4kmv7/hacking_a_pharmacy_to_get_free_prescription_drugs/
I’m building graph-based compliance risk engine, looking for honest feedback
https://www.reddit.com/r/netsec/comments/1r4nud6/im_building_graphbased_compliance_risk_engine/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2026/02/upcoming-speaking-engagements-53.html
Abuse-prevention design: using IP reputation as one signal in signup defense-in-depth
https://www.reddit.com/r/netsec/comments/1r4qcry/abuseprevention_design_using_ip_reputation_as_one/
Cloudflare Pages “Continue Read” Redirect Kit Abused for Phishing, Adware, and Malware Delivery
https://www.reddit.com/r/netsec/comments/1r4u08r/cloudflare_pages_continue_read_redirect_kit/
First Ever OffSec USA Chapter Meetup - DMV Area!
https://www.reddit.com/r/netsec/comments/1r51491/first_ever_offsec_usa_chapter_meetup_dmv_area/
Introducing IDA-Free-MCP: mcp server for IDA Free version (native)
https://www.reddit.com/r/netsec/comments/1r57sow/introducing_idafreemcp_mcp_server_for_ida_free/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Hacking a pharmacy to get free prescription drugs and more
https://www.reddit.com/r/netsec/comments/1r4kmv7/hacking_a_pharmacy_to_get_free_prescription_drugs/
I’m building graph-based compliance risk engine, looking for honest feedback
https://www.reddit.com/r/netsec/comments/1r4nud6/im_building_graphbased_compliance_risk_engine/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2026/02/upcoming-speaking-engagements-53.html
Abuse-prevention design: using IP reputation as one signal in signup defense-in-depth
https://www.reddit.com/r/netsec/comments/1r4qcry/abuseprevention_design_using_ip_reputation_as_one/
Cloudflare Pages “Continue Read” Redirect Kit Abused for Phishing, Adware, and Malware Delivery
https://www.reddit.com/r/netsec/comments/1r4u08r/cloudflare_pages_continue_read_redirect_kit/
First Ever OffSec USA Chapter Meetup - DMV Area!
https://www.reddit.com/r/netsec/comments/1r51491/first_ever_offsec_usa_chapter_meetup_dmv_area/
Introducing IDA-Free-MCP: mcp server for IDA Free version (native)
https://www.reddit.com/r/netsec/comments/1r57sow/introducing_idafreemcp_mcp_server_for_ida_free/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Hacking a pharmacy to get free prescription drugs and more
Explore this post and more from the netsec community
Top Security News for Today
Product engineering teams must own supply chain risk
https://www.reddit.com/r/netsec/comments/1r5fa5e/product_engineering_teams_must_own_supply_chain/
I built a free, open-source platform to learn GenAI security, learning content + hands-on labs against real LLMs (beta, looking for feedback)
https://www.reddit.com/r/netsec/comments/1r5sdlo/i_built_a_free_opensource_platform_to_learn_genai/
Understanding stack of a process
https://www.reddit.com/r/lowlevel/comments/1r5i426/understanding_stack_of_a_process/
Your code. Your rules.
https://www.reddit.com/r/lowlevel/comments/1r62391/your_code_your_rules/
sandboxec: A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
https://www.reddit.com/r/netsec/comments/1r640ry/sandboxec_a_lightweight_command_sandbox_for_linux/
Architectural Isolation Tradeoffs in the OpenClaw Ecosystem After CVE-2026-25253
https://www.reddit.com/r/netsec/comments/1r63te8/architectural_isolation_tradeoffs_in_the_openclaw/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Product engineering teams must own supply chain risk
https://www.reddit.com/r/netsec/comments/1r5fa5e/product_engineering_teams_must_own_supply_chain/
I built a free, open-source platform to learn GenAI security, learning content + hands-on labs against real LLMs (beta, looking for feedback)
https://www.reddit.com/r/netsec/comments/1r5sdlo/i_built_a_free_opensource_platform_to_learn_genai/
Understanding stack of a process
https://www.reddit.com/r/lowlevel/comments/1r5i426/understanding_stack_of_a_process/
Your code. Your rules.
https://www.reddit.com/r/lowlevel/comments/1r62391/your_code_your_rules/
sandboxec: A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
https://www.reddit.com/r/netsec/comments/1r640ry/sandboxec_a_lightweight_command_sandbox_for_linux/
Architectural Isolation Tradeoffs in the OpenClaw Ecosystem After CVE-2026-25253
https://www.reddit.com/r/netsec/comments/1r63te8/architectural_isolation_tradeoffs_in_the_openclaw/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: [ Removed by moderator ]
Posted by ArtisticProgrammer11 - 14 votes and 0 comments
Top Security News for Today
Starlink restrictions hit Russian forces as Moscow seeks workarounds
https://therecord.media/starlink-restrictions-hit-russian-forces
Over 500,000 VKontakte accounts hijacked through malicious Chrome extensions
https://therecord.media/500000-vkontakte-accounts-hijacked-chrome-extensions
New Joomla! Novarain/Tassos Framework Vulnerabilities Advisory
https://www.reddit.com/r/netsec/comments/1r64yhj/new_joomla_novaraintassos_framework/
sandboxec: A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
https://www.reddit.com/r/netsec/comments/1r640ry/sandboxec_a_lightweight_command_sandbox_for_linux/
[Analysis] Massive Active GitHub Malware Campaign | Hundreds of Malicious Repositories Identified
https://www.reddit.com/r/netsec/comments/1r66u2r/analysis_massive_active_github_malware_campaign/
The Promptware Kill Chain
https://www.schneier.com/blog/archives/2026/02/the-promptware-kill-chain.html
When Audits Fail Part 2: From Pre-Auth SSRF to RCE in TRUfusion Enterprise
https://www.reddit.com/r/netsec/comments/1r6l5e3/when_audits_fail_part_2_from_preauth_ssrf_to_rce/
Almost Impossible: Java Deserialization Through Broken Crypto in OpenText Directory Services
https://www.reddit.com/r/netsec/comments/1r6r7no/almost_impossible_java_deserialization_through/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Starlink restrictions hit Russian forces as Moscow seeks workarounds
https://therecord.media/starlink-restrictions-hit-russian-forces
Over 500,000 VKontakte accounts hijacked through malicious Chrome extensions
https://therecord.media/500000-vkontakte-accounts-hijacked-chrome-extensions
New Joomla! Novarain/Tassos Framework Vulnerabilities Advisory
https://www.reddit.com/r/netsec/comments/1r64yhj/new_joomla_novaraintassos_framework/
sandboxec: A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
https://www.reddit.com/r/netsec/comments/1r640ry/sandboxec_a_lightweight_command_sandbox_for_linux/
[Analysis] Massive Active GitHub Malware Campaign | Hundreds of Malicious Repositories Identified
https://www.reddit.com/r/netsec/comments/1r66u2r/analysis_massive_active_github_malware_campaign/
The Promptware Kill Chain
https://www.schneier.com/blog/archives/2026/02/the-promptware-kill-chain.html
When Audits Fail Part 2: From Pre-Auth SSRF to RCE in TRUfusion Enterprise
https://www.reddit.com/r/netsec/comments/1r6l5e3/when_audits_fail_part_2_from_preauth_ssrf_to_rce/
Almost Impossible: Java Deserialization Through Broken Crypto in OpenText Directory Services
https://www.reddit.com/r/netsec/comments/1r6r7no/almost_impossible_java_deserialization_through/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Starlink restrictions hit Russian forces as Moscow seeks workarounds
Ukraine's security service said Russia was trying to recruit locals to help restore access to blocked Starlink satellite internet terminals.
Top Security News for Today
Dutch police arrest man who refused to delete confidential files shared by mistake
https://therecord.media/netherlands-arrest-confidential-files-police
Hackers target supporters of Iran protests in new espionage campaign
https://therecord.media/hackers-target-iran-protest-supporters-cyber-campaign
AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future Of AI Driven Attacks
https://research.checkpoint.com/2026/ai-in-the-middle-turning-web-based-ai-services-into-c2-proxies-the-future-of-ai-driven-attacks/
Unify now or pay later: New research exposes the operational cost of a fragmented SOC
https://www.microsoft.com/en-us/security/blog/2026/02/17/unify-now-or-pay-later-new-research-exposes-the-operational-cost-of-a-fragmented-soc/
Assessing Spear-Phishing Website Generation in Large Language Model Coding Agents
https://arxiv.org/abs/2602.13363
Unsafer in Many Turns: Benchmarking and Defending Multi-Turn Safety Risks in Tool-Using Agents
https://arxiv.org/abs/2602.13379
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Dutch police arrest man who refused to delete confidential files shared by mistake
https://therecord.media/netherlands-arrest-confidential-files-police
Hackers target supporters of Iran protests in new espionage campaign
https://therecord.media/hackers-target-iran-protest-supporters-cyber-campaign
AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future Of AI Driven Attacks
https://research.checkpoint.com/2026/ai-in-the-middle-turning-web-based-ai-services-into-c2-proxies-the-future-of-ai-driven-attacks/
Unify now or pay later: New research exposes the operational cost of a fragmented SOC
https://www.microsoft.com/en-us/security/blog/2026/02/17/unify-now-or-pay-later-new-research-exposes-the-operational-cost-of-a-fragmented-soc/
Assessing Spear-Phishing Website Generation in Large Language Model Coding Agents
https://arxiv.org/abs/2602.13363
Unsafer in Many Turns: Benchmarking and Defending Multi-Turn Safety Risks in Tool-Using Agents
https://arxiv.org/abs/2602.13379
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Dutch police arrest man who refused to delete confidential files shared by mistake
Dutch police have arrested a 40-year-old man who refused to delete confidential documents law enforcement accidentally sent to him.
Top Security News for Today
Predator spyware used to infect phone belonging to Angolan journalist, report says
https://therecord.media/predator-spyware-used-to-infect-phone-angola-journalist
AI Found Twelve New Vulnerabilities in OpenSSL
https://www.schneier.com/blog/archives/2026/02/ai-found-twelve-new-vulnerabilities-in-openssl.html
Poland bans Chinese-made cars from entering military sites
https://therecord.media/poland-bans-chinese-made-cars-from-military-sites
New backdoor found in Android tablets targeting users in Russia, Germany and Japan
https://therecord.media/new-backdoor-found-in-android-russia-japan-brazil
Texas sues TP-Link, alleging it allows China to hack into routers
https://therecord.media/texas-sues-tp-link-china-allegations
Fed agencies ordered to patch Dell bug by Saturday after exploitation warning
https://therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning
State of Passkey Authentication in the Wild: A Census of the Top 100K sites
https://arxiv.org/abs/2602.15032
Exploiting Layer-Specific Vulnerabilities to Backdoor Attack in Federated Learning
https://arxiv.org/abs/2602.15135
Weight space Detection of Backdoors in LoRA Adapters
https://arxiv.org/abs/2602.15161
EduResearchBench: A Hierarchical Atomic Task Decomposition Benchmark for Full-Lifecycle Educational Research
https://arxiv.org/abs/2602.15195
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Predator spyware used to infect phone belonging to Angolan journalist, report says
https://therecord.media/predator-spyware-used-to-infect-phone-angola-journalist
AI Found Twelve New Vulnerabilities in OpenSSL
https://www.schneier.com/blog/archives/2026/02/ai-found-twelve-new-vulnerabilities-in-openssl.html
Poland bans Chinese-made cars from entering military sites
https://therecord.media/poland-bans-chinese-made-cars-from-military-sites
New backdoor found in Android tablets targeting users in Russia, Germany and Japan
https://therecord.media/new-backdoor-found-in-android-russia-japan-brazil
Texas sues TP-Link, alleging it allows China to hack into routers
https://therecord.media/texas-sues-tp-link-china-allegations
Fed agencies ordered to patch Dell bug by Saturday after exploitation warning
https://therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning
State of Passkey Authentication in the Wild: A Census of the Top 100K sites
https://arxiv.org/abs/2602.15032
Exploiting Layer-Specific Vulnerabilities to Backdoor Attack in Federated Learning
https://arxiv.org/abs/2602.15135
Weight space Detection of Backdoors in LoRA Adapters
https://arxiv.org/abs/2602.15161
EduResearchBench: A Hierarchical Atomic Task Decomposition Benchmark for Full-Lifecycle Educational Research
https://arxiv.org/abs/2602.15195
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Predator spyware used to infect phone belonging to Angolan journalist, report says
The finding is the latest evidence that despite being placed on the U.S. government’s Entity List in July 2023, Predator manufacturer the Intellexa Consortium has continued to operate in the shadows.
Top Security News for Today
Arkanix Stealer: a C++ & Python infostealer
https://securelist.com/arkanix-stealer/119006/
Attackers breach France’s national bank account database
https://therecord.media/attackers-breach-france-national-bank-account-database
Ransomware gang threatens Cheyenne and Arapaho Tribes after shutting down schools
https://therecord.media/cheyenne-arapaho-ransomware-rhysida
[DroidGround Demo](https://www.reddit.com/r/netsec/comments/1r8u940/droidground_demo/)
https://www.reddit.com/r/netsec/comments/1r8u940/droidground_demo/
[Compromising Cline's Production Releases just by Prompting an Issue Triager](https://www.reddit.com/r/netsec/comments/1r8vdkb/compromising_clines_production_releases_just_by/)
https://www.reddit.com/r/netsec/comments/1r8vdkb/compromising_clines_production_releases_just_by/
[Malicious AI](https://www.schneier.com/blog/archives/2026/02/malicious-ai.html)
https://www.schneier.com/blog/archives/2026/02/malicious-ai.html
[Kimwolf Botnet Swamps Anonymity Network I2P](https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/)
https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Arkanix Stealer: a C++ & Python infostealer
https://securelist.com/arkanix-stealer/119006/
Attackers breach France’s national bank account database
https://therecord.media/attackers-breach-france-national-bank-account-database
Ransomware gang threatens Cheyenne and Arapaho Tribes after shutting down schools
https://therecord.media/cheyenne-arapaho-ransomware-rhysida
[DroidGround Demo](https://www.reddit.com/r/netsec/comments/1r8u940/droidground_demo/)
https://www.reddit.com/r/netsec/comments/1r8u940/droidground_demo/
[Compromising Cline's Production Releases just by Prompting an Issue Triager](https://www.reddit.com/r/netsec/comments/1r8vdkb/compromising_clines_production_releases_just_by/)
https://www.reddit.com/r/netsec/comments/1r8vdkb/compromising_clines_production_releases_just_by/
[Malicious AI](https://www.schneier.com/blog/archives/2026/02/malicious-ai.html)
https://www.schneier.com/blog/archives/2026/02/malicious-ai.html
[Kimwolf Botnet Swamps Anonymity Network I2P](https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/)
https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Your AD password complexity policies are security theater — one RPC call bypasses all of them (PoC scripts + defense included)
https://www.reddit.com/r/netsec/comments/1r9qkpl/your_ad_password_complexity_policies_are_security/
Hackers breach contractor linked to Ukraine’s central bank collectible coin store
https://therecord.media/hackers-breach-ukraine-national-bank-contractor
Discovery & Analysis of CVE-2025-29969
https://www.reddit.com/r/netsec/comments/1r9th6w/discovery_analysis_of_cve202529969/
Building CrowdStrike workflows with Claude Code skills
https://www.reddit.com/r/netsec/comments/1r9s0ah/building_crowdstrike_workflows_with_claude_code/
Ring Cancels Its Partnership with Flock
https://www.schneier.com/blog/archives/2026/02/ring-cancels-its-partnership-with-flock.html
Russia stepping up hybrid attacks, preparing for long standoff with West, Dutch intelligence warns
https://therecord.media/russia-cyberattacks-europe-warfare
In Memoriam: Jason Snitker, a.k.a. Parmaster. RIP Legend
https://www.reddit.com/r/netsec/comments/1r9wmyj/in_memoriam_jason_snitker_aka_parmaster_rip_legend/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Your AD password complexity policies are security theater — one RPC call bypasses all of them (PoC scripts + defense included)
https://www.reddit.com/r/netsec/comments/1r9qkpl/your_ad_password_complexity_policies_are_security/
Hackers breach contractor linked to Ukraine’s central bank collectible coin store
https://therecord.media/hackers-breach-ukraine-national-bank-contractor
Discovery & Analysis of CVE-2025-29969
https://www.reddit.com/r/netsec/comments/1r9th6w/discovery_analysis_of_cve202529969/
Building CrowdStrike workflows with Claude Code skills
https://www.reddit.com/r/netsec/comments/1r9s0ah/building_crowdstrike_workflows_with_claude_code/
Ring Cancels Its Partnership with Flock
https://www.schneier.com/blog/archives/2026/02/ring-cancels-its-partnership-with-flock.html
Russia stepping up hybrid attacks, preparing for long standoff with West, Dutch intelligence warns
https://therecord.media/russia-cyberattacks-europe-warfare
In Memoriam: Jason Snitker, a.k.a. Parmaster. RIP Legend
https://www.reddit.com/r/netsec/comments/1r9wmyj/in_memoriam_jason_snitker_aka_parmaster_rip_legend/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Your AD password complexity policies are security theater — one RPC call bypasses all of them…
Posted by Suitable-Baker7584 - 1 vote and 1 comment
Top Security News for Today
'Starkiller’ Phishing Service Proxies Real Login Pages, MFA
https://krebsonsecurity.com/2026/02/starkiller-phishing-service-proxies-real-login-pages-mfa/
Large-scale online deanonymization with LLMs
https://arxiv.org/abs/2602.16800
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
'Starkiller’ Phishing Service Proxies Real Login Pages, MFA
https://krebsonsecurity.com/2026/02/starkiller-phishing-service-proxies-real-login-pages-mfa/
Large-scale online deanonymization with LLMs
https://arxiv.org/abs/2602.16800
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Krebs on Security
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep…
Top Security News for Today
How a single typo led to RCE in Firefox
https://www.reddit.com/r/netsec/comments/1rbjdso/how_a_single_typo_led_to_rce_in_firefox/
Malicious Chrome extension targeting Apple App Store Connect developers through fake ASO service - full analysis
https://www.reddit.com/r/netsec/comments/1rbzbyv/malicious_chrome_extension_targeting_apple_app/
Scary datapoints re network visibility in Dragos annual report on OT cyberattacks
https://www.reddit.com/r/netsec/comments/1rc6t3w/scary_datapoints_re_network_visibility_in_dragos/
I built a network security analyzer using information geometry (Riemannian manifolds) instead of traditional rule-based detection
https://www.reddit.com/r/netsec/comments/1rc91zq/i_built_a_network_security_analyzer_using/
Large-scale online deanonymization with LLMs
https://arxiv.org/abs/2602.16800
Variational approach to nonholonomic and inequality-constrained mechanics
https://arxiv.org/abs/2409.11063
23rd February – Threat Intelligence Report
https://research.checkpoint.com/2026/23rd-february-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How a single typo led to RCE in Firefox
https://www.reddit.com/r/netsec/comments/1rbjdso/how_a_single_typo_led_to_rce_in_firefox/
Malicious Chrome extension targeting Apple App Store Connect developers through fake ASO service - full analysis
https://www.reddit.com/r/netsec/comments/1rbzbyv/malicious_chrome_extension_targeting_apple_app/
Scary datapoints re network visibility in Dragos annual report on OT cyberattacks
https://www.reddit.com/r/netsec/comments/1rc6t3w/scary_datapoints_re_network_visibility_in_dragos/
I built a network security analyzer using information geometry (Riemannian manifolds) instead of traditional rule-based detection
https://www.reddit.com/r/netsec/comments/1rc91zq/i_built_a_network_security_analyzer_using/
Large-scale online deanonymization with LLMs
https://arxiv.org/abs/2602.16800
Variational approach to nonholonomic and inequality-constrained mechanics
https://arxiv.org/abs/2409.11063
23rd February – Threat Intelligence Report
https://research.checkpoint.com/2026/23rd-february-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How a single typo led to RCE in Firefox
Explore this post and more from the netsec community
Top Security News for Today
Scary datapoints re network visibility in Dragos annual report on OT cyberattacks
https://therecord.media/data-protection-authorities-warn-ai-companies-of-sharing-images
Ransomware gangs advancing Moscow’s geopolitical aims, Romanian cyber chief warns
https://therecord.media/ransomware-gangs-advancing-moscow-geopolitical-interests-warns-romania
Ukraine says cyberattacks on energy grid now used to guide missile strikes
https://therecord.media/ukraine-cyberattacks-guiding-russian-missile-strikes
On the Security of Password Managers
https://www.schneier.com/blog/archives/2026/02/on-the-security-of-password-managers.html
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer
https://www.trendmicro.com/en_us/research/26/b/openclaw-skills-used-to-distribute-atomic-macos-stealer.html
Air Côte d'Ivoire confirms cyberattack following ransomware claims
https://therecord.media/air-cote-divoire-confirms-cyberattack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Scary datapoints re network visibility in Dragos annual report on OT cyberattacks
https://therecord.media/data-protection-authorities-warn-ai-companies-of-sharing-images
Ransomware gangs advancing Moscow’s geopolitical aims, Romanian cyber chief warns
https://therecord.media/ransomware-gangs-advancing-moscow-geopolitical-interests-warns-romania
Ukraine says cyberattacks on energy grid now used to guide missile strikes
https://therecord.media/ukraine-cyberattacks-guiding-russian-missile-strikes
On the Security of Password Managers
https://www.schneier.com/blog/archives/2026/02/on-the-security-of-password-managers.html
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer
https://www.trendmicro.com/en_us/research/26/b/openclaw-skills-used-to-distribute-atomic-macos-stealer.html
Air Côte d'Ivoire confirms cyberattack following ransomware claims
https://therecord.media/air-cote-divoire-confirms-cyberattack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Global data protection authorities warn generative AI companies against replicating real people
The joint statement comes on the heels of the Grok AI chatbot creating and sharing millions of images of “nudified” real people.
Top Security News for Today
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
https://therecord.media/north-korean-hackers-using-medusa-ransomware
Is AI Good for Democracy?
https://www.schneier.com/blog/archives/2026/02/is-ai-good-for-democracy.html
Ukraine pushes tighter Telegram regulation, citing Russian recruitment of locals
https://therecord.media/ukraine-telegram-regulation-russia-sabotage-recruitment
UAE claims it stopped ‘terrorist’ ransomware attack
https://therecord.media/uae-claims-it-stopped-terrorist-ransomware-attack
Scaling security operations with Microsoft Defender autonomous defense and expert-led services
https://www.microsoft.com/en-us/security/blog/2026/02/24/scaling-security-operations-with-microsoft-defender-autonomous-defense-and-expert-led-services/
Goodbye innerHTML, Hello setHTML: Stronger XSS Protection in Firefox 148 – Mozilla Hacks - the Web developer blog
https://www.reddit.com/r/netsec/comments/1rdi8m9/goodbye_innerhtml_hello_sethtml_stronger_xss/
Crypto platform Step Finance shutting down after $40 million theft
https://therecord.media/step-finance-cryptocurrency-theft-shutdown
Reddit fined $20 million by UK for not effectively checking users’ ages
https://therecord.media/reddit-children-age-checks-uk-ico-fine
US ‘committed’ to fighting transnational gangs behind Southeast Asian scam compounds: FBI
https://therecord.media/us-committed-to-fighting-southeast-asia-scam-compounds
Phishing operation with links to Russia, Armenia compromised Western cargo companies, researchers find
https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargoDCInject: Persistent Backdoor Attacks via Frequency Manipulation in Personal Federated Learning
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
https://therecord.media/north-korean-hackers-using-medusa-ransomware
Is AI Good for Democracy?
https://www.schneier.com/blog/archives/2026/02/is-ai-good-for-democracy.html
Ukraine pushes tighter Telegram regulation, citing Russian recruitment of locals
https://therecord.media/ukraine-telegram-regulation-russia-sabotage-recruitment
UAE claims it stopped ‘terrorist’ ransomware attack
https://therecord.media/uae-claims-it-stopped-terrorist-ransomware-attack
Scaling security operations with Microsoft Defender autonomous defense and expert-led services
https://www.microsoft.com/en-us/security/blog/2026/02/24/scaling-security-operations-with-microsoft-defender-autonomous-defense-and-expert-led-services/
Goodbye innerHTML, Hello setHTML: Stronger XSS Protection in Firefox 148 – Mozilla Hacks - the Web developer blog
https://www.reddit.com/r/netsec/comments/1rdi8m9/goodbye_innerhtml_hello_sethtml_stronger_xss/
Crypto platform Step Finance shutting down after $40 million theft
https://therecord.media/step-finance-cryptocurrency-theft-shutdown
Reddit fined $20 million by UK for not effectively checking users’ ages
https://therecord.media/reddit-children-age-checks-uk-ico-fine
US ‘committed’ to fighting transnational gangs behind Southeast Asian scam compounds: FBI
https://therecord.media/us-committed-to-fighting-southeast-asia-scam-compounds
Phishing operation with links to Russia, Armenia compromised Western cargo companies, researchers find
https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargoDCInject: Persistent Backdoor Attacks via Frequency Manipulation in Personal Federated Learning
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
Cybersecurity researchers said they saw Medusa attacks launched by members of Lazarus — a well-known North Korean hacking operation housed within the country’s military — against a company in the Middle East and a healthcare organization in the U.S.
Top Security News for Today
Moscow man accused of posing as FSB officer to extort Conti ransomware gang
https://therecord.media/moscow-man-accused-of-extorting-conti-gang
Chinese prosecutors raise alarm about growth of domestic IP theft
https://therecord.media/china-domestic-ip-theft-crackdown
Medical device firm UFP says backup data systems deployed following cyberattack
https://therecord.media/ufp-technologies-medical-devices-sec-filing-cyberattack
PowerSchool, Chicago Public Schools to settle student data privacy lawsuit for $17 million
https://therecord.media/powerschool-cps-settle-proposed-class-action
Five Eyes allies warn hackers are actively exploiting Cisco SD-WAN flaws
https://therecord.media/five-eyes-warn-hackers-exploit-cisco-sd-wan
Discord puts global age verification policy on hold after backlash
https://therecord.media/discord-age-verification-policy-on-hold-after-backlash
Starkiller Phishing Kit: Why MFA Fails Against Real-Time Reverse Proxies — Technical Analysis + Rust PoC for TLS Fingerprinting
https://www.reddit.com/r/netsec/comments/1re5gds/starkiller_phishing_kit_why_mfa_fails_against/
TURN Server Security Best Practices - hardening checklist, IP range tables, and deployment patterns
https://www.reddit.com/r/netsec/comments/1re9az6/turn_server_security_best_practices_hardening/
Poisoning AI Training Data
https://www.schneier.com/blog/archives/2026/02/poisoning-ai-training-data.html
I rendered 1,418 Unicode confusable pairs across 230 system fonts. 82 are pixel-identical, and the font your site uses determines which ones.
https://www.reddit.com/r/netsec/comments/1rebvdc/i_rendered_1418_unicode_confusable_pairs_across/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Moscow man accused of posing as FSB officer to extort Conti ransomware gang
https://therecord.media/moscow-man-accused-of-extorting-conti-gang
Chinese prosecutors raise alarm about growth of domestic IP theft
https://therecord.media/china-domestic-ip-theft-crackdown
Medical device firm UFP says backup data systems deployed following cyberattack
https://therecord.media/ufp-technologies-medical-devices-sec-filing-cyberattack
PowerSchool, Chicago Public Schools to settle student data privacy lawsuit for $17 million
https://therecord.media/powerschool-cps-settle-proposed-class-action
Five Eyes allies warn hackers are actively exploiting Cisco SD-WAN flaws
https://therecord.media/five-eyes-warn-hackers-exploit-cisco-sd-wan
Discord puts global age verification policy on hold after backlash
https://therecord.media/discord-age-verification-policy-on-hold-after-backlash
Starkiller Phishing Kit: Why MFA Fails Against Real-Time Reverse Proxies — Technical Analysis + Rust PoC for TLS Fingerprinting
https://www.reddit.com/r/netsec/comments/1re5gds/starkiller_phishing_kit_why_mfa_fails_against/
TURN Server Security Best Practices - hardening checklist, IP range tables, and deployment patterns
https://www.reddit.com/r/netsec/comments/1re9az6/turn_server_security_best_practices_hardening/
Poisoning AI Training Data
https://www.schneier.com/blog/archives/2026/02/poisoning-ai-training-data.html
I rendered 1,418 Unicode confusable pairs across 230 system fonts. 82 are pixel-identical, and the font your site uses determines which ones.
https://www.reddit.com/r/netsec/comments/1rebvdc/i_rendered_1418_unicode_confusable_pairs_across/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Moscow man accused of posing as FSB officer to extort Conti ransomware gang
A Moscow resident has been accused of trying to extort money from the notorious Conti ransomware group by posing as an officer of Russia’s Federal Security Service, according to local media reports.
Top Security News for Today
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
https://therecord.media/ransomware-payments-chainalysis-cybercrime
Google disrupts China-linked cyberespionage campaign spanning dozens of countries
https://therecord.media/china-cyber-espionage-google-disrupt
Google API Keys Weren't Secrets. But then Gemini Changed the Rules.
https://www.reddit.com/r/netsec/comments/1rf61kl/google_api_keys_werent_secrets_but_then_gemini/
LLMs Generate Predictable Passwords
https://www.schneier.com/blog/archives/2026/02/llms-generate-predictable-passwords.html
Threat modeling AI applications
https://www.microsoft.com/en-us/security/blog/2026/02/26/threat-modeling-ai-applications/
Introducing CloudFox GCP: Attack Path Identification for Google Cloud
https://bishopfox.com/blog/introducing-cloudfox-gcp-attack-path-identification-for-google-cloud
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
https://therecord.media/ransomware-payments-chainalysis-cybercrime
Google disrupts China-linked cyberespionage campaign spanning dozens of countries
https://therecord.media/china-cyber-espionage-google-disrupt
Google API Keys Weren't Secrets. But then Gemini Changed the Rules.
https://www.reddit.com/r/netsec/comments/1rf61kl/google_api_keys_werent_secrets_but_then_gemini/
LLMs Generate Predictable Passwords
https://www.schneier.com/blog/archives/2026/02/llms-generate-predictable-passwords.html
Threat modeling AI applications
https://www.microsoft.com/en-us/security/blog/2026/02/26/threat-modeling-ai-applications/
Introducing CloudFox GCP: Attack Path Identification for Google Cloud
https://bishopfox.com/blog/introducing-cloudfox-gcp-attack-path-identification-for-google-cloud
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
The rate at which ransomware victims paid cybercriminals fell last year while the overall number of attacks ballooned, Chainalysis found.
Top Security News for Today
We scanned 6,500+ ClawHub skills. 36% have security flaws. Built a Free Community run scanner to catch them before they execute
https://www.reddit.com/r/netsec/comments/1rg0ijo/we_scanned_6500_clawhub_skills_36_have_security/
Why Tehran’s Two-Tiered Internet Is So Dangerous
https://www.schneier.com/blog/archives/2026/02/why_tehrans_two_tiered_internet_is_so_dangerous.html
Phishing Attacks Against People Seeking Programming Jobs
https://www.schneier.com/blog/archives/2026/02/phishing_attacks_against_people_seeking_programming_jobs.html
Uncovering a Global macOS Malware Campaign
https://www.reddit.com/r/netsec/comments/1rg3zmd/uncovering_a_global_macos_malware_campaign/
Twitch Ships Server-Side Eppo Keys in Its iOS App, Exposing Its Entire Product Roadmap
https://www.reddit.com/r/netsec/comments/1rg6mid/twitch_ships_serverside_eppo_keys_in_its_ios_app/
Instagram to start alerting parents when children search for terms relating to self-harm
https://therecord.media/instagram-alert-parents-children-search-terms-self-harm
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
We scanned 6,500+ ClawHub skills. 36% have security flaws. Built a Free Community run scanner to catch them before they execute
https://www.reddit.com/r/netsec/comments/1rg0ijo/we_scanned_6500_clawhub_skills_36_have_security/
Why Tehran’s Two-Tiered Internet Is So Dangerous
https://www.schneier.com/blog/archives/2026/02/why_tehrans_two_tiered_internet_is_so_dangerous.html
Phishing Attacks Against People Seeking Programming Jobs
https://www.schneier.com/blog/archives/2026/02/phishing_attacks_against_people_seeking_programming_jobs.html
Uncovering a Global macOS Malware Campaign
https://www.reddit.com/r/netsec/comments/1rg3zmd/uncovering_a_global_macos_malware_campaign/
Twitch Ships Server-Side Eppo Keys in Its iOS App, Exposing Its Entire Product Roadmap
https://www.reddit.com/r/netsec/comments/1rg6mid/twitch_ships_serverside_eppo_keys_in_its_ios_app/
Instagram to start alerting parents when children search for terms relating to self-harm
https://therecord.media/instagram-alert-parents-children-search-terms-self-harm
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: We scanned 6,500+ ClawHub skills. 36% have security flaws. Built a Free Community run scanner…
Posted by kinso1338 - 14 votes and 1 comment
Top Security News for Today
Who is the Kimwolf Botmaster “Dort”?
https://krebsonsecurity.com/2026/02/who-is-the-kimwolf-botmaster-dort/
I used MCP Ghidra and Claude Code to find 9 kernel driver vulnerabilities on my gaming laptop
https://www.reddit.com/r/netsec/comments/1rh50yi/i_used_mcp_ghidra_and_claude_code_to_find_9/
Network Security News Feed
https://www.reddit.com/r/netsec/comments/1rhd7j8/network_security_news_feed/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Who is the Kimwolf Botmaster “Dort”?
https://krebsonsecurity.com/2026/02/who-is-the-kimwolf-botmaster-dort/
I used MCP Ghidra and Claude Code to find 9 kernel driver vulnerabilities on my gaming laptop
https://www.reddit.com/r/netsec/comments/1rh50yi/i_used_mcp_ghidra_and_claude_code_to_find_9/
Network Security News Feed
https://www.reddit.com/r/netsec/comments/1rhd7j8/network_security_news_feed/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Krebs on Security
Who is the Kimwolf Botmaster “Dort”?
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle…
Top Security News for Today
Compositional-ARC: Assessing Systematic Generalization in Abstract Spatial Reasoning
https://arxiv.org/abs/2504.01445
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1rhyn04/rnetsec_monthly_discussion_tool_thread/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Compositional-ARC: Assessing Systematic Generalization in Abstract Spatial Reasoning
https://arxiv.org/abs/2504.01445
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1rhyn04/rnetsec_monthly_discussion_tool_thread/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Compositional-ARC: Assessing Systematic Generalization in Abstract...
Systematic generalization refers to the capacity to understand and generate novel combinations from known components. Despite recent progress by large language models (LLMs) across various...
Top Security News for Today
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
https://therecord.media/cyberattack-briefly-takes-down-russian-government-websites
LLM-Assisted Deanonymization
https://www.schneier.com/blog/archives/2026/03/llm-assisted-deanonymization.html
German court convicts alleged mastermind behind global investment scam network
https://therecord.media/german-court-convicts-alleged-mastermind-scam-network
British organizations urged to be alert to threat of Iranian cyberattacks
https://therecord.media/iran-britain-cyber-threats-warning
Free browser-based steganography CTF generator create challenges with randomized encoding pipelines, auto-generated solutions, and progressive hints
https://www.reddit.com/r/netsec/comments/1rivnn2/free_browserbased_steganography_ctf_generator/
Google and Cloudflare testing Merkel Tree Certificates instead of normal signatures for TLS
https://www.reddit.com/r/netsec/comments/1riw5km/google_and_cloudflare_testing_merkel_tree/
Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka
https://therecord.media/india-pakistan-cyber-campaign-apt
University of Hawaiʻi Cancer Center confirms data leak following ransomware attack
https://therecord.media/university-of-hawaii-ransomware-data-breach
OAuth redirection abuse enables phishing and malware delivery
https://www.microsoft.com/en-us/security/blog/2026/03/02/oauth-redirection-abuse-enables-phishing-malware-delivery/
2nd March – Threat Intelligence Report
https://research.checkpoint.com/2026/2nd-march-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
https://therecord.media/cyberattack-briefly-takes-down-russian-government-websites
LLM-Assisted Deanonymization
https://www.schneier.com/blog/archives/2026/03/llm-assisted-deanonymization.html
German court convicts alleged mastermind behind global investment scam network
https://therecord.media/german-court-convicts-alleged-mastermind-scam-network
British organizations urged to be alert to threat of Iranian cyberattacks
https://therecord.media/iran-britain-cyber-threats-warning
Free browser-based steganography CTF generator create challenges with randomized encoding pipelines, auto-generated solutions, and progressive hints
https://www.reddit.com/r/netsec/comments/1rivnn2/free_browserbased_steganography_ctf_generator/
Google and Cloudflare testing Merkel Tree Certificates instead of normal signatures for TLS
https://www.reddit.com/r/netsec/comments/1riw5km/google_and_cloudflare_testing_merkel_tree/
Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka
https://therecord.media/india-pakistan-cyber-campaign-apt
University of Hawaiʻi Cancer Center confirms data leak following ransomware attack
https://therecord.media/university-of-hawaii-ransomware-data-breach
OAuth redirection abuse enables phishing and malware delivery
https://www.microsoft.com/en-us/security/blog/2026/03/02/oauth-redirection-abuse-enables-phishing-malware-delivery/
2nd March – Threat Intelligence Report
https://research.checkpoint.com/2026/2nd-march-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
Russia’s internet regulator and defense ministry said their servers were hit by a large DDoS attack that briefly disrupted access to several government websites late last week.
Top Security News for Today
Google urges Supreme Court to strike down geofence warrants as unconstitutional
https://therecord.media/google-urges-supreme-court-strike-down-geolocation-warrants
Iranian drone strikes hit Amazon data centers in Gulf, disrupting cloud services
https://therecord.media/iran-drone-strikes-hit-amazon-data-centers-gulf
Florida woman gets 2 year sentence for trafficking Microsoft software labels
https://therecord.media/florida-woman-sentenced-reselling-microsoft-labels
Built a free live CVE intelligence dashboard — looking for feedback
https://www.reddit.com/r/netsec/comments/1rjo4do/built_a_free_live_cve_intelligence_dashboard/
Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1rjqfwy/sometimes_you_can_just_feel_the_security_in_the/
Silver Dragon Targets Organizations in Southeast Asia and Europe
https://research.checkpoint.com/2026/silver-dragon-targets-organizations-in-southeast-asia-and-europe/
Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow
https://www.clearskysec.com/russian-campaign-targeting-ukraine-badpaw-and-meowmeow/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Google urges Supreme Court to strike down geofence warrants as unconstitutional
https://therecord.media/google-urges-supreme-court-strike-down-geolocation-warrants
Iranian drone strikes hit Amazon data centers in Gulf, disrupting cloud services
https://therecord.media/iran-drone-strikes-hit-amazon-data-centers-gulf
Florida woman gets 2 year sentence for trafficking Microsoft software labels
https://therecord.media/florida-woman-sentenced-reselling-microsoft-labels
Built a free live CVE intelligence dashboard — looking for feedback
https://www.reddit.com/r/netsec/comments/1rjo4do/built_a_free_live_cve_intelligence_dashboard/
Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1rjqfwy/sometimes_you_can_just_feel_the_security_in_the/
Silver Dragon Targets Organizations in Southeast Asia and Europe
https://research.checkpoint.com/2026/silver-dragon-targets-organizations-in-southeast-asia-and-europe/
Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow
https://www.clearskysec.com/russian-campaign-targeting-ukraine-badpaw-and-meowmeow/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Google urges Supreme Court to strike down geofence warrants as unconstitutional
In its amicus brief, Google called the warrants a violation of people’s rights and said that in recent months it has objected to more than 3,000 geofence warrants on constitutional grounds.
Top Security News for Today
A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate devices across 55 countries. No zero-days. Just weak passwords and an AI copilot. Full breakdown of CyberStrikeAI, the developer's MSS ties, and all 21 server IOCs.
https://www.reddit.com/r/netsec/comments/1rkl6zz/a_single_operator_with_basic_skills_used_an/
Using Zeek with AWS Traffic Mirroring and Kafka
https://www.reddit.com/r/netsec/comments/1rkha18/using_zeek_with_aws_traffic_mirroring_and_kafka/
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
https://www.microsoft.com/en-us/security/blog/2026/03/04/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/
Mobile malware evolution in 2025
https://securelist.com/mobile-threat-report-2025/119076/
Russian hackers deploy new malware in phishing campaign targeting Ukraine
https://therecord.media/russian-ukraine-hackers-malware
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
https://therecord.media/leakbase-cybercrime-fbi-europe-takedown
Manipulating AI Summarization Features
https://www.schneier.com/blog/archives/2026/03/manipulating-ai-summarization-features.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate devices across 55 countries. No zero-days. Just weak passwords and an AI copilot. Full breakdown of CyberStrikeAI, the developer's MSS ties, and all 21 server IOCs.
https://www.reddit.com/r/netsec/comments/1rkl6zz/a_single_operator_with_basic_skills_used_an/
Using Zeek with AWS Traffic Mirroring and Kafka
https://www.reddit.com/r/netsec/comments/1rkha18/using_zeek_with_aws_traffic_mirroring_and_kafka/
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
https://www.microsoft.com/en-us/security/blog/2026/03/04/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/
Mobile malware evolution in 2025
https://securelist.com/mobile-threat-report-2025/119076/
Russian hackers deploy new malware in phishing campaign targeting Ukraine
https://therecord.media/russian-ukraine-hackers-malware
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
https://therecord.media/leakbase-cybercrime-fbi-europe-takedown
Manipulating AI Summarization Features
https://www.schneier.com/blog/archives/2026/03/manipulating-ai-summarization-features.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate…
Explore this post and more from the netsec community
Top Security News for Today
Police dismantle major phishing platform blamed for attacks on hospitals and schools
https://therecord.media/police-dismantle-tycoon-2fa-phishing-platform
We at Codeant found a bug in pac4j-jwt (auth bypass)
https://www.reddit.com/r/netsec/comments/1rlbb2k/we_at_codeant_found_a_bug_in_pac4jjwt_auth_bypass/
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
https://therecord.media/62-indicted-taiwan-prince-group-scams
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
https://www.schneier.com/blog/archives/2026/03/hacked-app-part-of-us-israeli-propaganda-campaign-against-iran.html
Google says 90 zero-days exploited in 2025 as commercial vendor activity grows
https://www.record.media/google-says-90-zero-days-exploited-apt-spyware-vendors
Malicious AI Assistant Extensions Harvest LLM Chat Histories
https://www.microsoft.com/en-us/security/blog/2026/03/05/malicious-ai-assistant-extensions-harvest-llm-chat-histories/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Police dismantle major phishing platform blamed for attacks on hospitals and schools
https://therecord.media/police-dismantle-tycoon-2fa-phishing-platform
We at Codeant found a bug in pac4j-jwt (auth bypass)
https://www.reddit.com/r/netsec/comments/1rlbb2k/we_at_codeant_found_a_bug_in_pac4jjwt_auth_bypass/
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
https://therecord.media/62-indicted-taiwan-prince-group-scams
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
https://www.schneier.com/blog/archives/2026/03/hacked-app-part-of-us-israeli-propaganda-campaign-against-iran.html
Google says 90 zero-days exploited in 2025 as commercial vendor activity grows
https://www.record.media/google-says-90-zero-days-exploited-apt-spyware-vendors
Malicious AI Assistant Extensions Harvest LLM Chat Histories
https://www.microsoft.com/en-us/security/blog/2026/03/05/malicious-ai-assistant-extensions-harvest-llm-chat-histories/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Police dismantle major phishing platform blamed for attacks on hospitals and schools
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday.