ποΈ UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours. The attack started with the theft of a developer's GitHub token, which the threat actor then used to gain unauthorized access to the cloud and steal data. "The threat actor, UNC6426, then used this.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimatelooking authentication flows, and encrypted traffic that conceals malicious behavior from traditional detection layers. For CISOs, the priority is now clear scale phishing detection in a way that helps.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as timerelated utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below chronoanchor dnp3times timecalibrator timecalibrators timesync The crates, per Socket, impersonate timeapi.io and were published between late February and early March.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of yeah this is probably going to show up in real incidents sooner than wed like. The pattern this week feels familiar in a slightly annoying way. Old tricks are getting polished. New research shows how.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate NextGeneration Firewall NGFW appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The most dangerous phishing campaigns arent just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to a breach. For years, the cybersecurity industry has focused on the front door of phishing defense employee training, email gateways that.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Artificial Intelligence AI is no longer just a tool we talk to it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" for hackers. The Problem "The Invisible Employee" Think of an AI Agent like a new employee who has.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as part of the Coruna exploit kit. The vulnerability, tracked as CVE202343010, relates to an unspecified vulnerability in WebKit that could result in memory corruption when processing maliciously crafted web content. The iPhone maker said the issue was.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60 of victims located in the U.S., according to the Black Lotus Labs team at Lumen. A lesser number of.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered halfadozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to fullfledged remote administration tools such as SURXRAT. PixRevolution, according to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
China's National Computer Network Emergency Response Technical Team CNCERT has issued a warning about the security stemming from the use of OpenClaw formerly Clawdbot and Moltbot, an opensource and selfhosted autonomous artificial intelligence AI agent. In a post shared on WeChat, CNCERT noted that the platform's "inherently weak default security configurations," coupled with its.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed nine crosstenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Interpol's 'Operation Synergia III' Nets 94 Arrests in Major Cybercrime Sweep π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π¦
The Ultimate Guide to Dark Web Monitoring in 2026: Protect Your Data Before Attackers Strike π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
In 2026, cyber threats are originating on the dark web, where stolen credentials, exploit kits, and attack plans are bought and sold before they ever reach corporate networks. Organizations are turning to dark web intelligence and dark web monitoring solutions 2026 to detect new cyber threats early, monitor underground activity, and prevent breaches that traditional security tools may miss. Recent data from Cyble Research and Intelligence Labs CRIL shows the scale of this threat. In 2025 alone, Cyble tracked 6,046 global data breach and leak incidents, with sectors such as government and finance among the most targeted. The research has also identified thousands of enterprise credentials circulating on dark web marketplaces, often harvested by infostealer malware and sold to cybercr...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Dark Web Intelligence: Why Monitoring Matters In 2026
Hereβs how dark web intelligence helps organizations detect leaked data, stolen credentials, and cyber threats early in 2026.
π Best AI SOC for SMBs: 6 Vendors Scored With Real Pricing (2026) π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Compare 6 AI SOC providers built for SMBs under 500 employees. Real pricing from 11device, transparent scoring, and a zerotoprotected deployment roadmap. The post Best AI SOC for SMBs 6 Vendors Scored With Real Pricing 2026 appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Best AI SOC for SMBs: 6 Vendors Scored With Real Pricing (2026)
Compare 6 AI SOC providers built for SMBs under 500 employees. Real pricing from $11/device, transparent scoring, and a zero-to-protected deployment roadmap.
π Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Operation Lightning sees international law enforcement partners shut down SocksEscort, a major malicious proxy service used by cybercriminals worldwide.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Law Enforcement Dismantles SocksEscort Proxy Network
Operation Lightning sees international law enforcement partners shut down βSocksEscort,β a major malicious proxy service used by cybercriminals worldwide
π¦
Australia, New Zealand, Tonga, Warn of Rising INC Ransom Attacks Targeting Pacific Networks π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cybersecurity agencies across the Pacific region are sharing concerns about the ransomware group INC Ransom's expanding activities and the growing influence of its affiliate network. A joint advisory issued by the Australian Cyber Security Centre ACSC, National Computer Emergency Response Team Tonga CERT Tonga, and the New Zealand National Cyber Security Centre NCSC highlights how the INC Ransom ecosystem has become an active threat to organizations in Australia, New Zealand, and Pacific Island states. The advisory from the agencies down under is designed for both technical specialists and general network defenders. It outlines how INC Ransom operates, the techniques its affiliates use, and the steps organizations can take to reduce their exposure. Officials from the three agencie...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
INC Ransom Threat Targets Australia And Pacific Networks
ACSC, NCSC, and CERT Tonga warn of rising INC Ransom attacks targeting Australia, New Zealand, and Pacific networks via affiliate ransomware campaigns.
π 9 Best AI SOC for Enterprise: Enterprise Evaluation With Pricing and Reviews π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Compare the 9 best AI SOC platforms for 10,000 employee enterprises. Evaluate integration, compliance, governance, and pricing. Discover which fits your stack. The post 9 Best AI SOC for Enterprise Enterprise Evaluation With Pricing and Reviews appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
9 Best AI SOC for Enterprise: Enterprise Evaluation With Pricing and Reviews
Compare the 9 best AI SOC platforms for 10,000+ employee enterprises. Evaluate integration, compliance, governance, and pricing. Discover which fits your stack.
π PixRevolution Malware Hijacks Brazil's PIX Transfers in Real Time π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
PixRevolution Android trojan hijacks Brazils PIX payments in real time using accessibility abuse.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PixRevolution Malware Hijacks Brazil's PIX Transfers in Real Time
PixRevolution Android trojan hijacks Brazilβs PIX payments in real time using accessibility abuse
π RSAC 2026 Parties & Networking Events: The Unofficial Guide to San Franciscoβs Cybersecurity Social Season π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Lets be honest about how RSAC actually works. You fly to San Francisco, you badge in at Moscone, you sit through a keynote or two, and then if youre The post RSAC 2026 Parties Networking Events The Unofficial Guide to San Franciscos Cybersecurity Social Season appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
RSAC 2026 Parties & Networking Events: The Ultimate Guide
Discover the hottest parties, networking events, and must-attend gatherings at RSA Conference 2026 in San Francisco (March 23β26).
π Critical Zero-Click Flaw in n8n Allows Full Server Compromise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The critical vulnerability affecting both cloud and selfhosted n8n instances requires no authentication or even n8n account to be exploited.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity