β‘ Apple backports CVE-2023-43010 fix after the WebKit flaw was used in the Coruna #iPhone exploit kit.
It allows memory corruption via malicious web content. Fix now covers iOS 15.8.7 & 16.7.15 devices, including iPhone 6s, 7, 8 & X.
π Read β https://thehackernews.com/2026/03/apple-issues-security-updates-for-older.html
It allows memory corruption via malicious web content. Fix now covers iOS 15.8.7 & 16.7.15 devices, including iPhone 6s, 7, 8 & X.
π Read β https://thehackernews.com/2026/03/apple-issues-security-updates-for-older.html
π10π₯4π3π2
Attackers now weaponize phishing volume.
Research shows 66% of SOC teams canβt keep up with alerts, letting attackers hide targeted spear-phish inside thousands of decoys. The flood isnβt random. Itβs meant to exhaust analysts and slow investigation.
π How phishing campaigns exploit SOC workload β https://thehackernews.com/2026/03/attackers-dont-just-send-phishing.html
Research shows 66% of SOC teams canβt keep up with alerts, letting attackers hide targeted spear-phish inside thousands of decoys. The flood isnβt random. Itβs meant to exhaust analysts and slow investigation.
π How phishing campaigns exploit SOC workload β https://thehackernews.com/2026/03/attackers-dont-just-send-phishing.html
π₯9π€―6π2
New week. Same internet chaos.
β οΈ OAuth token theft
π± Signal/WhatsApp hijacks
βοΈ Cloud flaw breaches
π§ Zombie ZIP evasion
πΌ HR malware kills EDR
π€ AI agent platform hack
π¬ Teams impersonation attacks
π 174-exploit botnet scans
π ThreatsDay is out β quick hits from this weekβs cyber chaos β https://thehackernews.com/2026/03/threatsday-bulletin-oauth-trap-edr.html
β οΈ OAuth token theft
π± Signal/WhatsApp hijacks
βοΈ Cloud flaw breaches
π§ Zombie ZIP evasion
πΌ HR malware kills EDR
π€ AI agent platform hack
π¬ Teams impersonation attacks
π 174-exploit botnet scans
π ThreatsDay is out β quick hits from this weekβs cyber chaos β https://thehackernews.com/2026/03/threatsday-bulletin-oauth-trap-edr.html
π7β‘6π₯2
Want a Masterβs or Graduate Certificate in Cybersecurity Risk Management from Georgetown University?
Join our virtual webinar on March 24. Sign up: https://thn.news/risk-mgmt-fb
Join our virtual webinar on March 24. Sign up: https://thn.news/risk-mgmt-fb
π6π₯3π2
Modern phishing now hides behind HTTPS and trusted services, so attacks look like normal logins.
Sandbox analysis executes suspicious links safely and exposes credential-stealing flows in under 60 seconds.
π How SOC teams uncover phishing before account takeover β https://thehackernews.com/2026/03/how-to-scale-phishing-detection-in-your.html
Sandbox analysis executes suspicious links safely and exposes credential-stealing flows in under 60 seconds.
π How SOC teams uncover phishing before account takeover β https://thehackernews.com/2026/03/how-to-scale-phishing-detection-in-your.html
π8π4π₯3
π€ IBM X-Force found AI-generated #malware Slopoly used by Hive0163.
The PowerShell backdoor persists for days, beacons every 30s, and runs commands from a remote C2. AI didnβt make it advanced β it made malware faster to build.
π Read here β https://thehackernews.com/2026/03/hive0163-uses-ai-assisted-slopoly.html
The PowerShell backdoor persists for days, beacons every 30s, and runs commands from a remote C2. AI didnβt make it advanced β it made malware faster to build.
π Read here β https://thehackernews.com/2026/03/hive0163-uses-ai-assisted-slopoly.html
β‘6π₯6π±5π2
β οΈ Rust-based banking trojan VENON is targeting 33 financial institutions in Brazil.
It monitors banking windows, triggers credential-stealing overlays, and hijacks ItaΓΊ app shortcuts to redirect victims to attacker-controlled pages.
π Read β https://thehackernews.com/2026/03/rust-based-venon-malware-targets-33.html
It monitors banking windows, triggers credential-stealing overlays, and hijacks ItaΓΊ app shortcuts to redirect victims to attacker-controlled pages.
π Read β https://thehackernews.com/2026/03/rust-based-venon-malware-targets-33.html
π₯20π4β‘1π1
β οΈ Veeam fixed multiple flaws in Backup & Replication, including 9.9-severity RCE bugs that let authenticated domain users run code on backup servers.
Affected: all v12 builds before 12.3.2.4465.
π CVEs and patch details β https://thehackernews.com/2026/03/veeam-patches-7-critical-backup.html
Affected: all v12 builds before 12.3.2.4465.
π CVEs and patch details β https://thehackernews.com/2026/03/veeam-patches-7-critical-backup.html
π9β‘3π3π₯2
π Global police dismantled SocksEscort, a proxy botnet built from hacked home routers.
AVrecon malware turned SOHO devices into anonymous gateways for fraud, ransomware, and DDoS.
Operation Lightning seized 34 domains, 23 servers, froze $3.5M. 369K IPs across 163 countries.
π Read β https://thehackernews.com/2026/03/authorities-disrupt-socksescort-proxy.html
AVrecon malware turned SOHO devices into anonymous gateways for fraud, ransomware, and DDoS.
Operation Lightning seized 34 domains, 23 servers, froze $3.5M. 369K IPs across 163 countries.
π Read β https://thehackernews.com/2026/03/authorities-disrupt-socksescort-proxy.html
π10π4π₯4π2π€―1
π Linux AppArmor hit by 9 βCrackArmorβ flaws letting unprivileged users manipulate security profiles and escalate to root.
The bugs date back to 2017 and affect kernels 4.11+ across major distros including Ubuntu, Debian, and SUSE.
π Read β https://thehackernews.com/2026/03/nine-crackarmor-flaws-in-linux-apparmor.html
The bugs date back to 2017 and affect kernels 4.11+ across major distros including Ubuntu, Debian, and SUSE.
π Read β https://thehackernews.com/2026/03/nine-crackarmor-flaws-in-linux-apparmor.html
π12π₯7
β οΈ WARNING: Google fixed 2 exploited Chrome bugs (CVSS 8.8) in Skia and the V8 engine.
Crafted HTML pages can trigger memory corruption or sandbox code execution.Update to Chrome v146 now.
Edge, Brave, Opera, and Vivaldi patches will follow.
π Read β https://thehackernews.com/2026/03/google-fixes-two-chrome-zero-days.html
Crafted HTML pages can trigger memory corruption or sandbox code execution.Update to Chrome v146 now.
Edge, Brave, Opera, and Vivaldi patches will follow.
π Read β https://thehackernews.com/2026/03/google-fixes-two-chrome-zero-days.html
π₯12π5π2
Russian hackers are targeting #Signal and #WhatsApp accounts of officials, journalists, and military personnel using phishing β not breaking encryption.
Attackers pose as Signal support bots or abuse linked-device features to steal verification codes and take over accounts.
πRead β https://thehackernews.com/2026/03/threatsday-bulletin-oauth-trap-edr.html#messaging-account-takeover
Attackers pose as Signal support bots or abuse linked-device features to steal verification codes and take over accounts.
πRead β https://thehackernews.com/2026/03/threatsday-bulletin-oauth-trap-edr.html#messaging-account-takeover
π±11π10π₯7π€5π€―5π2
Microsoft says attackers are poisoning search results to spread fake VPN clients that steal credentials.
The campaign redirects software searches to trojanized installers on GitHub that show fake VPN prompts while Hyrax steals credentials.
π Read β https://thehackernews.com/2026/03/storm-2561-spreads-trojan-vpn-clients.html
The campaign redirects software searches to trojanized installers on GitHub that show fake VPN prompts while Hyrax steals credentials.
π Read β https://thehackernews.com/2026/03/storm-2561-spreads-trojan-vpn-clients.html
π13π₯6π5π€1
INTERPOL dismantled 45,000 malicious IPs and servers tied to phishing, malware, and ransomware.
Operation Synergia III across 72 countries led to 94 arrests, 110 suspects under investigation, and seized devices and servers tied to global scam infrastructure.
π Read β https://thehackernews.com/2026/03/interpol-dismantles-45000-malicious-ips.html
Operation Synergia III across 72 countries led to 94 arrests, 110 suspects under investigation, and seized devices and servers tied to global scam infrastructure.
π Read β https://thehackernews.com/2026/03/interpol-dismantles-45000-malicious-ips.html
π17π5π₯3π€2π±2π1
π Meta will shut down Instagramβs end-to-end encrypted chats on May 8, 2026.
Users with affected conversations will get instructions to download messages or media before the change.
π Read β https://thehackernews.com/2026/03/meta-to-shut-down-instagram-end-to-end.html
Users with affected conversations will get instructions to download messages or media before the change.
π Read β https://thehackernews.com/2026/03/meta-to-shut-down-instagram-end-to-end.html
π€23π€―15π6π±5π₯2β‘1
Researchers exposed a long-running cyber espionage campaign targeting Southeast Asian militaries.
The cluster CL-STA-1087 deployed AppleChris and MemFun backdoors plus a custom Mimikatz variant to quietly extract data on C4I systems, military capabilities, and Western defense ties.
π Tools and tradecraft β https://thehackernews.com/2026/03/chinese-hackers-target-southeast-asian.html
The cluster CL-STA-1087 deployed AppleChris and MemFun backdoors plus a custom Mimikatz variant to quietly extract data on C4I systems, military capabilities, and Western defense ties.
π Tools and tradecraft β https://thehackernews.com/2026/03/chinese-hackers-target-southeast-asian.html
π6π₯3