The retirement of old server equipment from data center facilities could become an opportunity for enterprises to generate revenue, instead of being an often costly recycling expense. Last year Western Digital announced it was experimenting with new ways to extract valuable rare earth elements and metals from obsolete servers from Microsoft’s US data centers, as…
AI, APAC, Apps, Exploits, Global Security News, Network Security, Risk Management
For March, Patch Tuesday delivers fixes for 83 vulnerabilities
The team at Readiness each month analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. The March release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET — a moderate volume with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
AiLock Ransomware Claims England Hockey Data Breach
England Hockey is investigating a potential cyberattack after a ransomware group claimed to have stolen sensitive data from its systems and threatened to publish it online. The AiLock ransomware gang recently listed the organization on its public data leak site, claiming to have exfiltrated large volumes of internal data as part of the attack. “We…
AI, Global Security News, malware
FBI seeks victims of Steam games used to spread malware
The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform. […]
Global Security News, malware, Network Security
INTERPOL Operation Synergia III Shuts Down 45,000 Malicious IPs, 94 Arrested
INTERPOL’s Operation Synergia III led to 94 arrests and the takedown of 45,000 malicious IPs in 72 countries targeting phishing, malware, and fraud networks.
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Starbucks HR Portal Breach Exposes Employee Information
Starbucks has disclosed a data breach affecting hundreds of employees after attackers accessed internal HR accounts through phishing websites impersonating the company’s employee portal. This incident exposed sensitive personal and financial information, raising concerns about potential identity theft and fraud. “The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts…
Global Security News
Musk Says xAI Must Be Rebuilt as Co-Founders Exit
AI, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Google warns of two actively exploited Chrome zero days
Threat actors are exploiting two high severity zero day vulnerabilities in the Chrome browser that experts say IT teams must patch immediately. Google has issued emergency patches for the two holes, CVE-2026-3909 and CVE-2026-3910. This comes just days after the release of 29 fixes for holes as part of March Patch Tuesday, and a zero day…
AI, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Google warns of two actively exploited Chrome zero days
Threat actors are exploiting two high severity zero day vulnerabilities in the Chrome browser that experts say IT teams must patch immediately. Google has issued emergency patches for the two holes, CVE-2026-3909 and CVE-2026-3910. This comes just days after the release of 29 fixes for holes as part of March Patch Tuesday, and a zero day…
AI, Data Breaches, Europe, Global Security News, Government & Policy, Russia
Hackers targeted Poland’s National Centre for Nuclear Research
Hackers targeted Poland’s National Centre for Nuclear Research, but security systems detected and blocked the attack before any damage. The National Centre for Nuclear Research in Poland reported a cyberattack on its IT infrastructure. The intrusion attempt was quickly detected by security systems, allowing staff to secure the targeted systems and prevent any operational impact.…
AI, Cybersecurity, Global Security News, malware
WatchGuard CEO on 30 Years and the Future of MSP Security
WatchGuard is marking its 30th year in business, a milestone that CEO Joe Smolarski says highlights both the company’s longevity and the continued importance of the IT channel. In an interview with Channel Insider, Smolarski reflected on WatchGuard’s history working with managed service providers (MSPs), the evolving cybersecurity landscape, and why the vendor plans to…
AI, Exploits, Global Security News, Government & Policy, Risk Management
DoW Anthropic Dispute Spotlights AI Supply Chain Risk
The decision by the U.S. Department of War to label Anthropic a supply chain risk has sparked a wider debate across the sector about how organizations should approach artificial intelligence deployment, what they can manage, and the best practices needed to minimize security risks. When AI is deeply embedded in workflows, its absence is clear…
AI, Cybersecurity, Global Security News, Government & Policy, Network Security, Risk Management
AI Facial Recognition Error Jails Tennessee Grandmother for Months
A Tennessee grandmother spent nearly six months in jail after a facial recognition system incorrectly identified her as a suspect in a bank fraud investigation in North Dakota, more than 1,200 miles from her home. The case is drawing renewed scrutiny around the risks of relying heavily on artificial intelligence in criminal investigations. “I’ve never…
Global Security News, Risk Management
Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos
The excitement around Cisco’s latest SD-WAN bugs has inspired some light fraud, misunderstandings, and overlooked risks.
AI, Europe, Global Security News, Risk Management
European companies warn EU leaders: reduced reliance on US tech could hurt profitability
Several European companies are warning that the EU’s increased focus on technological sovereignty could hurt both profitability and competitiveness and argue it will be difficult to quickly reduce dependence on US tech firms, the Financial Times reports. The European Commission is currently working on a new package for technological sovereignty aimed at reducing Europe’s dependence…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Google Patches Two Chrome Zero-Day Vulnerabilities Actively Exploited in the Wild
Google has released updates to patch two high-severity zero-day vulnerabilities in the Chrome browser that are already being exploited in the wild.. The flaws affect critical components responsible for rendering web content and executing JavaScript, potentially allowing attackers to crash the browser or execute malicious code on vulnerable systems. One of the vulnerabilities, CVE-2026-3909, allows…
AI, Global Security News
‘CrackArmor’ Vulnerability in AppArmor Impacts 12.6M Linux Systems
Qualys uncovers ‘CrackArmor’ vulnerabilities in AppArmor that could expose 12.6M Linux systems to root access and container escapes.
AI, china, Global Security News, Network Security
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087, where CL refers to cluster, and STA stands for state-backed motivation. “The activity demonstrated strategic operational…
Global Security News
iTWire TV: 13 People, 19,500 Screens: How Fusion Signage Outmanoeuvres Samsung on Simplicity
The Australian digital signage startup that grew to thousands of active licenses by doing one thing the hardware giants can’t: staying small on purpose.
Global Security News
Poland’s nuclear research centre targeted by cyberattack
Poland’s National Centre for Nuclear Research (NCBJ) says hackers targeted its IT infrastructure, but the attack was detected and blocked before causing any impact. […]
AI, Global Security News
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
Meta has announced plans to discontinue support for end-to-end encryption (E2EE) for chats on Instagram after May 8, 2026. “If you have chats that are impacted by this change, you will see instructions on how you can download any media or messages you may want to keep,” the social media giant said in a help…
AI, Global Security News
Adobe CEO steps down after 18 years
It’s all change at the top for Adobe as CEO Shantanu Narayen is stepping down after 18 years. He will relinquish the role as soon as a successor has been found, although he will continue to serve as Chairman Narayen left as the company posted record revenue of $6.4 billion in its first quarter, with…
AI, Global Security News
Microsoft investigates classic Outlook sync and connection issues
Microsoft is investigating several issues causing email synchronization and connection problems when using the classic Outlook desktop client. […]
AI, Apps, Global Security News
Yes, you can run Windows on a MacBook Neo
Remember the good old days of 2020 when Apple’s then-new M1 Macs were setting fresh records for Mac performance? You might also recall when those same Macs were described as being the fastest PCs to run Windows when using the Parallels virtualization software. If you recall that, and if light use of legacy Windows utilities or tools is…
Global Security News
VIDEO INTERVIEW: 13 People, 19,500 Screens: How Fusion Signage Outmanoeuvres Samsung on Simplicity
The Australian digital signage startup that grew to thousands of active licenses by doing one thing the hardware giants can’t: staying small on purpose.
AI, Global Security News, Government & Policy, Network Security, Risk Management
Cyber criminals too are working from home… your home
The FBI is so concerned about the threat of residential proxy attacks and the dangers posed by cyber criminals using the technique that it has posted guidance on its website. Residential proxies are used by cybercriminals to reroute traffic between individuals and the websites they visit to make it appear to originate elsewhere? By taking…
AI, Global Security News, Government & Policy, Network Security, Risk Management
Cyber criminals too are working from home… your home
The FBI is so concerned about the threat of residential proxy attacks and the dangers posed by cyber criminals using the technique that it has posted guidance on its website. Residential proxies are used by cybercriminals to reroute traffic between individuals and the websites they visit to make it appear to originate elsewhere? By taking…
AI, Global Security News
Interpol’s ‘Operation Synergia III’ Nets 94 Arrests in Major Cybercrime Sweep
A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
OT Security: The New Attack Surface of AI-Powered Robots
Humanoid robots are arriving with enterprise-friendly components — Wi-Fi, cameras, onboard compute, and over-the-air software updates — but they behave less like traditional IT devices and more like operational technology (OT) systems. They interact with the physical world, operate under strict latency constraints, and can cause real harm if something goes wrong. That convergence is…
Global Security News
Will AI Save Consumers From Smartphone-Based Phishing Attacks?
Sophisticated phishing attacks are bypassing on-device protections with troubling frequency, making it more critical than ever for users to protect themselves from potential threats, new research from Omdia shows.
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Hack the AI Brain: LangSmith Vulnerability Could Expose Sensitive AI Data
A vulnerability in LangSmith, a widely used AI observability platform, could have allowed attackers to hijack user accounts and access sensitive enterprise data flowing through large language model (LLM) systems. Researchers at Miggo Security discovered the flaw, which could allow token theft and account takeover if a logged-in user visited a malicious webpage. The vulnerability…
AI, Global Security News
What Are Your Bots Working On?
Plus, Microsoft’s new AI health tool and the billion-dollar startup founded by teenagers.
Cybersecurity, Global Security News, Venture
Micro-SaaS Startups: Leveraging Low Overhead For Scalable Success
Explore how to build a low-overhead Micro-SaaS startup in Romania. Learn about niche selection, lean infrastructure, and tax-efficient scaling strategies. The software industry is undergoing a quiet revolution where the “move fast and break things” mantra of venture-backed giants is being replaced by the “lean and profitable” philosophy of micro-SaaS. For entrepreneurs in Romania, a…
AI, Global Security News, malware, Network Security
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency’s ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effort is part of an international law enforcement operation that involved 72 countries…
AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Risk Management
US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet
Authorities in the US and Europe disrupted the SocksEscort proxy service, which used the AVrecon botnet and infected about 360,000 devices since 2020. Law enforcement agencies in the US and Europe have disrupted SocksEscort, a malicious proxy service powered by the AVrecon botnet. Active since 2020, the service hijacked roughly 360,000 devices and allowed cybercriminals…
Global Security News
Amazon Announces Inference Chips Deal With Cerebras
Amazon Web Services says the partnership will allow it to offer lightning-fast inference computing.
AI, Apps, Cybersecurity, Global Security News, Network Security
AWS Leader on Cloud Lessons and AI’s Next Wave
Twenty years after Amazon Web Services began reshaping enterprise infrastructure, the company’s partner ecosystem is entering another major transition—this time driven by artificial intelligence. In an interview with Channel Insider, Brian Bohan, director and global lead of the AWS Consulting Center of Excellence, discussed how lessons from the early cloud era are shaping AWS’s approach…
AI, Global Security News, Risk Management
From VMware to what’s next: Protecting data during hypervisor migration
Hypervisor migrations can introduce hidden risks that threaten data availability and recovery. Acronis explains why verified backups and cross-platform recovery are essential during VMware transitions. […]
Cybersecurity, Global Security News
Why permission set complexity in Business Central grows faster than most organizations expect
In this post, I will talk about why permission set complexity in Business Central grows faster than most organizations expect. Every Business Central implementation starts with a relatively clean authorization structure. A handful of roles, a limited set of permission sets, and a clear overview of who can access what. That clarity rarely survives the…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
AI Risks, Critical Vulnerabilities, and Data Breaches Define This Week in Cybersecurity
Major Threats & Vulnerabilities Critical Software and Platform Flaws A SQL injection flaw in Elementor’s Ally accessibility plugin exposed over 400,000 WordPress sites to potential data theft. The vulnerability stemmed from improper input sanitization, allowing attackers to extract sensitive database information. Administrators should update immediately to the patched version. Microsoft’s March Patch Tuesday addressed a…
AI, Global Security News, Network Security
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. “The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Risk Management
CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks
Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug…
Global Security News
Police sinkholes 45,000 IP addresses in cybercrime crackdown
An international law enforcement action codenamed “Operation Synergia III” has sinkholed tens of thousands of IP addresses and seized servers linked to cybercrime operations worldwide. […]
AI, Cybersecurity, Global Security News
Investigating a New Click-Fix Variant
Disclaimer: This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of defense capabilities. It is based on independent research and observations of the current threat landscape available at the time of publication. The content is intended for informational and preparedness purposes only. Read more blogs around…
Global Security News
Fake enterprise VPN downloads used to steal company credentials
A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. […]
AI, Global Security News, malware
Real-Time Banking Trojan Strikes Brazil’s Pix Users
The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.
Global Security News, Network Security
Accertify’s Attack State targets credential stuffing and ATO attacks
Accertify has announced the launch of Attack State, a new capability in its Account Protection solution designed to help organizations detect and respond to coordinated login attacks and other automated threats targeting customer accounts. Attack State analyzes login activity continuously and compares it to the organization’s broader traffic patterns to determine when a client’s environment…
AI, Global Security News
SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites
SQL injection flaw in Ally WordPress plugin exposes 200,000+ sites to data theft. Patch released, but most installations remain unpatched and vulnerable.
Europe, Global Security News, privacy
EU Parliament backs extension of CSAM detection rules until 2027
The European Parliament has voted to extend a temporary exemption to EU privacy legislation that allows online platforms to voluntarily detect child sexual abuse material (CSAM). The extension prolongs a derogation from the EU’s ePrivacy Directive, which was set to expire on 3 April 2026, until 3 August 2027. Lawmakers say the additional time will…
AI, Compliance, Global Security News
Registration Open for Avalara NEXT 2026: Exploring the Future of Agentic Tax and Compliance
GUEST EVENT: Virtual event on March 26 will highlight agentic AI, new developer tools, and partner ecosystem innovation
AI, Exploits, Global Security News
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Backup vendor Veeam has released security updates to patch multiple vulnerabilities in its widely used Backup and Replication platform, including three critical flaws that could allow authenticated users to execute code on backup servers. Detailed in the company’s advisory KB4830, the vulnerabilities affect Veeam Backup & Replication 12.3.2.4165 and earlier version 12 builds, with fixes…
Global Security News
Flexible, Modernized Threat Protection in Cisco Secure Firewall 10.0
Cisco Secure Firewall 10.0 expands protection, better matches security rules to users and apps, & offers better threat detection. Learn more in our blog.
AI, Global Security News
IAG New Zealand Future-Proofs Claims Operations with Guidewire Cloud Platform
COMPANY ANNOUNCEMENT: IAG New Zealand and Guidewire (NYSE: GWRE) announced that IAG New Zealand has reached a major milestone in its technology modernisation journey, migrating its on-premises implementation of Guidewire ClaimCentre to Guidewire Cloud Platform as part of its future-proofing program.
AI, Global Security News, malware, Network Security, Risk Management
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor…
Global Security News, Network Security
US Agencies Face CISA Deadline Over Critical Cisco SD-WAN Flaw
US agencies race to meet a CISA deadline after a critical Cisco SD-WAN Flaw exposed federal networks to long-term intrusion and forced security action.
AI, Exploits, Global Security News
Google fixed two new actively exploited flaws in the Chrome browser
Google addressed two high-severity vulnerabilities in the Chrome browser that have been exploited in attacks in the wild. Google has released security updates to address two high-severity vulnerabilities, tracked as CVE-2026-3909 and CVE-2026-3910, in the Chrome browser. The company is aware of attacks in the wild exploiting both flaws. “Google is aware that exploits for…
Global Security News
Face value: What it takes to fool facial recognition
ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he’ll demo it all at RSAC 2026
Global Security News
Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide
AI, Exploits, Global Security News, Network Security
Authorities dismantle SocksEscort proxy network behind millions in fraud
SocksEscort, a residential proxy network used to exploit thousands of compromised home routers worldwide and facilitate large-scale fraud that cost victims millions of dollars, has been disrupted in an international law enforcement operation led by the U.S. Department of Justice. The domain seizure notice Law enforcement agencies seized 34 domains and 23 servers located in…
Global Security News
AI-HealthTech Innovator Humata Health Partners with AccuKnox for Zero Trust CNAPP
Menlo Park, California, USA, 13th March 2026, CyberNewswire
AI, Apps, Cybersecurity, Global Security News
The Future of Custom Software Development in a Security-First World
In this post, I will talk about the future of custom software development in a security-first world. Digital transformation has accelerated at an unprecedented pace over the past decade. Organizations across industries now rely on software platforms to manage operations, deliver customer experiences, and power business innovation. From cloud-native applications and AI-driven systems to connected…
AI, Exploits, Global Security News
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild. The list of vulnerabilities is as follows – CVE-2026-3909 (CVSS score: 8.8) – An out-of-bounds write vulnerability in the Skia 2D graphics library that allows a remote attacker to perform…
AI, Compliance, Data Breaches, Data Security, Endpoint, Global Security News, Network Security, Risk Management
Beyond File Servers: Securing Unstructured Data in the Era of AI
File servers still exist for legacy storage and governance, but most modern workflows now happen in collaboration tools, code platforms, chats, and AI systems. File servers remain, but they are no longer central to operations. They still appear important on paper: legacy project shares with strict permissions, legal drives with structured folders, and network areas…
AI, Global Security News, Network Security, Risk Management
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
I used to think hybrid incidents would get easier once we standardized on “one tool”: one monitoring platform, one ticketing system, one on-call process. After a few real outages, I changed my mind. Hybrid response fails at the seams between ownership models: on-prem teams, cloud teams, security, vendors. Each group can be correct inside its…
AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
Microsoft has warned enterprises that cybercriminal group Storm-2561 is hijacking search engine results to serve trojanized VPN clients, stealing corporate credentials, and then covering its tracks before victims suspect anything is wrong. The group pushes spoofed websites to the top of results for queries such as “Pulse VPN download” or “Pulse Secure client,” redirecting users…
AI, Global Security News, Risk Management
BioCatch DeviceIQ helps banks spot risky devices before login
BioCatch has announced the launch of DeviceIQ, a comprehensive new device identification and intelligence product that transforms how financial institutions evaluate the trustworthiness of devices used for digital banking. Traditional device identification has grown increasingly unreliable. Criminals utilize sophisticated evasion techniques (emulators, device spoofing, cloaked browsers, jailbroken devices, and data-wiping) to commit fraud repeatedly from…
AI, Cybersecurity, Exploits, Global Security News
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel’s AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees. The nine confused deputy vulnerabilities have been collectively codenamed CrackArmor by the Qualys Threat Research Unit (TRU). The
AI, Data Breaches, Global Security News
Starbucks discloses data breach affecting hundreds of employees
Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts. […]
AI, Apps, Global Security News, Russia
A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because the accompanying credential stealing web page was dynamically constructed using React and used a legitimate e-mail service for credential collection. But before…
AI, Global Security News, Network Security
Red Access firewall-native SSE adds GenAI security and browser protection to existing firewalls
Red Access has announced firewall-native SSE, an agentless cloud layer that instantly upgrades any existing firewall with Security Service Edge (SSE), GenAI security, and browser-agnostic protection. Deployed directly on top of existing architecture, the firewall-native SSE eliminates the need for rip-and-replace projects, accelerating deployment while reducing operational overhead without compromising user experience. “Secure enterprise browsing…
AI, Apps, Global Security News, Government & Policy, Risk Management, Russia
How AI is changing your mind
Humanity is diving headlong into a global experiment. More than 1 billion people have a new and unprecedented source of information and cognitive guidance: artificial intelligence (AI) trained on trillions of words. So, how exactly are AI chatbots affecting our minds, thoughts, beliefs and opinions? Scientists are scrambling to find out — and reports that…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
The cyber perimeter was never dead. We just abandoned it.
Industry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it. The FBI’s Winter SHIELD effort is the operational side of…
Exploits, Global Security News
Google fixes two new Chrome zero-days exploited in attacks
Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks. […]
AI, Apps, Global Security News
AI coding agents keep repeating decade-old security mistakes
Coding agents are now writing production features on real development teams, and a new report from DryRun Security shows that those agents introduce security vulnerabilities at a high rate across nearly every type of application they build. “AI coding agents can produce working software at incredible speed, but security isn’t part of their default thinking,”…
AI, Global Security News
Passwords, MFA, and why neither is enough
Passwords weren’t enough, so we added MFA. Now MFA isn’t enough either. In this Help Net Security video, Karlo Zatylny, CTO/CISO at Portnox, walks through why each layer of identity security has failed and what comes next. SMS codes can be intercepted through SIM swapping. Authenticator apps are vulnerable to replay attacks and push bombing.…
AI, Global Security News, malware
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. “SocksEscort infected home and small business internet routers with malware,” the U.S. Department of Justice (DoJ) said. “The malware allowed SocksEscort to direct internet
GeekGuyBlog
Delinea’s StrongDM Acquisition Highlights the Changing Role of PAM
Discover how Delinea’s acquisition of StrongDM is reshaping Privileged Access Management and enhancing security in cloud environments.
GeekGuyBlog
Commercial Spyware Policy Shifts: What It Means for Privacy and Security
Explore the implications of the Biden administration’s shift on commercial spyware and its impact on privacy and security in today’s digital landscape.
GeekGuyBlog
Iran’s MOIS Collaborates with Cybercriminals to Amplify Cyberattacks
Discover how Iran’s intelligence agency is teaming up with cybercriminals, escalating global cyber threats and reshaping the landscape of cyberattacks.
AI, Global Security News
New infosec products of the week: March 13, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Binary Defense, Mend.io, OPSWAT, Singulr AI, SOC Prime, Terra Security, and Vicarius. Singulr AI’s Agent Pulse delivers enforceable runtime governance and visibility for AI agents Singulr AI has announced the launch of Agent Pulse, extending its Unified AI Control Plane…
AI, Exploits, Global Security News
Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution
Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if successfully exploited, could result in remote code execution. The vulnerabilities are as follows – CVE-2026-21666 (CVSS score: 9.9) – A vulnerability that allows an authenticated domain user to perform remote code execution on the Backup Server. CVE-2026-21667…
AI, Global Security News
The Pentagon Dealmaker Who Has Become Anthropic’s Nemesis
Emil Michael, a veteran of controversies at Uber, is the Trump administration’s point person in the fight over military use of AI.
AI, Apps, Global Security News
China’s ByteDance Gets Access to Top Nvidia AI Chips
TikTok’s parent company has global ambitions to compete with companies such as Google and OpenAI by offering a range of AI applications for everyday users.
Global Security News
ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848, (Fri, Mar 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Endpoint, Europe, Global Security News, privacy, Risk Management
Building Trust in AI SOC Analyst Solutions: A UK and EU CISO Perspective
By Brett Candon, VP International at Dropzone AI Trust has always been critical in security operations, but in the UK and Europe it carries significant regulatory weight. GDPR, NIS2 and similar related data‑protection frameworks shape far more than legal risk, they directly influence architectural decisions, supplier selection, and how security data can be accessed, processed…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Telus Digital hit with massive data breach
Telus Digital, which provides business process outsourcing (BPO) services to a range of organizations worldwide, has been hit with a massive cyberattack conducted by extortion group ShinyHunters The group, which has been in operation since 2020, specializes in stealing data from Salesforce and other SaaS vendors, and has also recently been conducting voice phishing (vishing)…
Global Security News
March Patch Tuesday visits 15 product families
Eight Critical-severity bugs – none in Windows – appear in 84-CVE haul Categories: Threat Research Tags: Patch Tuesday, x-ops, Microsoft, Windows, detection
AI, Global Security News
Initial access techniques used by Iran-based threat actors
Analysis of attacks originating from Iran-linked threat groups reveals a preference for certain techniques Categories: Threat Research Tags: Iran, initial access
AI, Global Security News
Canadian retail giant Loblaw notifies customers of data breach
Still, out of an abundance of caution, Loblaw says it has automatically logged out all customers from their accounts. Account holders who need to access the company’s digital services will have to log in again. […]
Global Security News
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they’re working with actual cybercriminal groups.
AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Politics, Russia
Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict
A cyberattack that an Iranian hacking group said it carried out against medical device manufacturer Stryker might mark Tehran’s first significant cyber action since the start of the joint U.S.-Israel conflict. But even that may have been a happy accident for Iranian hackers in what has been a low buzz of activity during that timeframe,…
AI, Data Breaches, Global Security News
England Hockey investigating ransomware data breach
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. […]
Global Security News
Commercial Spyware Opponents Fear US Policy Shifting
Rescinded sanctions and reactivated contracts have created confusion about the Trump administration’s spyware policy and where it draws the line.
AI, Global Security News, malware
AI-generated Slopoly malware used in Interlock ransomware attack
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack. […]
Europe, Global Security News, Network Security
Feds Takes Down SocksEscort Proxy Network Used in Global Fraud Schemes
European and US agencies dismantled the SocksEscort proxy network built on infected routers and used by cybercriminals in global fraud schemes.
AI, Apps, Cybersecurity, Global Security News, malware
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
A major cyberattack on US medical supplies giant Stryker has resulted in thousands of devices being remotely wiped, after a pro-Iranian hacking group may have compromised the company’s Microsoft Intune management system. Details remain sketchy, but what appears to have happened on Wednesday at one of the world’s largest medical supplies companies could, if confirmed,…
AI, Exploits, Global Security News
Fraudsters are using public planning records to target permit applicants
If you’re in the middle of applying for a planning or zoning permit, there is some unwelcome news: cyber-criminals have found a way to exploit the bureaucratic tedium of the process against you. Read more in my article on the Fortra blog.
AI, Apps, Compliance, Data Breaches, Data Security, Global Security News, Network Security, privacy, Risk Management
AI Agent Safety Checklist
As organizations rapidly adopt AI agents to automate workflows, summarize data, and assist decision-making, security and governance teams face a new challenge: how to deploy AI safely without introducing unmanaged risk. Unlike traditional SaaS tools, AI agents can interpret, generate, and act on data dynamically — often across multiple systems. That makes oversight, scope control,…
AI, Global Security News, Risk Management
Apple says its upcoming 50th birthday treat is you
So soon after Apple’s big product launches last week, Apple CEO Tim Cook shared a letter to mark the upcoming 50th anniversary since the founding of Apple on April 1, 1976. It is strange to see Apple grapple with the concept of an anniversary. It isn’t usually a company that does this, as it tends to focus on…
AI, Cybersecurity, Global Security News, malware
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem. The malware, which is designed to infect Windows systems and was first discovered last month, has been codenamed VENON by Brazilian