Top Security News for Today
Google urges Supreme Court to strike down geofence warrants as unconstitutional
https://therecord.media/google-urges-supreme-court-strike-down-geolocation-warrants
Iranian drone strikes hit Amazon data centers in Gulf, disrupting cloud services
https://therecord.media/iran-drone-strikes-hit-amazon-data-centers-gulf
Florida woman gets 2 year sentence for trafficking Microsoft software labels
https://therecord.media/florida-woman-sentenced-reselling-microsoft-labels
Built a free live CVE intelligence dashboard — looking for feedback
https://www.reddit.com/r/netsec/comments/1rjo4do/built_a_free_live_cve_intelligence_dashboard/
Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1rjqfwy/sometimes_you_can_just_feel_the_security_in_the/
Silver Dragon Targets Organizations in Southeast Asia and Europe
https://research.checkpoint.com/2026/silver-dragon-targets-organizations-in-southeast-asia-and-europe/
Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow
https://www.clearskysec.com/russian-campaign-targeting-ukraine-badpaw-and-meowmeow/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Google urges Supreme Court to strike down geofence warrants as unconstitutional
https://therecord.media/google-urges-supreme-court-strike-down-geolocation-warrants
Iranian drone strikes hit Amazon data centers in Gulf, disrupting cloud services
https://therecord.media/iran-drone-strikes-hit-amazon-data-centers-gulf
Florida woman gets 2 year sentence for trafficking Microsoft software labels
https://therecord.media/florida-woman-sentenced-reselling-microsoft-labels
Built a free live CVE intelligence dashboard — looking for feedback
https://www.reddit.com/r/netsec/comments/1rjo4do/built_a_free_live_cve_intelligence_dashboard/
Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1rjqfwy/sometimes_you_can_just_feel_the_security_in_the/
Silver Dragon Targets Organizations in Southeast Asia and Europe
https://research.checkpoint.com/2026/silver-dragon-targets-organizations-in-southeast-asia-and-europe/
Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow
https://www.clearskysec.com/russian-campaign-targeting-ukraine-badpaw-and-meowmeow/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Google urges Supreme Court to strike down geofence warrants as unconstitutional
In its amicus brief, Google called the warrants a violation of people’s rights and said that in recent months it has objected to more than 3,000 geofence warrants on constitutional grounds.
Top Security News for Today
A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate devices across 55 countries. No zero-days. Just weak passwords and an AI copilot. Full breakdown of CyberStrikeAI, the developer's MSS ties, and all 21 server IOCs.
https://www.reddit.com/r/netsec/comments/1rkl6zz/a_single_operator_with_basic_skills_used_an/
Using Zeek with AWS Traffic Mirroring and Kafka
https://www.reddit.com/r/netsec/comments/1rkha18/using_zeek_with_aws_traffic_mirroring_and_kafka/
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
https://www.microsoft.com/en-us/security/blog/2026/03/04/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/
Mobile malware evolution in 2025
https://securelist.com/mobile-threat-report-2025/119076/
Russian hackers deploy new malware in phishing campaign targeting Ukraine
https://therecord.media/russian-ukraine-hackers-malware
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
https://therecord.media/leakbase-cybercrime-fbi-europe-takedown
Manipulating AI Summarization Features
https://www.schneier.com/blog/archives/2026/03/manipulating-ai-summarization-features.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate devices across 55 countries. No zero-days. Just weak passwords and an AI copilot. Full breakdown of CyberStrikeAI, the developer's MSS ties, and all 21 server IOCs.
https://www.reddit.com/r/netsec/comments/1rkl6zz/a_single_operator_with_basic_skills_used_an/
Using Zeek with AWS Traffic Mirroring and Kafka
https://www.reddit.com/r/netsec/comments/1rkha18/using_zeek_with_aws_traffic_mirroring_and_kafka/
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
https://www.microsoft.com/en-us/security/blog/2026/03/04/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/
Mobile malware evolution in 2025
https://securelist.com/mobile-threat-report-2025/119076/
Russian hackers deploy new malware in phishing campaign targeting Ukraine
https://therecord.media/russian-ukraine-hackers-malware
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
https://therecord.media/leakbase-cybercrime-fbi-europe-takedown
Manipulating AI Summarization Features
https://www.schneier.com/blog/archives/2026/03/manipulating-ai-summarization-features.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate…
Explore this post and more from the netsec community
Top Security News for Today
Police dismantle major phishing platform blamed for attacks on hospitals and schools
https://therecord.media/police-dismantle-tycoon-2fa-phishing-platform
We at Codeant found a bug in pac4j-jwt (auth bypass)
https://www.reddit.com/r/netsec/comments/1rlbb2k/we_at_codeant_found_a_bug_in_pac4jjwt_auth_bypass/
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
https://therecord.media/62-indicted-taiwan-prince-group-scams
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
https://www.schneier.com/blog/archives/2026/03/hacked-app-part-of-us-israeli-propaganda-campaign-against-iran.html
Google says 90 zero-days exploited in 2025 as commercial vendor activity grows
https://www.record.media/google-says-90-zero-days-exploited-apt-spyware-vendors
Malicious AI Assistant Extensions Harvest LLM Chat Histories
https://www.microsoft.com/en-us/security/blog/2026/03/05/malicious-ai-assistant-extensions-harvest-llm-chat-histories/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Police dismantle major phishing platform blamed for attacks on hospitals and schools
https://therecord.media/police-dismantle-tycoon-2fa-phishing-platform
We at Codeant found a bug in pac4j-jwt (auth bypass)
https://www.reddit.com/r/netsec/comments/1rlbb2k/we_at_codeant_found_a_bug_in_pac4jjwt_auth_bypass/
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
https://therecord.media/62-indicted-taiwan-prince-group-scams
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
https://www.schneier.com/blog/archives/2026/03/hacked-app-part-of-us-israeli-propaganda-campaign-against-iran.html
Google says 90 zero-days exploited in 2025 as commercial vendor activity grows
https://www.record.media/google-says-90-zero-days-exploited-apt-spyware-vendors
Malicious AI Assistant Extensions Harvest LLM Chat Histories
https://www.microsoft.com/en-us/security/blog/2026/03/05/malicious-ai-assistant-extensions-harvest-llm-chat-histories/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Police dismantle major phishing platform blamed for attacks on hospitals and schools
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday.
Top Security News for Today
Exploits and vulnerabilities in Q4 2025
https://securelist.com/vulnerabilities-and-exploits-in-q4-2025/119105/
Benchmark of Benchmarks: Unpacking Influence and Code Repository Quality in LLM Safety Benchmarks
https://arxiv.org/abs/2603.04459
How Effective Are Publicly Accessible Deepfake Detection Tools? A Comparative Evaluation of Open-Source and Free-to-Use Platforms
https://arxiv.org/abs/2603.04456
Beyond Input Guardrails: Reconstructing Cross-Agent Semantic Flows for Execution-Aware Attack Detection
https://arxiv.org/abs/2603.04469
Impact of 5G SA Logical Vulnerabilities on UAV Communications: Threat Models and Testbed Evaluation
https://arxiv.org/abs/2603.04662
When Denoising Becomes Unsigning: Theoretical and Empirical Analysis of Watermark Fragility Under Diffusion-Based Image Editing
https://arxiv.org/abs/2603.04696
Zombie Agents: Persistent Control of Self-Evolving LLM Agents via Self-Reinforcing Injections
https://arxiv.org/abs/2602.15654
Claude Used to Hack Mexican Government
https://www.schneier.com/blog/archives/2026/03/claude-used-to-hack-mexican-government.html
Model Context Protocol (MCP) Authentication and Authorization
https://www.reddit.com/r/netsec/comments/1rmcz6i/model_context_protocol_mcp_authentication_and/
Hardening Firefox with Anthropic’s Red Team
https://www.reddit.com/r/netsec/comments/1rmffdp/hardening_firefox_with_anthropics_red_team/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Exploits and vulnerabilities in Q4 2025
https://securelist.com/vulnerabilities-and-exploits-in-q4-2025/119105/
Benchmark of Benchmarks: Unpacking Influence and Code Repository Quality in LLM Safety Benchmarks
https://arxiv.org/abs/2603.04459
How Effective Are Publicly Accessible Deepfake Detection Tools? A Comparative Evaluation of Open-Source and Free-to-Use Platforms
https://arxiv.org/abs/2603.04456
Beyond Input Guardrails: Reconstructing Cross-Agent Semantic Flows for Execution-Aware Attack Detection
https://arxiv.org/abs/2603.04469
Impact of 5G SA Logical Vulnerabilities on UAV Communications: Threat Models and Testbed Evaluation
https://arxiv.org/abs/2603.04662
When Denoising Becomes Unsigning: Theoretical and Empirical Analysis of Watermark Fragility Under Diffusion-Based Image Editing
https://arxiv.org/abs/2603.04696
Zombie Agents: Persistent Control of Self-Evolving LLM Agents via Self-Reinforcing Injections
https://arxiv.org/abs/2602.15654
Claude Used to Hack Mexican Government
https://www.schneier.com/blog/archives/2026/03/claude-used-to-hack-mexican-government.html
Model Context Protocol (MCP) Authentication and Authorization
https://www.reddit.com/r/netsec/comments/1rmcz6i/model_context_protocol_mcp_authentication_and/
Hardening Firefox with Anthropic’s Red Team
https://www.reddit.com/r/netsec/comments/1rmffdp/hardening_firefox_with_anthropics_red_team/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Suche Low-Level Entwickler für eigenes Konsolen-Projekt
https://www.reddit.com/r/lowlevel/comments/1rn60z1/suche_lowlevel_entwickler_für_eigenes/
38 researchers red-teamed AI agents for 2 weeks. Here's what broke. (Agents of Chaos, Feb 2026)
https://www.reddit.com/r/netsec/comments/1rn4b6i/38_researchers_redteamed_ai_agents_for_2_weeks/
Walking x86-64 page tables by hand in QEMU + GDB
https://www.reddit.com/r/lowlevel/comments/1rnpoc2/walking_x8664_page_tables_by_hand_in_qemu_gdb/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Suche Low-Level Entwickler für eigenes Konsolen-Projekt
https://www.reddit.com/r/lowlevel/comments/1rn60z1/suche_lowlevel_entwickler_für_eigenes/
38 researchers red-teamed AI agents for 2 weeks. Here's what broke. (Agents of Chaos, Feb 2026)
https://www.reddit.com/r/netsec/comments/1rn4b6i/38_researchers_redteamed_ai_agents_for_2_weeks/
Walking x86-64 page tables by hand in QEMU + GDB
https://www.reddit.com/r/lowlevel/comments/1rnpoc2/walking_x8664_page_tables_by_hand_in_qemu_gdb/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the lowlevel community on Reddit
Explore this post and more from the lowlevel community
Top Security News for Today
From Chrome Extension Supply-Chain Compromise to Host Malware: Technical Breakdown of the ShotBird Campaign
https://www.reddit.com/r/netsec/comments/1rob5no/from_chrome_extension_supplychain_compromise_to/
Fake Claude Code Install Guides Spread Amatera Infostealer in New “InstallFix” Malvertising Campaign
https://www.reddit.com/r/netsec/comments/1robwok/fake_claude_code_install_guides_spread_amatera/
How AI Assistants are Moving the Security Goalposts
https://krebsonsecurity.com/2026/03/how-ai-assistants-are-moving-the-security-goalposts/
AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks
https://www.reddit.com/r/netsec/comments/1rojhfl/airsnitch_demystifying_and_breaking_client/
DumpBrowserSecrets – Browser Credential Harvesting with App-Bound Encryption Bypass
https://www.darknet.org.uk/2026/03/dumpbrowsersecrets-browser-credential-harvesting-with-app-bound-encryption-bypass/
MCP Security Checklist - 40 controls for securing AI agent tool infrastructure
https://www.reddit.com/r/netsec/comments/1roru4f/mcp_security_checklist_40_controls_for_securing/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
From Chrome Extension Supply-Chain Compromise to Host Malware: Technical Breakdown of the ShotBird Campaign
https://www.reddit.com/r/netsec/comments/1rob5no/from_chrome_extension_supplychain_compromise_to/
Fake Claude Code Install Guides Spread Amatera Infostealer in New “InstallFix” Malvertising Campaign
https://www.reddit.com/r/netsec/comments/1robwok/fake_claude_code_install_guides_spread_amatera/
How AI Assistants are Moving the Security Goalposts
https://krebsonsecurity.com/2026/03/how-ai-assistants-are-moving-the-security-goalposts/
AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks
https://www.reddit.com/r/netsec/comments/1rojhfl/airsnitch_demystifying_and_breaking_client/
DumpBrowserSecrets – Browser Credential Harvesting with App-Bound Encryption Bypass
https://www.darknet.org.uk/2026/03/dumpbrowsersecrets-browser-credential-harvesting-with-app-bound-encryption-bypass/
MCP Security Checklist - 40 controls for securing AI agent tool infrastructure
https://www.reddit.com/r/netsec/comments/1roru4f/mcp_security_checklist_40_controls_for_securing/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: From Chrome Extension Supply-Chain Compromise to Host Malware: Technical Breakdown of the…
Explore this post and more from the netsec community
Top Security News for Today
Secure agentic AI for your Frontier Transformation
https://www.microsoft.com/en-us/security/blog/2026/03/09/secure-agentic-ai-for-your-frontier-transformation/
New Attack Against Wi-Fi
https://www.schneier.com/blog/archives/2026/03/new-attack-against-wi-fi.html
How We Hacked McKinsey's AI Platform
https://www.reddit.com/r/netsec/comments/1rp0l99/how_we_hacked_mckinseys_ai_platform/
Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework
https://www.reddit.com/r/netsec/comments/1rp4lyj/sign_in_with_any_password_into_rocketchat_ee/
9th March – Threat Intelligence Report
https://research.checkpoint.com/2026/9th-march-threat-intelligence-report/
Pre-Authentication SQL Injection in FortiClient EMS 7.4.4 - CVE-2026-21643
https://bishopfox.com/blog/cve-2026-21643-pre-authentication-sql-injection-in-forticlient-ems-7-4-4
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Secure agentic AI for your Frontier Transformation
https://www.microsoft.com/en-us/security/blog/2026/03/09/secure-agentic-ai-for-your-frontier-transformation/
New Attack Against Wi-Fi
https://www.schneier.com/blog/archives/2026/03/new-attack-against-wi-fi.html
How We Hacked McKinsey's AI Platform
https://www.reddit.com/r/netsec/comments/1rp0l99/how_we_hacked_mckinseys_ai_platform/
Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework
https://www.reddit.com/r/netsec/comments/1rp4lyj/sign_in_with_any_password_into_rocketchat_ee/
9th March – Threat Intelligence Report
https://research.checkpoint.com/2026/9th-march-threat-intelligence-report/
Pre-Authentication SQL Injection in FortiClient EMS 7.4.4 - CVE-2026-21643
https://bishopfox.com/blog/cve-2026-21643-pre-authentication-sql-injection-in-forticlient-ems-7-4-4
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft News
Secure agentic AI for your Frontier Transformation
Learn more about how Microsoft Agent 365 and Microsoft 365 E7 can help secure your Frontier Transformation.
Top Security News for Today
Your Duolingo Is Still Talking to ByteDance: How Pangle Fingerprints You Across Apps After You Said No
https://www.reddit.com/r/netsec/comments/1rpqlh2/your_duolingo_is_still_talking_to_bytedance_how/
Jailbreaking the F-35 Fighter Jet
https://www.schneier.com/blog/archives/2026/03/jailbreaking-the-f-35-fighter-jet.html
BeatBanker: A dual‑mode Android Trojan
https://securelist.com/beatbanker-miner-and-banker/119121/
Russian military hackers revive advanced malware to spy on Ukraine, researchers say
https://therecord.media/russia-apt-28-revives-malware-to-spy-on-ukraine
UK plans to shift fraud fight onto telecoms, tech companies
https://therecord.media/uk-plans-to-shift-fraud-fight-to-telecoms-tech
Cybercriminals impersonating city officials to steal permit payments, FBI says
https://therecord.media/cybercriminals-impersonate-city-officials-permit-payments
CISA shortens patch deadline for critical Ivanti, SolarWinds bugs
https://therecord.media/cisa-shortens-patch-deadline-ivanti-solarwinds
Finnish intelligence warns of persistent cyber espionage from Russia, China
https://therecord.media/finnish-intel-warns-espionage-china-russia
Rudd confirmed to head NSA, Cyber Command after near year-long vacancy
https://therecord.media/rudd-confirmed-nsa-cyber-command-chief
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Your Duolingo Is Still Talking to ByteDance: How Pangle Fingerprints You Across Apps After You Said No
https://www.reddit.com/r/netsec/comments/1rpqlh2/your_duolingo_is_still_talking_to_bytedance_how/
Jailbreaking the F-35 Fighter Jet
https://www.schneier.com/blog/archives/2026/03/jailbreaking-the-f-35-fighter-jet.html
BeatBanker: A dual‑mode Android Trojan
https://securelist.com/beatbanker-miner-and-banker/119121/
Russian military hackers revive advanced malware to spy on Ukraine, researchers say
https://therecord.media/russia-apt-28-revives-malware-to-spy-on-ukraine
UK plans to shift fraud fight onto telecoms, tech companies
https://therecord.media/uk-plans-to-shift-fraud-fight-to-telecoms-tech
Cybercriminals impersonating city officials to steal permit payments, FBI says
https://therecord.media/cybercriminals-impersonate-city-officials-permit-payments
CISA shortens patch deadline for critical Ivanti, SolarWinds bugs
https://therecord.media/cisa-shortens-patch-deadline-ivanti-solarwinds
Finnish intelligence warns of persistent cyber espionage from Russia, China
https://therecord.media/finnish-intel-warns-espionage-china-russia
Rudd confirmed to head NSA, Cyber Command after near year-long vacancy
https://therecord.media/rudd-confirmed-nsa-cyber-command-chief
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Your Duolingo Is Still Talking to ByteDance: How Pangle Fingerprints You Across Apps After…
Posted by AdTemporary2475 - 165 votes and 12 comments
Top Security News for Today
Meta says it culled millions of scam ads amid accusations that it profits from them
https://therecord.media/meta-scam-advertising-crackdown
Cyberattack on ambulance provider affects 235,000
https://therecord.media/235000-affected-cyberattack-ambulance-provider
Contagious Interview: Malware delivered through fake developer job interviews
https://www.microsoft.com/en-us/security/blog/2026/03/11/contagious-interview-malware-delivered-through-fake-developer-job-interviews/
Iran-linked hackers claim cyberattack on Albania’s parliament email systems
https://therecord.media/iran-linked-hackers-claim-cyberattack-albania-parliament
Medical device giant Stryker confirms cyberattack as employees say devices were wiped
https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/
Forensic analysis of LummaC2 infection unmasks DPRK operative behind Polyfill.io supply chain attack and Gate.us infiltration
https://www.reddit.com/r/netsec/comments/1rredk3/forensic_analysis_of_lummac2_infection_unmasks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Meta says it culled millions of scam ads amid accusations that it profits from them
https://therecord.media/meta-scam-advertising-crackdown
Cyberattack on ambulance provider affects 235,000
https://therecord.media/235000-affected-cyberattack-ambulance-provider
Contagious Interview: Malware delivered through fake developer job interviews
https://www.microsoft.com/en-us/security/blog/2026/03/11/contagious-interview-malware-delivered-through-fake-developer-job-interviews/
Iran-linked hackers claim cyberattack on Albania’s parliament email systems
https://therecord.media/iran-linked-hackers-claim-cyberattack-albania-parliament
Medical device giant Stryker confirms cyberattack as employees say devices were wiped
https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/
Forensic analysis of LummaC2 infection unmasks DPRK operative behind Polyfill.io supply chain attack and Gate.us infiltration
https://www.reddit.com/r/netsec/comments/1rredk3/forensic_analysis_of_lummac2_infection_unmasks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Meta says it culled millions of scam ads amid accusations that it profits from them
Meta said it removed 159 million scam ads last year amid calls from U.S. lawmakers for an investigation into the company’s “facilitation of and profiting from” fraudulent advertising.
Top Security News for Today
MicroStealer Analysis: A Fast-Spreading Infostealer with Limited Detection
https://www.reddit.com/r/netsec/comments/1rrmv9i/microstealer_analysis_a_fastspreading_infostealer/
A Video Chat That Leaves No Trace
https://www.reddit.com/r/netsec/comments/1rrmshq/a_video_chat_that_leaves_no_trace/
Alipay (1B+ users) DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration
https://www.reddit.com/r/netsec/comments/1rrl3au/alipay_1b_users_deeplinkjsbridge_attack_chain/
CVE-2026-21509: Actively Exploited Microsoft Office Security Feature Bypass — PoC Public, CISA KEV Listed
https://www.reddit.com/r/netsec/comments/1rrof59/cve202621509_actively_exploited_microsoft_office/
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
https://www.microsoft.com/en-us/security/blog/2026/03/12/storm-2561-uses-seo-poisoning-to-distribute-fake-vpn-clients-for-credential-theft/
Fake government and Starlink apps used in malware campaign targeting Brazil
https://therecord.media/fake-gov-apps-malware-android-brazil
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
MicroStealer Analysis: A Fast-Spreading Infostealer with Limited Detection
https://www.reddit.com/r/netsec/comments/1rrmv9i/microstealer_analysis_a_fastspreading_infostealer/
A Video Chat That Leaves No Trace
https://www.reddit.com/r/netsec/comments/1rrmshq/a_video_chat_that_leaves_no_trace/
Alipay (1B+ users) DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration
https://www.reddit.com/r/netsec/comments/1rrl3au/alipay_1b_users_deeplinkjsbridge_attack_chain/
CVE-2026-21509: Actively Exploited Microsoft Office Security Feature Bypass — PoC Public, CISA KEV Listed
https://www.reddit.com/r/netsec/comments/1rrof59/cve202621509_actively_exploited_microsoft_office/
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
https://www.microsoft.com/en-us/security/blog/2026/03/12/storm-2561-uses-seo-poisoning-to-distribute-fake-vpn-clients-for-credential-theft/
Fake government and Starlink apps used in malware campaign targeting Brazil
https://therecord.media/fake-gov-apps-malware-android-brazil
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: MicroStealer Analysis: A Fast-Spreading Infostealer with Limited Detection
Explore this post and more from the netsec community
Top Security News for Today
Ransomware incident responder gave info to BlackCat cybercriminals during negotiations, DOJ alleges
https://therecord.media/ransomware-blackcat-doj-incident-responder
Winning CTFs: A Proving Ground at HackMex & Ekoparty
https://bishopfox.com/blog/winning-ctfs-a-proving-ground-at-hackmex-ekoparty
European Council includes ban on nudification tools in its proposal for amending AI Act
https://therecord.media/european-council-includes-nudification-ban-ai-act
Alipay (1B+ users) DeepLink vulnerability allows silent GPS extraction via URL - 6 regulators now investigating, vendor says normal functionality
https://www.reddit.com/r/netsec/comments/1rstjkp/alipay_1b_users_deeplink_vulnerability_allows
RegPwn - Windows LPE vulnerability (now fixed)
https://www.reddit.com/r/netsec/comments/1rstavq/regpwn_windows_lpe_vulnerability_now_fixed
CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root
https://www.reddit.com/r/netsec/comments/1rsqt48/crackarmor_critical_apparmor_flaws_enable_local
OSS Cartography can now map AI agents to cloud attack paths
https://www.reddit.com/r/netsec/comments/1rsw301/oss_cartography_can_now_map_ai_agents_to_cloud
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Ransomware incident responder gave info to BlackCat cybercriminals during negotiations, DOJ alleges
https://therecord.media/ransomware-blackcat-doj-incident-responder
Winning CTFs: A Proving Ground at HackMex & Ekoparty
https://bishopfox.com/blog/winning-ctfs-a-proving-ground-at-hackmex-ekoparty
European Council includes ban on nudification tools in its proposal for amending AI Act
https://therecord.media/european-council-includes-nudification-ban-ai-act
Alipay (1B+ users) DeepLink vulnerability allows silent GPS extraction via URL - 6 regulators now investigating, vendor says normal functionality
https://www.reddit.com/r/netsec/comments/1rstjkp/alipay_1b_users_deeplink_vulnerability_allows
RegPwn - Windows LPE vulnerability (now fixed)
https://www.reddit.com/r/netsec/comments/1rstavq/regpwn_windows_lpe_vulnerability_now_fixed
CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root
https://www.reddit.com/r/netsec/comments/1rsqt48/crackarmor_critical_apparmor_flaws_enable_local
OSS Cartography can now map AI agents to cloud attack paths
https://www.reddit.com/r/netsec/comments/1rsw301/oss_cartography_can_now_map_ai_agents_to_cloud
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Ransomware incident responder gave info to BlackCat cybercriminals during negotiations, DOJ alleges
U.S. prosecutors accused an incident responder of conducting cyberattacks and helping ransomware gangs negotiate higher payouts from the same victims he was working for.
Top Security News for Today
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2026/03/upcoming_speaking_engagements_54.html
Analysis of 1,808 MCP servers: 66% had security findings, 427 critical (tool poisoning, toxic data flows, code execution)
https://www.reddit.com/r/netsec/comments/1rtxacu/analysis_of_1808_mcp_servers_66_had_security/
Quick question for people running CrowdStrike, Zscaler, Netskope or similar in production.
https://www.reddit.com/r/netsec/comments/1ru4cwc/quick_question_for_people_running_crowdstrike/
CVE-2024-45163: Remote DoS in Mirai C2 – research writeup + what it led me to build
https://www.reddit.com/r/netsec/comments/1ru6xxl/cve202445163_remote_dos_in_mirai_c2_research/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2026/03/upcoming_speaking_engagements_54.html
Analysis of 1,808 MCP servers: 66% had security findings, 427 critical (tool poisoning, toxic data flows, code execution)
https://www.reddit.com/r/netsec/comments/1rtxacu/analysis_of_1808_mcp_servers_66_had_security/
Quick question for people running CrowdStrike, Zscaler, Netskope or similar in production.
https://www.reddit.com/r/netsec/comments/1ru4cwc/quick_question_for_people_running_crowdstrike/
CVE-2024-45163: Remote DoS in Mirai C2 – research writeup + what it led me to build
https://www.reddit.com/r/netsec/comments/1ru6xxl/cve202445163_remote_dos_in_mirai_c2_research/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
CVE-2024-45163: Remote DoS in Mirai C2 – research writeup + what it led me to build
https://arxiv.org/abs/2410.09076
Post AI Agent Hacked Amazon & McKinsey, I compiled a list of 5 situations where deploying agents can be catastrophic
https://www.reddit.com/r/netsec/comments/1ruadi9/post_ai_agent_hacked_amazon_mckinsey_i_compiled_a/
The rise of malicious repositories on GitHub
https://www.reddit.com/r/netsec/comments/1ruphzh/the_rise_of_malicious_repositories_on_github/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
CVE-2024-45163: Remote DoS in Mirai C2 – research writeup + what it led me to build
https://arxiv.org/abs/2410.09076
Post AI Agent Hacked Amazon & McKinsey, I compiled a list of 5 situations where deploying agents can be catastrophic
https://www.reddit.com/r/netsec/comments/1ruadi9/post_ai_agent_hacked_amazon_mckinsey_i_compiled_a/
The rise of malicious repositories on GitHub
https://www.reddit.com/r/netsec/comments/1ruphzh/the_rise_of_malicious_repositories_on_github/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Llettuce: An Open Source Natural Language Processing Tool for the...
This paper introduces Llettuce, an open-source tool designed to address the complexities of converting medical terms into OMOP standard concepts. Unlike existing solutions such as the Athena...
Top Security News for Today
South Korean Police Accidentally Post Cryptocurrency Wallet Password
https://www.schneier.com/blog/archives/2026/03/south-korean-police-accidentally-post-cryptocurrency-wallet-password.html
TAS-GNN: A Status-Aware Signed Graph Neural Network for Anomaly Detection in Bitcoin Trust Systems
https://arxiv.org/abs/2603.13290
Accelerating Suffix Jailbreak attacks with Prefix-Shared KV-cache
https://arxiv.org/abs/2603.13420
Agent Privilege Separation in OpenClaw: A Structural Defense Against Prompt Injection
https://arxiv.org/abs/2603.13424
Technical Case Study of Privacy-Enhancing Technologies (PETs) for Public Health
https://arxiv.org/abs/2603.13444
Purifying Generative LLMs from Backdoors without Prior Knowledge or Clean Reference
https://arxiv.org/abs/2603.13461
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
South Korean Police Accidentally Post Cryptocurrency Wallet Password
https://www.schneier.com/blog/archives/2026/03/south-korean-police-accidentally-post-cryptocurrency-wallet-password.html
TAS-GNN: A Status-Aware Signed Graph Neural Network for Anomaly Detection in Bitcoin Trust Systems
https://arxiv.org/abs/2603.13290
Accelerating Suffix Jailbreak attacks with Prefix-Shared KV-cache
https://arxiv.org/abs/2603.13420
Agent Privilege Separation in OpenClaw: A Structural Defense Against Prompt Injection
https://arxiv.org/abs/2603.13424
Technical Case Study of Privacy-Enhancing Technologies (PETs) for Public Health
https://arxiv.org/abs/2603.13444
Purifying Generative LLMs from Backdoors without Prior Knowledge or Clean Reference
https://arxiv.org/abs/2603.13461
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
South Korean Police Accidentally Post Cryptocurrency Wallet Password - Schneier on Security
An expensive mistake: Someone jumped at the opportunity to steal $4.4 million in crypto assets after South Korea’s National Tax Service exposed publicly the mnemonic recovery phrase of a seized cryptocurrency wallet. The funds were stored in a Ledger cold…
Top Security News for Today
The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution Chains) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1rwzs83/the_most_organized_threat_actors_use_your_itsm/
The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico
https://securelist.com/horabot-campaign/119033/
IdentityGuard: Context-Aware Restriction and Provenance for Personalized Synthesis
https://arxiv.org/abs/2603.15679
Quantum Key Distribution Secured Federated Learning for Channel Estimation and Radar Spectrum Sensing in 6G Networks
https://arxiv.org/abs/2603.15649
State-Dependent Safety Failures in Multi-Turn Language Model Interaction
https://arxiv.org/abs/2603.15684
BadLLM-TG: A Backdoor Defender powered by LLM Trigger Generator
https://arxiv.org/abs/2603.15692
Remarks on the Relevance of Privacy Expectations for Default Opt-out Settings
https://www.schneier.com/blog/archives/2026/03/metas-ai-glasses-and-privacy.html
Observability for AI Systems: Strengthening visibility for proactive risk detection
https://www.microsoft.com/en-us/security/blog/2026/03/18/observability-ai-systems-strengthening-visibility-proactive-risk-detection/
Bank software vendor Marquis says more than 670,000 impacted by August breach
https://therecord.media/marquis-bank-vendor-data-breach
From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA
https://www.trendmicro.com/en_us/research/26/c/from-misconfigured-spring-boot-actuator-to-sharepoint-exfiltrati.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution Chains) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1rwzs83/the_most_organized_threat_actors_use_your_itsm/
The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico
https://securelist.com/horabot-campaign/119033/
IdentityGuard: Context-Aware Restriction and Provenance for Personalized Synthesis
https://arxiv.org/abs/2603.15679
Quantum Key Distribution Secured Federated Learning for Channel Estimation and Radar Spectrum Sensing in 6G Networks
https://arxiv.org/abs/2603.15649
State-Dependent Safety Failures in Multi-Turn Language Model Interaction
https://arxiv.org/abs/2603.15684
BadLLM-TG: A Backdoor Defender powered by LLM Trigger Generator
https://arxiv.org/abs/2603.15692
Remarks on the Relevance of Privacy Expectations for Default Opt-out Settings
https://www.schneier.com/blog/archives/2026/03/metas-ai-glasses-and-privacy.html
Observability for AI Systems: Strengthening visibility for proactive risk detection
https://www.microsoft.com/en-us/security/blog/2026/03/18/observability-ai-systems-strengthening-visibility-proactive-risk-detection/
Bank software vendor Marquis says more than 670,000 impacted by August breach
https://therecord.media/marquis-bank-vendor-data-breach
From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA
https://www.trendmicro.com/en_us/research/26/c/from-misconfigured-spring-boot-actuator-to-sharepoint-exfiltrati.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution…
Explore this post and more from the netsec community
Top Security News for Today
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
https://therecord.media/russia-hackers-ukraine-zimbra-breach
When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
https://www.microsoft.com/en-us/security/blog/2026/03/19/when-tax-season-becomes-cyberattack-season-phishing-and-malware-campaigns-using-tax-related-lures/
Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon
https://therecord.media/cisco-ransomware-interlock-firewalls
Hacking a Robot Vacuum
https://www.schneier.com/blog/archives/2026/03/hacking-a-robot-vacuum.html
Adversarial attacks against Modern Vision-Language Models
https://arxiv.org/abs/2603.16938
DeepStage: Learning Autonomous Defense Policies Against Multi-Stage APT Campaigns
https://arxiv.org/abs/2603.17100
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
https://therecord.media/russia-hackers-ukraine-zimbra-breach
When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
https://www.microsoft.com/en-us/security/blog/2026/03/19/when-tax-season-becomes-cyberattack-season-phishing-and-malware-campaigns-using-tax-related-lures/
Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon
https://therecord.media/cisco-ransomware-interlock-firewalls
Hacking a Robot Vacuum
https://www.schneier.com/blog/archives/2026/03/hacking-a-robot-vacuum.html
Adversarial attacks against Modern Vision-Language Models
https://arxiv.org/abs/2603.16938
DeepStage: Learning Autonomous Defense Policies Against Multi-Stage APT Campaigns
https://arxiv.org/abs/2603.17100
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
The Russian state-backed hacker group APT28 targeted a Ukrainian government agency by exploiting a vulnerability in Zimbra webmail software.
Top Security News for Today
Man pleads guilty to $8 million AI-generated music scheme
https://therecord.media/man-pleads-guilty-8-million-ai-music-scheme
US seizes domains and infrastructure used in sprawling botnet campaigns
https://therecord.media/us-seizes-botnet-infrastructure-four-large-networks
Police dismantle dark web network exploiting child sexual abuse material
https://therecord.media/police-dismantle-dark-web-network-exploiting-child-abuse-images
California city reports ransomware attack as LA transit agency finds ‘unauthorized activity’
https://therecord.media/california-city-reports-ransomware-attack-la-metro
Secure agentic AI end-to-end
https://www.microsoft.com/en-us/security/blog/2026/03/20/secure-agentic-ai-end-to-end/
CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents
https://www.microsoft.com/en-us/security/blog/2026/03/20/cti-realm-a-new-benchmark-for-end-to-end-detection-rule-generation-with-ai-agents/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Man pleads guilty to $8 million AI-generated music scheme
https://therecord.media/man-pleads-guilty-8-million-ai-music-scheme
US seizes domains and infrastructure used in sprawling botnet campaigns
https://therecord.media/us-seizes-botnet-infrastructure-four-large-networks
Police dismantle dark web network exploiting child sexual abuse material
https://therecord.media/police-dismantle-dark-web-network-exploiting-child-abuse-images
California city reports ransomware attack as LA transit agency finds ‘unauthorized activity’
https://therecord.media/california-city-reports-ransomware-attack-la-metro
Secure agentic AI end-to-end
https://www.microsoft.com/en-us/security/blog/2026/03/20/secure-agentic-ai-end-to-end/
CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents
https://www.microsoft.com/en-us/security/blog/2026/03/20/cti-realm-a-new-benchmark-for-end-to-end-detection-rule-generation-with-ai-agents/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Man pleads guilty to $8 million AI-generated music scheme
Michael Smith, 54, admitted to inflating streaming numbers for hundreds of thousands of AI-generated songs by deploying thousands of fake accounts across major platforms, including Amazon Music, Apple Music, Spotify and YouTube Music.
Top Security News for Today
Evaluating AI and ML in Network Security: A Comprehensive Literature Review
https://www.reddit.com/r/netsec/comments/1rzji68/evaluating_ai_and_ml_in_network_security_a/
Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets Attackers
https://www.reddit.com/r/netsec/comments/1rziu2w/trivy_under_attack_again_widespread_github/
ONNX Hub silent=True suppresses all trust verification, enabling supply chain attacks on ML model loading (CVE-2026-28500, CVSS 9.1, no patch available)
https://www.reddit.com/r/netsec/comments/1s02jrq/onnx_hub_silenttrue_suppresses_all_trust/
LLVM Adventures: Fuzzing Apache Modules
https://www.reddit.com/r/netsec/comments/1s03z8j/llvm_adventures_fuzzing_apache_modules/
Agent skill marketplace supply chain attack: 121 skills across 7 repos vulnerable to GitHub username hijacking, 5 scanners disagree by 10x on malicious skill rates (arXiv:2603.16572)
https://www.reddit.com/r/netsec/comments/1s0dmuv/agent_skill_marketplace_supply_chain_attack_121/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Evaluating AI and ML in Network Security: A Comprehensive Literature Review
https://www.reddit.com/r/netsec/comments/1rzji68/evaluating_ai_and_ml_in_network_security_a/
Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets Attackers
https://www.reddit.com/r/netsec/comments/1rziu2w/trivy_under_attack_again_widespread_github/
ONNX Hub silent=True suppresses all trust verification, enabling supply chain attacks on ML model loading (CVE-2026-28500, CVSS 9.1, no patch available)
https://www.reddit.com/r/netsec/comments/1s02jrq/onnx_hub_silenttrue_suppresses_all_trust/
LLVM Adventures: Fuzzing Apache Modules
https://www.reddit.com/r/netsec/comments/1s03z8j/llvm_adventures_fuzzing_apache_modules/
Agent skill marketplace supply chain attack: 121 skills across 7 repos vulnerable to GitHub username hijacking, 5 scanners disagree by 10x on malicious skill rates (arXiv:2603.16572)
https://www.reddit.com/r/netsec/comments/1s0dmuv/agent_skill_marketplace_supply_chain_attack_121/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Evaluating AI and ML in Network Security: A Comprehensive Literature Review
Posted by dondusi - 1 vote and 0 comments
Top Security News for Today
Agent skill marketplace supply chain attack: 121 skills across 7 repos vulnerable to GitHub username hijacking, 5 scanners disagree by 10x on malicious skill rates (arXiv:2603.16572)
https://www.reddit.com/r/netsec/comments/1s0dmuv/agent_skill_marketplace_supply_chain_attack_121/
CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran
https://www.reddit.com/r/netsec/comments/1s0lvk9/canisterworm_gets_teeth_teampcps_kubernetes_wiper/
Observations on AI generated Remote DuckDB via HTTP with mTLS
http://diablohorn.com/2026/03/22/observations-on-ai-generated-remote-duckdb-via-http-with-mtls/
No Zero-Day Needed: Russian Phishers Swipe Signal & WhatsApp Accounts with Plain Old Lies
https://www.reddit.com/r/netsec/comments/1s0ouoe/no_zeroday_needed_russian_phishers_swipe_signal/
A YC-Backed Startup Left Production AWS Keys Public for 5 Months.
https://www.reddit.com/r/netsec/comments/1s1ab3n/a_ycbacked_startup_left_production_aws_keys/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Agent skill marketplace supply chain attack: 121 skills across 7 repos vulnerable to GitHub username hijacking, 5 scanners disagree by 10x on malicious skill rates (arXiv:2603.16572)
https://www.reddit.com/r/netsec/comments/1s0dmuv/agent_skill_marketplace_supply_chain_attack_121/
CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran
https://www.reddit.com/r/netsec/comments/1s0lvk9/canisterworm_gets_teeth_teampcps_kubernetes_wiper/
Observations on AI generated Remote DuckDB via HTTP with mTLS
http://diablohorn.com/2026/03/22/observations-on-ai-generated-remote-duckdb-via-http-with-mtls/
No Zero-Day Needed: Russian Phishers Swipe Signal & WhatsApp Accounts with Plain Old Lies
https://www.reddit.com/r/netsec/comments/1s0ouoe/no_zeroday_needed_russian_phishers_swipe_signal/
A YC-Backed Startup Left Production AWS Keys Public for 5 Months.
https://www.reddit.com/r/netsec/comments/1s1ab3n/a_ycbacked_startup_left_production_aws_keys/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Agent skill marketplace supply chain attack: 121 skills across 7 repos vulnerable to GitHub…
Explore this post and more from the netsec community
Top Security News for Today
A YC-Backed Startup Left Production AWS Keys Public for 5 Months.
https://www.reddit.com/r/netsec/comments/1s1ab3n/a_ycbacked_startup_left_production_aws_keys/
US soldier sentenced for helping North Korean IT workers
https://therecord.media/us-soldier-sentencer-for-helping-nk-it-workers
Microsoft Xbox One Hacked
https://www.schneier.com/blog/archives/2026/03/microsoft-xbox-hacked.html
The Verifier Tax: Horizon Dependent Safety Success Tradeoffs in Tool Using LLM Agents
https://arxiv.org/abs/2603.19328
Benchmarking Post-Quantum Cryptography on Resource-Constrained IoT Devices: ML-KEM and ML-DSA on ARM Cortex-M0+
https://arxiv.org/abs/2603.19340
A Novel Solution for Zero-Day Attack Detection in IDS using Self-Attention and Jensen-Shannon Divergence in WGAN-GP
https://arxiv.org/abs/2603.19350
The Broken Physics of Remediation
https://blog.qualys.com/vulnerabilities-threat-research/2026/03/23/the-broken-physics-of-remediation
California-based semiconductor testing company reports ransomware attack to SEC
https://therecord.media/ransomware-trio-tech-semiconductor-sec
Education company Kaplan reports data breach impacting more than 230,000
https://therecord.media/kaplan-data-breach-hack-notification
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A YC-Backed Startup Left Production AWS Keys Public for 5 Months.
https://www.reddit.com/r/netsec/comments/1s1ab3n/a_ycbacked_startup_left_production_aws_keys/
US soldier sentenced for helping North Korean IT workers
https://therecord.media/us-soldier-sentencer-for-helping-nk-it-workers
Microsoft Xbox One Hacked
https://www.schneier.com/blog/archives/2026/03/microsoft-xbox-hacked.html
The Verifier Tax: Horizon Dependent Safety Success Tradeoffs in Tool Using LLM Agents
https://arxiv.org/abs/2603.19328
Benchmarking Post-Quantum Cryptography on Resource-Constrained IoT Devices: ML-KEM and ML-DSA on ARM Cortex-M0+
https://arxiv.org/abs/2603.19340
A Novel Solution for Zero-Day Attack Detection in IDS using Self-Attention and Jensen-Shannon Divergence in WGAN-GP
https://arxiv.org/abs/2603.19350
The Broken Physics of Remediation
https://blog.qualys.com/vulnerabilities-threat-research/2026/03/23/the-broken-physics-of-remediation
California-based semiconductor testing company reports ransomware attack to SEC
https://therecord.media/ransomware-trio-tech-semiconductor-sec
Education company Kaplan reports data breach impacting more than 230,000
https://therecord.media/kaplan-data-breach-hack-notification
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: A YC-Backed Startup Left Production AWS Keys Public for 5 Months.
Explore this post and more from the netsec community
Top Security News for Today
Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence
https://therecord.media/hacker-russian-ransomware-sentenced-doj
Alleged OVHcloud data of 1.6M customers and 5.9M websites posted on popular forum for sale. CEO Comments
https://www.reddit.com/r/netsec/comments/1s2awo7/alleged_ovhcloud_data_of_16m_customers_and_59m/
Forensic Readiness Is Becoming a Strategic Security Discipline
https://www.reddit.com/r/netsec/comments/1s2alc9/forensic_readiness_is_becoming_a_strategic/
Anime streaming giant Crunchyroll says hacker stole data related to customer service tickets
https://therecord.media/crunchyroll-hacker-anime-data-theft
Dutch Finance Ministry probing cyber breach affecting internal systems
https://therecord.media/netherlands-finance-ministry-cyberattack-breach
Iran-linked ransomware gang targeted US healthcare org amid military conflict
https://therecord.media/iran-linked-ransomware-gang-targeted-us-healthcare-org
We rewrote SoftHSMv2 (the default PKCS#11 software HSM) in Rust — 617+ tests, PQC support, memory-safe key handling
https://www.reddit.com/r/netsec/comments/1s2f3le/we_rewrote_softhsmv2_the_default_pkcs11_software/
With the rise of SaaS and cloud applications, the browser has become the new workplace. That's where net-security comes in.
https://www.reddit.com/r/netsec/comments/1s2cryp/with_the_rise_of_saas_and_cloud_applications_the/
We scanned 900 MCP configs on GitHub. 75% had security problems.
https://www.reddit.com/r/netsec/comments/1s2j0zl/we_scanned_900_mcp_configs_on_github_75_had/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence
https://therecord.media/hacker-russian-ransomware-sentenced-doj
Alleged OVHcloud data of 1.6M customers and 5.9M websites posted on popular forum for sale. CEO Comments
https://www.reddit.com/r/netsec/comments/1s2awo7/alleged_ovhcloud_data_of_16m_customers_and_59m/
Forensic Readiness Is Becoming a Strategic Security Discipline
https://www.reddit.com/r/netsec/comments/1s2alc9/forensic_readiness_is_becoming_a_strategic/
Anime streaming giant Crunchyroll says hacker stole data related to customer service tickets
https://therecord.media/crunchyroll-hacker-anime-data-theft
Dutch Finance Ministry probing cyber breach affecting internal systems
https://therecord.media/netherlands-finance-ministry-cyberattack-breach
Iran-linked ransomware gang targeted US healthcare org amid military conflict
https://therecord.media/iran-linked-ransomware-gang-targeted-us-healthcare-org
We rewrote SoftHSMv2 (the default PKCS#11 software HSM) in Rust — 617+ tests, PQC support, memory-safe key handling
https://www.reddit.com/r/netsec/comments/1s2f3le/we_rewrote_softhsmv2_the_default_pkcs11_software/
With the rise of SaaS and cloud applications, the browser has become the new workplace. That's where net-security comes in.
https://www.reddit.com/r/netsec/comments/1s2cryp/with_the_rise_of_saas_and_cloud_applications_the/
We scanned 900 MCP configs on GitHub. 75% had security problems.
https://www.reddit.com/r/netsec/comments/1s2j0zl/we_scanned_900_mcp_configs_on_github_75_had/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence
A Russian hacker who helped the notorious Yanluowang ransomware gang break into U.S. companies and demand millions of dollars in ransom payments was sentenced to nearly seven years in prison.