๐จ China-linked APT UAT-9244 has been targeting telecom networks in South America since 2024.
Cisco Talos uncovered 3 new implants across Windows, #Linux, and edge devicesโused for persistence, command control, and large-scale brute-force scanning.
๐ Inside TernDoor, PeerTime, and BruteEntry โ https://thehackernews.com/2026/03/china-linked-hackers-use-terndoor.html
Cisco Talos uncovered 3 new implants across Windows, #Linux, and edge devicesโused for persistence, command control, and large-scale brute-force scanning.
๐ Inside TernDoor, PeerTime, and BruteEntry โ https://thehackernews.com/2026/03/china-linked-hackers-use-terndoor.html
๐7๐ฅ5๐3๐ฑ3โก1
๐ Iran-linked hackers quietly embedded inside multiple U.S. organizations, Broadcom researchers report.
The campaign is tied to MuddyWater, an #Iranian state group. Attackers deployed a Deno-based backdoor and tried exfiltrating data using Rclone to cloud storage.
๐ Read โ https://thehackernews.com/2026/03/iran-linked-muddywater-hackers-target.html
The campaign is tied to MuddyWater, an #Iranian state group. Attackers deployed a Deno-based backdoor and tried exfiltrating data using Rclone to cloud storage.
๐ Read โ https://thehackernews.com/2026/03/iran-linked-muddywater-hackers-target.html
๐ฅ33๐8๐ฑ4โก2๐1
MSPs trying to scale cybersecurity hit the same wall: manual risk assessments that donโt scale.
AI-powered risk management automates assessments, maps compliance, and turns findings into remediationโenabling continuous security services instead of one-off fixes.
๐ Inside: framework for scalable risk-first cybersecurity services โ https://thehackernews.com/2026/03/the-msp-guide-to-using-ai-powered-risk.html
AI-powered risk management automates assessments, maps compliance, and turns findings into remediationโenabling continuous security services instead of one-off fixes.
๐ Inside: framework for scalable risk-first cybersecurity services โ https://thehackernews.com/2026/03/the-msp-guide-to-using-ai-powered-risk.html
๐4๐ฅ3๐ค2โก1
Your shiny new AI agent can now:
๐ Browse
๐ ๏ธ Execute code
โข๏ธ Touch production systems
Agency Gap = tools + APIs + permissions = new attack surface.
Secure your agents BEFORE they get owned.
๐ Join the webinar โ https://thehacker.news/ai-agents-attack-surface
๐ Browse
๐ ๏ธ Execute code
โข๏ธ Touch production systems
Agency Gap = tools + APIs + permissions = new attack surface.
Secure your agents BEFORE they get owned.
๐ Join the webinar โ https://thehacker.news/ai-agents-attack-surface
๐ฅ4๐ค3๐2
โ ๏ธ VOID#GEIST malware delivers 3 RATs: XWorm, AsyncRAT, and Xeno RAT through a layered script chain.
Phishing emails pull a batch file from TryCloudflare, open a fake invoice PDF, then use Python to decrypt shellcode and inject it into explorer.exe via Early Bird APC.
๐ Inside the full fileless attack chain โ https://thehackernews.com/2026/03/multi-stage-voidgeist-malware.html
Phishing emails pull a batch file from TryCloudflare, open a fake invoice PDF, then use Python to decrypt shellcode and inject it into explorer.exe via Early Bird APC.
๐ Inside the full fileless attack chain โ https://thehackernews.com/2026/03/multi-stage-voidgeist-malware.html
๐ฅ6๐3๐2
โก Bitdefender says Pakistan-aligned Transparent Tribe (APT36) is targeting Indian government entities with AI-generated malware.
The campaign spreads polyglot implants in Nim, Zig, and Crystal and hides C2 inside Slack, Supabase, and Google Sheets.
๐ Inside: phishing chain, malware tools, and infrastructure โ https://thehackernews.com/2026/03/transparent-tribe-uses-ai-to-mass.html
The campaign spreads polyglot implants in Nim, Zig, and Crystal and hides C2 inside Slack, Supabase, and Google Sheets.
๐ Inside: phishing chain, malware tools, and infrastructure โ https://thehackernews.com/2026/03/transparent-tribe-uses-ai-to-mass.html
๐18๐5๐ฅ3๐2โก1
๐ฎ Car tire pressure sensors may expose where you go.
Researchers found TPMS sensors broadcast unchanging IDs in unencrypted radio signals. Receivers up to 40 m away can capture them and recognize the same vehicle again.
That enables long-term trackingโno cameras, no line of sight.
๐ How TPMS signals reveal vehicle movement โ https://thehackernews.com/2026/03/threatsday-bulletin-redis-rce-ddr5-bot.html#tpms-signals-allow-covert-vehicle-tracking
Researchers found TPMS sensors broadcast unchanging IDs in unencrypted radio signals. Receivers up to 40 m away can capture them and recognize the same vehicle again.
That enables long-term trackingโno cameras, no line of sight.
๐ How TPMS signals reveal vehicle movement โ https://thehackernews.com/2026/03/threatsday-bulletin-redis-rce-ddr5-bot.html#tpms-signals-allow-covert-vehicle-tracking
โก15๐ฅ11๐8๐คฏ1
โกNATO has cleared #iPhone and iPad to handle classified information.
The approval relies on built-in iOS and iPadOS securityโno custom hardening or special software required.
Germanyโs BSI had already cleared the devices for classified government use.
๐ Details on NATO approval โ https://thehackernews.com/2026/03/threatsday-bulletin-redis-rce-ddr5-bot.html#nato-clears-consumer-iphones-and-ipads
The approval relies on built-in iOS and iPadOS securityโno custom hardening or special software required.
Germanyโs BSI had already cleared the devices for classified government use.
๐ Details on NATO approval โ https://thehackernews.com/2026/03/threatsday-bulletin-redis-rce-ddr5-bot.html#nato-clears-consumer-iphones-and-ipads
โก18๐9๐8๐ฑ4๐ฅ2๐ค1
๐ฅ Anthropic says its #Claude model found 22 Firefox vulnerabilities while scanning ~6,000 C++ files with Mozilla.
14 were high-severity. Turning bugs into exploits proved harder: after hundreds of attempts, the AI succeeded only twice.
๐ Read โ https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html
14 were high-severity. Turning bugs into exploits proved harder: after hundreds of attempts, the AI succeeded only twice.
๐ Read โ https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html
๐ฅ38๐คฏ11๐5๐ฑ3๐2
๐ฅ OpenAI launched "Codex Security," an AI agent that finds and fixes code vulnerabilities.
In testing it scanned 1.2M commits across open-source repos, uncovering 792 critical and 10,561 high-severity flaws in projects including OpenSSH, GnuTLS, PHP, and Chromium.
๐ Details โ https://thehackernews.com/2026/03/openai-codex-security-scanned-12.html
In testing it scanned 1.2M commits across open-source repos, uncovering 792 critical and 10,561 high-severity flaws in projects including OpenSSH, GnuTLS, PHP, and Chromium.
๐ Details โ https://thehackernews.com/2026/03/openai-codex-security-scanned-12.html
๐คฏ40๐ฅ21๐7๐7๐ค4โก1
โ ๏ธ A newly tracked threat cluster is quietly breaching critical infrastructure across Asia.
Unit 42 says attackers exploit web servers, plant web shells, and dump credentials with tools like Mimikatz to move across networks in aviation, energy, and government sectors.
๐ Read โ https://thehackernews.com/2026/03/web-server-exploits-and-mimikatz-used.html
Unit 42 says attackers exploit web servers, plant web shells, and dump credentials with tools like Mimikatz to move across networks in aviation, energy, and government sectors.
๐ Read โ https://thehackernews.com/2026/03/web-server-exploits-and-mimikatz-used.html
๐4๐3๐2
๐ Two Chrome extensions turned malicious after an ownership transfer.
Researchers say QuickLens (7,000 users) now strips security headers and pulls remote code every 5 minutes. The payload executes via hidden elements, leaving no malicious code in the extension source.
๐ Read โ https://thehackernews.com/2026/03/chrome-extension-turns-malicious-after.html
Researchers say QuickLens (7,000 users) now strips security headers and pulls remote code every 5 minutes. The payload executes via hidden elements, leaving no malicious code in the extension source.
๐ Read โ https://thehackernews.com/2026/03/chrome-extension-turns-malicious-after.html
๐6โก2๐2๐คฏ2