β οΈ Multiple infostealers β Arkanix, NovaStealer, DarkCloud, MawaStealer and others β are active in the wild.
Researchers say Arkanix was likely built with LLM assistance, speeding malware development. Stolen logs are filtered and sold to brokers seeking corporate network access.
π Read β https://thehackernews.com/2026/03/weekly-recap-sd-wan-0-day-critical-cves.html#:~:text=Multiple%20Stealer%20Malware%20Families%20Detected
Researchers say Arkanix was likely built with LLM assistance, speeding malware development. Stolen logs are filtered and sold to brokers seeking corporate network access.
π Read β https://thehackernews.com/2026/03/weekly-recap-sd-wan-0-day-critical-cves.html#:~:text=Multiple%20Stealer%20Malware%20Families%20Detected
π3π€―3β‘2π₯1
Human-led. Rules-based. LLM-powered agentic systems. Each promises efficiency. Each has limits.
The real advantage? Knowing when, and how, to use them together.
The teams pulling ahead arenβt betting on a single model. Theyβre architecting a custom mix of all three.
On March 12th, join Tines for Workflow clarity: Where AI fits in modern automation. You'll learn how to harness AI with clarity and control, and determine the right combination of workflows for you.
π Register and learn more here: https://thn.news/modern-automation-ai
The real advantage? Knowing when, and how, to use them together.
The teams pulling ahead arenβt betting on a single model. Theyβre architecting a custom mix of all three.
On March 12th, join Tines for Workflow clarity: Where AI fits in modern automation. You'll learn how to harness AI with clarity and control, and determine the right combination of workflows for you.
π Register and learn more here: https://thn.news/modern-automation-ai
π€5β‘2π1
π Hacktivists launched 149 DDoS attacks targeting 110 organizations in 16 countries after the U.S.βIsrael strikes on Iran, security researchers report.
Most attacks hit government systems in the Middle East, with Kuwait, Israel, and Jordan seeing the highest activity.
π Read β https://thehackernews.com/2026/03/149-hacktivist-ddos-attacks-hit-110.html
Most attacks hit government systems in the Middle East, with Kuwait, Israel, and Jordan seeing the highest activity.
π Read β https://thehackernews.com/2026/03/149-hacktivist-ddos-attacks-hit-110.html
β‘14π11π7π€6π₯4
Authorities have seized #LeakBase, a cybercrime forum used to trade stolen databases and infostealer logs.
Site had 142k+ members and hosted hundreds of millions of stolen credentials & financial records used for account takeovers and fraud.
π Read β https://thehackernews.com/2026/03/fbi-and-europol-seize-leakbase-forum.html
Site had 142k+ members and hosted hundreds of millions of stolen credentials & financial records used for account takeovers and fraud.
π Read β https://thehackernews.com/2026/03/fbi-and-europol-seize-leakbase-forum.html
π9π₯2
β‘ Authorities dismantled Tycoon 2FA, a major phishing-as-a-service toolkit used to bypass MFA.
The platform sent tens of millions of phishing emails monthly and enabled access to nearly 100,000 organizations by stealing credentials, MFA codes, and session cookies.
π Read β https://thehackernews.com/2026/03/europol-led-operation-takes-down-tycoon.html
The platform sent tens of millions of phishing emails monthly and enabled access to nearly 100,000 organizations by stealing credentials, MFA codes, and session cookies.
π Read β https://thehackernews.com/2026/03/europol-led-operation-takes-down-tycoon.html
π8π3π₯2
β οΈ Most encrypted web traffic relies on ECDHE, the TLS key exchange that lets browsers and servers derive a shared secret.
Quantum computers could break the elliptic-curve math behind it. The industry is moving to hybrid exchanges combining ECDHE with post-quantum ML-KEM.
π Learn how hybrid key exchange protects data from future quantum attacks β https://thehackernews.com/expert-insights/2026/03/demystifying-key-exchange-from.html
Quantum computers could break the elliptic-curve math behind it. The industry is moving to hybrid exchanges combining ECDHE with post-quantum ML-KEM.
π Learn how hybrid key exchange protects data from future quantum attacks β https://thehackernews.com/expert-insights/2026/03/demystifying-key-exchange-from.html
π9π₯4
π¨ Russian-linked hackers are using BadPaw and MeowMeow malware to target Ukrainian entities.
Phishing emails deliver a ZIP with an HTA lure. Code hidden in a PNG loads a .NET dropper that installs a backdoor capable of running PowerShell commands and manipulating files.
π Details β https://thehackernews.com/2026/03/apt28-linked-campaign-deploys-badpaw.html
Phishing emails deliver a ZIP with an HTA lure. Code hidden in a PNG loads a .NET dropper that installs a backdoor capable of running PowerShell commands and manipulating files.
π Details β https://thehackernews.com/2026/03/apt28-linked-campaign-deploys-badpaw.html
π12π€―4π2π₯2π±1
π Suspected Iran-linked hackers targeted Iraqi officials by impersonating the foreign ministry and delivering malware.
Tracked as Dust Specter, the campaign deploys SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM via password-protected archives and DLL sideloading.
π Read β https://thehackernews.com/2026/03/dust-specter-targets-iraqi-officials.html
Tracked as Dust Specter, the campaign deploys SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM via password-protected archives and DLL sideloading.
π Read β https://thehackernews.com/2026/03/dust-specter-targets-iraqi-officials.html
π€―9π4π4π₯1π1π€1π±1
π₯ ActiveState Launches World's Largest Secure OSS Catalog With 79M Components.
ActiveState has launched the worldβs largest secure open-source catalog, uniting 79M components across 12+ languages (Java, Python, Rust, etc.). It cuts CVE exposure by 99% via SLSA-3 builds and reclaims 30% of engineering time by automating manual maintenance and governance.
π Read the release: https://thn.news/open-source-catalog
ActiveState has launched the worldβs largest secure open-source catalog, uniting 79M components across 12+ languages (Java, Python, Rust, etc.). It cuts CVE exposure by 99% via SLSA-3 builds and reclaims 30% of engineering time by automating manual maintenance and governance.
π Read the release: https://thn.news/open-source-catalog
π6
π¨ DDR5 bot scalping, Telegram cybercrime hubs, and new malware campaigns.
This weekβs #ThreatsDay Bulletin breaks down the biggest security threats and tactics shaping the threat landscape right now.
π Read β https://thehackernews.com/2026/03/threatsday-bulletin-redis-rce-ddr5-bot.html
This weekβs #ThreatsDay Bulletin breaks down the biggest security threats and tactics shaping the threat landscape right now.
π Read β https://thehackernews.com/2026/03/threatsday-bulletin-redis-rce-ddr5-bot.html
π€―6π5
β οΈ Cisco confirms active exploitation of two Catalyst SD-WAN Manager flaws.
βΆ CVE-2026-20122 enables arbitrary file overwrite via API credentials.
βΆCVE-2026-20128 can expose data and grant DCA privileges after login.
π Read β https://thehackernews.com/2026/03/cisco-confirms-active-exploitation-of.html
Patches are out across multiple releases.
βΆ CVE-2026-20122 enables arbitrary file overwrite via API credentials.
βΆCVE-2026-20128 can expose data and grant DCA privileges after login.
π Read β https://thehackernews.com/2026/03/cisco-confirms-active-exploitation-of.html
Patches are out across multiple releases.
π₯10π4π€―4β‘1π1