TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
A high‑severity zero‑day (CVE‑2026‑3502) in TrueConf’s video‑conferencing client was exploited in the wild, allowing attackers to replace legitimate updates with malicious code. The flaw, rated 7.8 CVSS, enables arbitrary code execution via DLL side‑loading and was used in the TrueChaos campaign targeting Southeast Asian government networks. TrueConf released a patch in version 8.5.3 in March 2026, but the attacks had already deployed the open‑source Havoc C2 framework. Check Point attributes the operation, with Chinese‑linked tactics, to a threat actor of moderate confidence.
Rethinking Vulnerability Management Strategies for Mid-Market Security
Mid‑market security teams are confronting a widening gap between the surge in disclosed vulnerabilities—rising from roughly 30,000 to 50,000 CVEs annually—and their ability to remediate them quickly. Chris Wallis, founder of Intruder, argues that counting CVEs is insufficient; the real...
AI and Quantum Are Forcing a Rethink of Digital Trust
Enterprises are confronting a seismic shift in digital trust as AI agents multiply, pushing machine‑to‑human identity ratios from 100:1 toward 1,000:1. At the same time, digital certificates are being issued with ever‑shorter lifespans, complicating lifecycle management and increasing the risk...
Linx Security Raises $50M Series B as Identity Becomes Security’s Biggest Failure Point
Linx Security announced a $50 million Series B round led by Insight Partners, bringing its total capital to $83 million. The New York‑based startup offers an AI‑native identity governance platform that continuously maps, monitors and automates control of human, machine and AI‑agent identities. With...
How to Handle Unexpected Calls About Unclaimed Funds
Scammers are increasingly posing as government agencies to lure victims with promises of unclaimed funds, often citing specific amounts and urgent deadlines. They use phishing tactics such as fake texts, phone calls, and requests for upfront processing fees. Legitimate unclaimed...
Iran Conflict Highlights Cyberthreat Exposure of U.S. Facilities
State‑backed actors tied to the Iran conflict are exploiting insecure smart‑building and operational‑technology systems, as highlighted in WiredScore’s 2026 resiliency report. The report notes that retrofitted legacy assets and internet‑connected IoT devices dramatically expand the cyber‑physical attack surface for commercial...
Securing Cloud Infrastructure for AI
The brief warns that AI workloads running in cloud environments create novel attack surfaces that existing vulnerability‑management frameworks cannot adequately protect. Nation‑state actors are accelerating discovery and exploitation cycles, while public resources like the National Vulnerability Database are overwhelmed by...
Axios Software Tool Used by Millions Compromised in Hack
Axios, a widely used NPM client for HTTP requests, was compromised after a hacker breached a maintainer's GitHub account and published malicious versions. The package, downloaded roughly 80 million times weekly, could deliver payloads to Windows, macOS and Linux machines. By...
Siemens Adds Viakoo Platform for OT and IoT Security
Siemens Smart Infrastructure has signed an agreement with Viakoo to integrate the Viakoo Action Platform into its service portfolio. The cloud‑based solution provides automated firmware updates, certificate management, password enforcement, and compliance tracking for OT and IoT device fleets. By...
CrewAI Vulnerabilities Expose Devices to Hacking
Open‑source AI orchestration framework CrewAI disclosed four interrelated vulnerabilities. The flaws—CVE‑2026‑2275, ‑2285, ‑2286, and ‑2287—stem from the Code Interpreter tool’s fallback to an insecure sandbox and improper configuration checks. Exploited together, they enable remote code execution, SSRF, and arbitrary file...
Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations
Iran has resurrected the state‑backed Pay2Key ransomware operation, enlisting Russian cybercriminal affiliates to target high‑impact U.S. and Israeli entities. The campaign employs “pseudo‑ransomware,” encrypting data while delivering destructive wiper payloads to obscure motives. Affiliate rewards have been boosted to 80%...
New Bitdefender Assessment Helps Organizations Identify and Eliminate Hidden Internal Attack Paths
Bitdefender launched a complimentary Internal Attack Surface Assessment to help enterprises pinpoint hidden internal cyber risks tied to excessive user access and shadow IT. The service leverages the GravityZone PHASR platform to deliver data‑driven visibility down to the individual user...
ChatGPT Security Issue Enabled Data Theft via Single Prompt
Security researchers at Check Point uncovered a vulnerability in ChatGPT that allows a single crafted prompt to create a covert data‑exfiltration channel. The flaw leveraged a hidden DNS side‑channel from the model's isolated container, enabling both data leakage and remote...
Download: 2026 SANS Identity Threats & Defenses Survey
The 2026 SANS Identity Threats & Defenses Survey reveals that 55% of organizations suffered an identity‑related breach in the past year. MFA fatigue contributed to 26% of those attacks, indicating user weariness with multi‑factor prompts. The report details how threat...
Companies House ‘Developing a Case for Upgrade Investments’ After Five-Month Data-Security Breach
Companies House disclosed a five‑month data‑security flaw that let any user potentially edit another company’s details by pressing the back button four times. The defect, traced to an October software update, prompted a temporary shutdown of the WebFiling service and...
Board Briefing: Data at Risk: What Boards Are Missing on Cyber, AI & Regulation
Corporate Board Member Network is hosting a one‑hour virtual briefing on April 23, 2026, titled “Data at Risk: What Boards Are Missing on Cyber, AI & Regulation.” The session features privacy‑law expert Kwabena Appenteng, who will explain where companies are...
EnSilica Joins UK CHERI Adoption Collective to Accelerate Secure-by-Design Silicon
EnSilica has been selected to join the newly formed CHERI Adoption Collective, a UK‑government‑backed initiative aimed at embedding hardware‑level memory safety into critical systems. The collective brings together infrastructure operators such as BT, National Grid and SSE, along with semiconductor...
Emerging Innovator Naveen Reddy Burramukku Recognized for Pioneering
Naveen Reddy Burramukku, a systems and network architect, has been highlighted as an emerging innovator in secure infrastructure engineering. His scholarly work spans virtualization protection, identity governance, disaster recovery, and hybrid cloud security, introducing methods that boost resilience and reduce...
Cato Networks Unveils Modular Adoption Model for SASE Platform
Cato Networks announced a modular adoption model for its core SASE platform, allowing enterprises to select and add capabilities such as AI security, SD‑WAN, SSE and universal ZTNA on demand. The solution runs on the GPU‑powered Cato Neural Edge, a...
Guidance: Industry Security Notice (ISN)
The UK Ministry of Defence’s Industry Security Notices (ISNs) continue to evolve, with the latest revision on 31 March 2026 adding Defence Cyber Certification (DCC) guidance under DEFCON 658 and clarifying the cyber‑security model scope. Over the past six years the ISNs have...
This App Makes Even the Sketchiest PDF or Word Doc Safe to Open
Dangerzone is a free, open‑source tool that sanitizes PDFs, Word, Excel, PowerPoint, OpenOffice, EPUB and image files by sandboxing them and converting each page to an image‑only PDF. The process runs in a container or virtual machine with no internet...
Fewer CVEs in Your Camunda 8 Containers with Hardened Base Images
Camunda announced that its Camunda 8 self‑managed containers now use hardened Minimus base images, eliminating 354 known CVEs from the base layer. The transition covers Node, OpenJDK, OpenJRE and PHP images and includes a build‑time option for Zeebe’s container. Ongoing...
7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown
From March 2025 to March 2026 ransomware groups posted 7,655 victim claims on public leak sites, averaging about 20 claims per day. The five most active groups—Qilin, Akira, INC Ransom, Play and Safepay—account for 40% of all claims, with Qilin alone responsible...
Employee Data Breaches Surge to Seven-Year High
Employee data breach reports to the UK Information Commissioner’s Office reached 3,872 incidents in 2025, the highest level in at least seven years. That marks a 5% rise from the previous year and a 29% increase versus 2019, when reporting...
Change Intelligence and Deployment Connectors for Liquibase Secure
Liquibase Secure announced two new capabilities—Change Intelligence and Deployment Connectors for ServiceNow, GitHub, Harness, and Terraform. Change Intelligence aggregates change data, applies AI‑driven risk analysis, and automatically captures audit evidence in a single view. Deployment Connectors embed governed database change...
KYND Warns Insurers of Surge in US Website Privacy Lawsuits
Cyber‑risk firm KYND warns insurers that U.S. privacy lawsuits tied to routine website tracking have surged from a few hundred to over 2,000 cases annually. The claims focus on marketing pixels and analytics tools rather than data breaches and can...
Let’s Stop Sovereignty Washing
The article warns that cloud providers are marketing “sovereignty” while delivering only data residency, creating a gap between promises and technical reality. It explains that U.S. laws such as the CLOUD Act can compel access to data stored in Europe,...
Hacker Charged with Stealing $53 Million From Uranium Crypto Exchange
U.S. prosecutors have charged Maryland resident Jonathan Spalletta with stealing more than $53 million from the decentralized Uranium Finance exchange through two separate smart‑contract exploits in April 2021. The attacks drained liquidity pools, forced the platform to shut down, and the...
Huawei Secure SD-WAN Full SASE Solution: Secure, Intelligent Connectivity for Modern Enterprises
Huawei has launched its Secure SD‑WAN Full SASE solution, a unified platform that blends networking, security and AI‑driven management for enterprise connectivity. The solution dynamically routes traffic over MPLS, broadband, LTE or 5G while encrypting tunnels and providing integrated firewall,...
The External Pressures Redefining Cybersecurity Risk
External pressures are reshaping cybersecurity risk, with third‑party breaches now accounting for over 35% of incidents. Geopolitical conflicts are spilling battle‑tested tactics into operational technology (OT) and IoT environments, raising safety and continuity stakes. Generative AI accelerates attacker capabilities while...
California Gets Serious About Regulation (Again)
Effective Jan 1 2026, California expanded its CCPA/CPRA into a unified governance framework that blends privacy, cybersecurity, and AI regulations. The new rules mandate formal risk assessments for high‑risk processing, regulate automated decision‑making technologies, and require independent cybersecurity audits. Obligations roll out...
This Month in Security with Tony Anscombe – March 2026 Edition
In March 2026, ESET’s chief security evangelist Tony Anscombe highlighted four major cyber incidents. A hack claimed by Iran‑linked Handala crippled med‑tech giant Stryker, wiping over 200,000 devices and exfiltrating 50 TB of data. Google’s Threat Intelligence Group reported that 77 %...
Here's a Thing - What if Shadow AI Is Actually Telling Us Something Useful?
Enterprises are confronting a surge of shadow AI—unauthorized, employee‑driven use of large language models and autonomous agents. As governance lags, these tools make decisions and act independently, amplifying risk beyond traditional shadow IT. Experts argue that treating employees as AI...
Razorpay Introduces RBI-Compliant Biometric Authentication Solution ‘Passkey’
Razorpay has launched “Passkey,” an RBI‑compliant biometric authentication solution for online card payments, developed with Mastercard and slated to integrate Visa soon. The technology leverages device‑bound fingerprints or facial scans, removing the need for one‑time passwords that cause roughly 35%...
UK Seeks Views on Reshaping Cyber Laws for Downstream Gas and Electricity
The UK government, together with regulator Ofgem, has launched a consultation on revising cyber‑resilience rules for downstream gas and electricity licensees. The proposal would impose baseline cyber security requirements on all Ofgem‑licensed operators, while applying stricter standards to the most...
STV Group and Post-Quantum Successfully Trial World’s First Quantum-Resilient Drones
STV Group and UK‑based Post‑Quantum announced the successful trial of the world’s first quantum‑resilient drones, demonstrating secure, future‑proof communications between unmanned aircraft and operators. The tests, conducted in operational environments linked to Ukraine and other allied theatres, proved the drones...
What Makes Browser Hijacking a Silent Threat?
Browser hijacking, where attackers covertly alter browser settings or install malicious extensions, is emerging as a silent threat to enterprises. Researchers have identified 33 rogue extensions affecting over 2.6 million users, and Microsoft reported a 111 % surge in token‑replay attacks in...
World Backup Day 2026: A Telecom B2B Guide to Data Protection in the AI Age
World Backup Day on March 31 highlights telecoms’ need for robust data protection amid AI‑driven growth. AI adoption has surged, with 77% of telecom executives citing operational benefits and 61% using AI for analytics, but it also inflates data volumes and...
Axios Compromised on NPM – Malicious Versions Drop Remote Access Trojan
On March 30‑31 2026, attackers compromised the npm maintainer account for the popular HTTP client library axios and published two malicious releases, axios@1.14.1 and axios@0.30.4. Both versions added a fake dependency, plain‑crypto‑js@4.2.1, which runs a post‑install script that drops a...
How We Eliminated Long-Lived CI Secrets Across 70+ Repos
Pulumi eliminated long‑lived CI secrets across more than 70 repositories by swapping static GitHub secrets for short‑lived, OIDC‑driven credentials via Pulumi ESC. The new flow exchanges a GitHub‑issued JWT for a Pulumi access token, which then opens an ESC environment...
Kernel Observability for Data Movement
Modern security stacks rely on user‑space logs, leaving a blind spot at the operating system layer where data actually moves. Kernel‑mediated events—file reads, network writes, process creation—provide a complete, immutable record of every data flow, yet most tools never tap...
Popular AI Gateway Startup LiteLLM Ditches Controversial Startup Delve
LiteLLM, a widely used AI gateway for developers, announced it is ending its partnership with compliance startup Delve and will pursue new certifications through Vanta and an independent auditor. The move follows a credential‑stealing malware breach that exposed weaknesses in...
UN Norms: Tackling the Rise of Cyber Capabilities
The UN Open‑Ended Working Group (OEWG) wrapped up its 2025 cycle, reaffirming the 2015 GGE’s eleven cyber norms but delivering few fresh agreements. A new permanent Global Mechanism has been created to keep multilateral dialogue on state behaviour in cyberspace...
Hybrid Vishing Campaigns Abuse Online Services to Evade Anti-Spam Filters
Hybrid vishing attacks now combine phishing emails with voice scams by abusing trusted SaaS platforms such as Google Calendar, Microsoft Teams, Zoom, and Squarespace to deliver authenticated invitations that prompt victims to call fraudulent numbers. By leveraging SPF, DKIM, and...
Hackers Hit Patel Email While Cyber Defenses Weakened by Shutdown
The Cybersecurity and Infrastructure Security Agency (CISA) is operating with roughly 60% of its workforce furloughed amid a partial DHS shutdown, forcing the agency to shift from proactive threat hunting to merely reacting to imminent attacks. Within days, Iranian-linked hackers...
OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens
BeyondTrust Phantom Labs uncovered a critical command‑injection flaw in OpenAI's Codex that leveraged hidden Unicode characters in GitHub branch names to steal OAuth tokens. The vulnerability affected the ChatGPT web interface, Codex SDK, and several developer extensions, exposing full repository...
New RoadK1ll WebSocket Implant Used to Pivot on Breached Networks
Security firm Blackpoint uncovered a new Node.js WebSocket implant called RoadK1ll, which enables attackers to pivot from a compromised host to internal systems via outbound tunnels. The lightweight reverse‑tunneling tool establishes a persistent WebSocket connection to attacker infrastructure, allowing multiple...
Enhancing Security Operations Builds on Zero Trust: Strengthening National Security Through Deception
The Pentagon is moving zero‑trust from policy to full‑scale execution, establishing maturity goals across the department. Recognizing that breaches are inevitable, defense leaders are adding cyber deception to actively engage attackers and gather intelligence. AI‑driven deception platforms now automate decoy...
APRA Pulls Data Submission System After Security Pentest
The Australian Prudential Regulation Authority (APRA) decommissioned its legacy Direct To APRA (D2A) data‑submission system after a routine penetration test on March 19 uncovered unnamed vulnerabilities. The regulator took the system offline on March 20 and urged all banks, insurers and superannuation funds to...
Why Identity-Led Security Services Matter Now for MSPs
Identity-led security is becoming a growth engine for managed service providers as 60 % of breaches now involve compromised identities. MSPs that layer modern IAM—phishing‑resistant MFA, passwordless login, and continuous risk assessment—onto existing services can differentiate themselves and command higher margins....
