Cyber Daily News

Cyber Daily News for April 10, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Malicious PDF reveals active Adobe Reader zero-day in the wild https://securityaffairs.com/190558/hacking/malicious-pdf-reveals-active-adobe-reader-zero-day-in-the-wild.html - Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 https://www.securityweek.com/chrome-147-patches-60-vulnerabilities-including-two-critical-flaws-worth-86000/ - EngageLab SDK flaw opens door to private data on 50M Android devices https://securityaffairs.com/190586/hacking/engagelab-sdk-flaw-opens-door-to-private-data-on-50m-android-devices.html - Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find https://thecyberexpress.com/totalrecall-windows-recall-security-gap/ - Bitcoin Depot Reports $3.6m Crypto Theft After System Breach https://www.infosecurity-magazine.com/news/bitcoin-depot-dollar36m-crypto/ - Critical Marimo Flaw Exploited Hours After Public Disclosure https://www.securityweek.com/critical-marimo-flaw-exploited-hours-after-public-disclosure/ - Not a Signal Flaw: iPhone Notifications Became a Backdoor for Deleted Messages https://thecyberexpress.com/not-a-signal-flaw-iphone-notifications/ - Google Rolls Out Cookie Theft Protections in Chrome https://www.securityweek.com/google-rolls-out-cookie-theft-protections-in-chrome/

Cyber Daily News for April 9, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Alleged Breach of China's National Supercomputing Center — 10+ PB of Military Data Stolen https://securityaffairs.com/190536/hacking/the-alleged-breach-of-chinas-national-supercomputing-center-can-have-serious-geopolitical-consequences.html - Adobe Reader Zero-Day Exploited for Months: Researcher https://www.securityweek.com/adobe-reader-zero-day-exploited-for-months-researcher/ - Russia-linked APT28 Deploys PRISMEX Malware Against Ukraine and Allied Infrastructure https://securityaffairs.com/190510/apt/russia-linked-apt28-uses-prismex-to-infiltrate-ukraine-and-allied-infrastructure-with-advanced-tactics.html - CISA Adds Critical Ivanti EPMM Flaw to Known Exploited Vulnerabilities Catalog https://securityaffairs.com/190519/security/u-s-cisa-adds-a-flaw-in-ivanti-epmm-to-its-known-exploited-vulnerabilities-catalog-2.html - Signature Healthcare Cyberattack Diverts Ambulances, Cancels Chemotherapy https://thecyberexpress.com/signature-healthcare-cyberattack/ - Google Warns of New Threat Group UNC6783 Targeting BPOs and Helpdesks https://www.securityweek.com/google-warns-of-new-campaign-targeting-bpos-to-steal-corporate-data/ - ClickFix macOS Attack Shifts to Script Editor to Bypass Security Controls https://thecyberexpress.com/clickfix-style-macos-attack/ - AI Agents Drive 76% Surge in Non-Human Identities, Exposing Governance Gaps https://www.infosecurity-magazine.com/news/governance-gaps-agents-76-increase/

Cyber Daily News for April 8, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - US Thwarts DNS Hijacking Network Controlled by Russian APT28 Hackers https://www.infosecurity-magazine.com/news/us-thwarts-dns-hijacking-network/ - Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks https://www.securityweek.com/iran-linked-hackers-disrupt-us-critical-infrastructure-via-plc-attacks/ - Gov. Tim Walz Deploys National Guard After Winona Cyberattack Disrupts Services https://thecyberexpress.com/winona-county-cyberattack-update/ - Critical Flowise RCE Vulnerability Actively Exploited, Thousands of Systems at Risk https://thecyberexpress.com/flowise-rce-vulnerability-cve-2025-59528/ - Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa https://securityaffairs.com/190440/cyber-crime/fast-moving-storm-1175-uses-new-exploits-to-breach-networks-and-drop-medusa.html - GPU Rowhammer Attack Enables Privilege Escalation and Full System Compromise https://www.infosecurity-magazine.com/news/gpu-based-rowhammer-attack/ - Researchers Find a Zero-Day Attack Targeting Adobe Reader Users https://thecyberexpress.com/zero-day-fingerprinting-attack-on-adobe-reader/ - Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years https://www.infosecurity-magazine.com/news/claude-apache-activemq-bug-hidden/

Cyber Daily News for April 7, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Fortinet Releases Emergency Patch After FortiClient EMS Zero-Day Exploited in the Wild https://www.infosecurity-magazine.com/news/fortinet-emergency-patch-ems-bug/ - Researchers Publish Unpatched Windows Zero-Day BlueHammer https://securityaffairs.com/190400/breaking-news/experts-published-unpatched-windows-zero-day-bluehammer.html - Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed https://securityaffairs.com/190384/security/attackers-exploit-rce-flaw-as-14000-f5-big-ip-apm-instances-remain-exposed.html - Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks https://www.infosecurity-magazine.com/news/storm1175-medusa-attacks/ - German Police Unmask REvil Ransomware Leader https://www.securityweek.com/german-police-unmask-revil-ransomware-leader/ - $20 Billion Lost to Cybercrime as AI and Investment Scams Surge: FBI Report https://thecyberexpress.com/fbi-internet-crime-report-2025/ - White House Seeks to Slash CISA Funding by $707 Million https://www.securityweek.com/white-house-seeks-to-slash-cisa-funding-by-707-million/ - Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack https://www.securityweek.com/wynn-resorts-says-21000-employees-affected-by-shinyhunters-hack/

Cyber Daily News for April 6, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Fortinet Rushes Emergency Patches for Actively Exploited Zero-Day (CVE-2026-35616) https://securityaffairs.com/190392/hacking/cve-2026-35616-fortinet-fixes-actively-exploited-high-severity-flaw.html - North Korea Drains $285M from Drift Protocol in 12 Minutes After 6-Month Infiltration https://thecyberexpress.com/drift-protocol-draining-285m-in-12-mins/ - European Commission Hit by 91GB Data Leak via Compromised Trivy Security Tool https://thecyberexpress.com/european-commission-cloud-breach/ - North Korea-Linked Actors Compromise Axios NPM Package in Supply Chain Attack https://securityaffairs.com/190379/malware/security-affairs-malware-newsletter-round-91.html - Cyberattack Disrupts Massachusetts Emergency Dispatch Systems https://thecyberexpress.com/massachusetts-emergency-cyberattack/ - Education Authority Cyberattack Disrupts Schools Across Northern Ireland https://thecyberexpress.com/education-authority-cyberattack-ni-schools/ - FCC Moves to Fine Voxbeam $4.5 Million in Robocall Enforcement Case https://thecyberexpress.com/voxbeam-robocall-case-fcc-fines-firm/ - New Malware Threats: Infiniti Stealer Targets macOS, RoadK1ll Implant Uses WebSockets https://securityaffairs.com/190379/malware/security-affairs-malware-newsletter-round-91.html

Cyber Daily News for April 5, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - North Korea-Linked Hackers Drain $285M from Drift in Sophisticated Attack https://securityaffairs.com/190330/hacking/north-korea-linked-hackers-drain-285m-from-drift-in-sophisticated-attack.html - European Commission Breach Exposed Data of 30 EU Entities https://securityaffairs.com/190333/security/european-commission-breach-exposed-data-of-30-eu-entities-cert-eu-says.html - CISA Adds TrueConf Client Flaw CVE-2026-3502 to Known Exploited Vulnerabilities Catalog https://securityaffairs.com/190341/security/u-s-cisa-adds-a-flaw-in-trueconf-client-to-its-known-exploited-vulnerabilities-catalog.html - Qilin Ransomware Group Claims Hack of German Political Party Die Linke https://securityaffairs.com/190348/cyber-crime/qilin-ransomware-group-claims-the-hack-of-german-political-party-die-linke.html - Hasbro Hit by Cyberattack, Investigates Possible Data Breach https://securityaffairs.com/190306/data-breach/hasbro-hit-by-cyberattack-investigates-possible-data-breach.html - CrystalX RAT: New MaaS Malware Combines Spyware, Stealer, and Remote Access https://securityaffairs.com/190310/cyber-crime/crystalx-rat-new-maas-malware-combines-spyware-stealer-and-remote-access.html - Pro-Iran Handala Group Breached Israeli Defence Contractor PSK Wind Technologies https://securityaffairs.com/190319/data-breach/pro-iran-handala-group-breached-israeli-defence-contractor-psk-wind-technologies.html - Obfuscated .cmd Malware Delivered via Email Escalates Privileges and Evades Detection https://securityaffairs.com/190358/hacking/image-or-malware-read-until-the-end-and-answer-in-comments.html

Cyber Daily News for April 4, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - European Commission Breach Exposes 300GB of Data from 30 EU Entities https://www.securityweek.com/european-commission-confirms-data-breach-linked-to-trivy-supply-chain-attack/ - North Korea-Linked Hackers Drain $285M from Drift Protocol https://securityaffairs.com/190330/hacking/north-korea-linked-hackers-drain-285m-from-drift-in-sophisticated-attack.html - TrueConf Zero-Day Exploited in Asian Government Attacks https://www.securityweek.com/trueconf-zero-day-exploited-in-asian-government-attacks/ - Critical ShareFile Flaws Lead to Unauthenticated RCE https://www.securityweek.com/critical-sharefile-flaws-lead-to-unauthenticated-rce/ - CrystalX RAT: New MaaS Malware Combines Spyware, Stealer, and Remote Access https://securityaffairs.com/190310/cyber-crime/crystalx-rat-new-maas-malware-combines-spyware-stealer-and-remote-access.html - ChatGPT Data Leak Exposes User Information https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/ - New Android Rootkit Discovered Targeting Mobile Users https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/ - Water Treatment Facility Hit by Ransomware Attack https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/

Cyber Daily News for April 3, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - North Korean Hackers Drain $285 Million From Drift in 10 Seconds https://www.securityweek.com/north-korean-hackers-drain-285-million-from-drift-in-10-seconds/ - React2Shell Exploited in Large-Scale Credential Harvesting Campaign https://www.securityweek.com/react2shell-exploited-in-large-scale-credential-harvesting-campaign/ - Researchers Observe Sub-One-Hour Ransomware Attacks https://www.infosecurity-magazine.com/news/researchers-subonehour-ransomware/ - Cisco Patches Critical and High-Severity Vulnerabilities https://securityaffairs.com/190295/security/cisco-fixed-critical-and-high-severity-flaws.html - Apple Expands iOS 18 Security Updates Amid DarkSword Threat https://www.infosecurity-magazine.com/news/apple-ios-18-updates-darksword/ - Critical Vulnerability in Claude Code Emerges Days After Source Leak https://www.securityweek.com/critical-vulnerability-in-claude-code-emerges-days-after-source-leak/ - Hasbro Hit by Cyberattack, Investigates Possible Data Breach https://securityaffairs.com/190306/security/hasbro-hit-by-cyberattack-investigates-possible-data-breach.html - T-Mobile Sets the Record Straight on Latest Data Breach Filing https://www.securityweek.com/t-mobile-sets-the-record-straight-on-latest-data-breach-filing/

Cyber Daily News for April 2, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Google fixes fourth actively exploited Chrome zero-day of 2026 https://securityaffairs.com/190265/hacking/google-fixes-fourth-actively-exploited-chrome-zero-day-of-2026.html - Mercor Hit by LiteLLM Supply Chain Attack https://www.securityweek.com/mercor-hit-by-litellm-supply-chain-attack/ - Google links Axios npm supply chain attack to North Korea-linked APT UNC1069 https://securityaffairs.com/190256/security/google-links-axios-npm-supply-chain-attack-to-north-korea-linked-apt-unc1069.html - Toy Giant Hasbro Hit by Cyberattack https://www.securityweek.com/toy-giant-hasbro-hit-by-cyberattack/ - Italian spyware vendor creates Fake WhatsApp app, targeting 200 users https://securityaffairs.com/190276/malware/italian-spyware-vendor-creates-fake-whatsapp-app-targeting-200-users.html - FBI Warns of AVrecon Malware Targeting Network Devices Across 163 Countries https://thecyberexpress.com/fbi-warns-of-avrecon-malware/ - Most CNI Firms Face Up to £5m in Downtime from OT Attacks https://www.infosecurity-magazine.com/news/most-cni-firms-5m-downtime-ot/ - FBI Warns of Data Security Risks From China-Made Mobile Apps https://www.securityweek.com/fbi-warns-of-data-security-risks-from-china-made-mobile-apps/

Cyber Daily News for April 1, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - North Korea's Lazarus Group Behind Axios npm Supply Chain Attack https://www.securityweek.com/axios-npm-package-breached-in-north-korean-supply-chain-attack/ - AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM https://thecyberexpress.com/mercor-cyberattack/ - Iran-Linked Hackers Breach FBI Director Kash Patel's Personal Email https://thecyberexpress.com/what-kash-patel-email-hack-is-really-about/ - Anthropic Accidentally Leaks Claude Code Source via npm https://securityaffairs.com/190229/data-breach/anthropic-accidentally-leaks-claude-code.html - ChatGPT Security Issue Enabled Data Theft via Single Prompt https://www.infosecurity-magazine.com/news/chatgpt-security-issue-steal-data/ - Nearly Half a Million Lloyds Banking Group Customers Affected by Data Incident https://securityaffairs.com/190213/data-breach/nearly-half-a-million-mobile-customers-of-lloyds-banking-group-affected-by-a-security-incident.html - TeamPCP Moves From Open Source to AWS Environments https://www.securityweek.com/teampcp-moves-from-oss-to-aws-environments/ - CrewAI Vulnerabilities Expose Devices to Hacking via Sandbox Escape https://www.securityweek.com/crewai-vulnerabilities-expose-devices-to-hacking/

Cyber Daily News for March 31, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Axios Supply Chain Attack Exposes Developers to Hidden Malware https://thecyberexpress.com/axios-supply-chain-attack-npm-malware/ - Alleged Unpatched Telegram Zero-Day Allows Device Takeover, but Telegram Denies https://securityaffairs.com/190167/security/its-a-mystery-alleged-unpatched-telegram-zero-day-allows-device-takeover-but-telegram-denies.html - CISA Adds Citrix NetScaler Flaw to Known Exploited Vulnerabilities Catalog https://securityaffairs.com/190197/security/u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog.html - Qilin Ransomware Allegedly Breached Chemical Giant Dow Inc https://securityaffairs.com/190186/cyber-crime/qilin-ransomware-allegedly-breached-chemical-manufacturer-giant-dow-inc.html - Lloyds Data Security Incident Impacts 450,000 Individuals https://www.securityweek.com/lloyds-data-security-incident-impacts-450000-individuals/ - Intesa Sanpaolo Data Breach Exposes 3,500+ Customers, Draws 31.8M Euro Penalty https://thecyberexpress.com/intesa-sanpaolo-data-breach/ - StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs https://www.securityweek.com/strongswan-flaw-allows-unauthenticated-attackers-to-crash-vpns/ - Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise https://www.securityweek.com/critical-vulnerability-in-openai-codex-allowed-github-token-compromise/

Cyber Daily News for March 30, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution https://securityaffairs.com/190158/security/critical-fortinet-forticlient-ems-flaw-exploited-for-remote-code-execution.html - F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild https://www.securityweek.com/f5-big-ip-dos-flaw-upgraded-to-critical-rce-now-exploited-in-the-wild/ - Citrix NetScaler CVE-2026-3055 Actively Probed by Attackers https://securityaffairs.com/190131/hacking/urgent-alert-netscaler-bug-cve-2026-3055-probed-by-attackers-could-leak-sensitive-data.html - European Commission Confirms Cloud Data Breach https://www.infosecurity-magazine.com/news/european-commission-cloud-data/ - FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers https://www.securityweek.com/fbi-confirms-kash-patel-email-hack-as-us-offers-10m-reward-for-hackers/ - Russia-linked APT TA446 uses DarkSword exploit to target iPhone users https://securityaffairs.com/190139/apt/russia-linked-apt-ta446-uses-darksword-exploit-to-target-iphone-users-in-phishing-wave.html - New macOS Infinity Stealer uses Nuitka Python payload and ClickFix https://securityaffairs.com/190147/security/new-macos-infinity-stealer-uses-nuitka-python-payload-and-clickfix.html - Hackers Impersonate Ukrainian CERT to Plant RAT on Government, Hospital Networks https://thecyberexpress.com/hackers-impersonate-cert-ua-agewheeze-rat/

Cyber Daily News for March 29, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - ShinyHunters Claims Massive European Commission Breach https://securityaffairs.com/190095/data-breach/shinyhunters-claims-the-hack-of-the-european-commission.html - Apple Pushes Urgent Lock Screen Warnings to Unpatched iPhones and iPads https://securityaffairs.com/190109/security/apple-issues-urgent-lock-screen-warnings-for-unpatched-iphones-and-ipads.html - Iran-Linked Handala Group Hacked FBI Director Kash Patel's Personal Email https://securityaffairs.com/190088/intelligence/iran-linked-group-handala-hacked-fbi-director-kash-patels-personal-email-account.html - European Commission Confirms Cyberattack on Cloud Infrastructure https://securityaffairs.com/190067/data-breach/the-european-commission-confirmed-a-cyberattack-affecting-part-of-its-cloud-systems.html - New AITM Phishing Campaign Hijacks TikTok Business Accounts https://securityaffairs.com/190058/security/new-aitm-phishing-wave-hijacks-tiktok-business-accounts.html - CISA Adds F5 BIG-IP AMP Flaw to Known Exploited Vulnerabilities Catalog https://securityaffairs.com/190076/uncategorized/u-s-cisa-adds-a-flaw-in-f5-big-ip-amp-to-its-known-exploited-vulnerabilities-catalog.html - CISA and BSI Warn of Critical PTC Windchill and FlexPLM Vulnerability https://securityaffairs.com/190049/security/cisa-and-bsi-warn-orgs-of-critical-ptc-windchill-and-flexplm-flaw.html - CISA Adds Aquasecurity Trivy Flaw to KEV Catalog https://securityaffairs.com/190044/security/u-s-cisa-adds-an-aquasecurity-trivy-flaw-to-its-known-exploited-vulnerabilities-catalog.html

Cyber Daily News for March 28, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Iran-linked Handala Group Claims Hack of FBI Director Kash Patel's Personal Email https://securityaffairs.com/190088/intelligence/iran-linked-group-handala-hacked-fbi-director-kash-patels-personal-email-account.html - European Commission Confirms Cyberattack on Cloud Systems, Data Potentially Stolen https://securityaffairs.com/190067/data-breach/the-european-commission-confirmed-a-cyberattack-affecting-part-of-its-cloud-systems.html - CISA and BSI Warn of Critical CVSS 10.0 Flaw in PTC Windchill — No Patch Available https://securityaffairs.com/190049/security/cisa-and-bsi-warn-orgs-of-critical-ptc-windchill-and-flexplm-flaw.html - CISA Adds Actively Exploited F5 BIG-IP RCE Flaw to KEV Catalog https://securityaffairs.com/190076/uncategorized/u-s-cisa-adds-a-flaw-in-f5-big-ip-amp-to-its-known-exploited-vulnerabilities-catalog.html - Google Warns Quantum Computing Threat to Encryption Could Arrive by 2029 https://www.infosecurity-magazine.com/news/quantum-encryption-q-day-closer/ - Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs https://www.securityweek.com/cloudflare-themed-clickfix-attack-drops-infiniti-stealer-on-macs/ - New AiTM Phishing Wave Hijacks TikTok Business Accounts for Malvertising https://www.infosecurity-magazine.com/news/phishing-targets-tiktok-for/ - TeamPCP Targets Telnyx Package in PyPI Supply Chain Attack https://www.infosecurity-magazine.com/news/teampcp-targets-telnyx-pypi-package/

Cyber Daily News for March 27, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks https://securityaffairs.com/190029/malware/china-linked-red-menshen-apt-deploys-stealthy-bpfdoor-implants-in-telecom-networks.html - U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/190044/security/u-s-cisa-adds-an-aquasecurity-trivy-flaw-to-its-known-exploited-vulnerabilities-catalog.html - U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/190018/security/u-s-cisa-adds-a-langflow-flaw-to-its-known-exploited-vulnerabilities-catalog.html - Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds https://www.infosecurity-magazine.com/news/critical-oracle-weblogic-rce/ - Coruna iOS Exploit Kit Likely an Update to Operation Triangulation https://www.securityweek.com/coruna-ios-exploit-kit-likely-an-update-to-operation-triangulation/ - EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts https://www.infosecurity-magazine.com/news/etherrat-bypass-security-ethereum/ - Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/ - Congress Wants a GPS Tracker on Every Advanced AI Chip America Exports https://thecyberexpress.com/advanced-ai-chip-chip-security-act/

Cyber Daily News for March 26, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Alleged RedLine Malware Administrator Extradited to US https://www.securityweek.com/alleged-redline-malware-administrator-extradited-to-us/ - FCC Bans Foreign-Made Routers Over National Security Concerns https://www.infosecurity-magazine.com/news/us-fcc-bans-foreign-made-routers/ - Three Individuals Charged for Trying to Smuggle 'America-Made' AI Tech Worth $170M https://thecyberexpress.com/charged-for-smuggling-america-made-ai-tech/ - Port of Vigo Hit by Ransomware Attack, Cargo Systems Disrupted https://thecyberexpress.com/port-of-vigo-cyberattack-disrupts-systems/ - Iran-Linked Pay2Key Ransomware Group Re-Emerges https://www.infosecurity-magazine.com/news/iranlinked-pay2key-ransomware/ - Patch now: TP-Link Archer NX Routers Vulnerable to Firmware Takeover https://securityaffairs.com/189980/iot/patch-now-tp-link-archer-nx-routers-vulnerable-to-firmware-takeover.html - Russian authorities arrest alleged LeakBase admin behind stolen data marketplace https://securityaffairs.com/189994/cyber-crime/russian-authorities-arrest-alleged-leakbase-admin-behind-stolen-data-marketplace.html - Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update https://thecyberexpress.com/nodejs-cve-2026-21637/

Cyber Daily News for March 25, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Malicious LiteLLM versions linked to TeamPCP supply chain attack https://securityaffairs.com/189948/hacking/malicious-litellm-versions-linked-to-teampcp-supply-chain-attack.html - Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca https://securityaffairs.com/189936/data-breach/cybercrime-group-lapsus-claims-the-hack-of-pharma-giant-astrazeneca.html - CISA, FBI Warn of Phishing Campaign Targeting Messaging App Users https://thecyberexpress.com/phishing-campaign-targeting-messaging-apps/ - Citrix NetScaler critical flaw could leak data, update now https://securityaffairs.com/189908/security/citrix-netscaler-critical-flaw-could-leak-data-update-now.html - HackerOne Employee Data Exposed in Massive Navia Breach https://www.securityweek.com/hackerone-employee-data-exposed-in-massive-navia-breach/ - New Npm 'Ghost Campaign' Uses Fake Install Logs to Hide Malware https://www.infosecurity-magazine.com/news/npm-ghost-campaign-fake-install/ - Dutch Finance Ministry Investigates Data Breach in Internal Systems https://thecyberexpress.com/ministry-of-finance-cyberattack/ - Head of Russian Cybercrime Group Mario Kart Sentenced for Locking Out Dozens of U.S. Businesses https://thecyberexpress.com/head-of-russian-mario-kart-sentenced/

Cyber Daily News for March 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Oracle Issues Emergency Patch for Critical Flaw Enabling Remote Code Execution https://thecyberexpress.com/oracle-identity-manager-cve-2026-21992-patch/ - Trivy Supply Chain Attack Expands With New Compromised Docker Images https://www.infosecurity-magazine.com/news/trivy-supply-chain-attack-expands/ - M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds https://www.securityweek.com/m-trends-2026-initial-access-handoff-shrinks-from-hours-to-22-seconds/ - North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware https://securityaffairs.com/189880/security/north-korea-linked-threat-actors-abuse-vs-code-auto-run-to-spread-stoatwaffle-malware.html - Russian Initial Access Broker Handed 81-Month Sentence https://www.infosecurity-magazine.com/news/russian-initial-access-broker/ - Handala Group Tied to Iranian Hack-and-Leak Operations, FBI Reveals https://www.infosecurity-magazine.com/news/handala-group-iranian-hack-and/ - Tycoon2FA Phishing Service Resumes Activity Post-Takedown https://www.infosecurity-magazine.com/news/tycoon2fa-phishing-service-resumes/ - Mazda Says Employee, Partner Information Stolen in Cyberattack https://www.securityweek.com/mazda-says-employee-partner-information-stolen-in-cyberattack/

Cyber Daily News for March 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CISA Orders US Government to Patch Maximum Severity Cisco Flaw https://www.infosecurity-magazine.com/news/cisa-orders-us-government-patch/ - Operation Alice Takes Down 373,000+ Dark Web Sites https://www.infosecurity-magazine.com/news/operation-alice-370000-dark-web/ - Iran-Linked Actors Use Telegram as C2 in Malware Attacks on Dissidents https://securityaffairs.com/189820/malware/iran-linked-actors-use-telegram-as-c2-in-malware-attacks-on-dissidents.html - Russia-Linked Actors Target WhatsApp and Signal in Phishing Campaign https://securityaffairs.com/189808/intelligence/russia-linked-actors-target-whatsapp-and-signal-in-phishing-campaign.html - Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability https://www.securityweek.com/oracle-releases-emergency-patch-for-critical-identity-manager-vulnerability/ - Tycoon 2FA Fully Operational Despite Law Enforcement Takedown https://www.securityweek.com/tycoon-2fa-fully-operational-despite-law-enforcement-takedown/ - NIST Updates DNS Security Guidance After 12 Years with SP 800-81r3 https://thecyberexpress.com/dns-security-guidance-nist-sp-800-81r3-update/ - Foster City Cyberattack Disrupts Services, Raises Data Breach Fears https://thecyberexpress.com/foster-city-cyberattack/

Cyber Daily News for March 22, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - WorldLeaks Ransomware Group Breaches City of Los Angeles and Metro System https://securityaffairs.com/189753/data-breach/worldleaks-group-breached-the-city-of-los-angels.html - Apple Urges iPhone Users to Update as Coruna and DarkSword Exploit Kits Emerge https://securityaffairs.com/189716/security/apple-urges-iphone-users-to-update-as-coruna-and-darksword-exploit-kits-emerge.html - Navia Data Breach Impacts Nearly 2.7 Million People https://securityaffairs.com/189726/data-breach/navia-data-breach-impacts-nearly-2-7-million-people.html - Global Law Enforcement Operation Targets AISURU, Kimwolf, JackSkid Botnet Operators https://securityaffairs.com/189710/cyber-crime/global-law-enforcement-operation-targets-aisuru-kimwolf-jackskid-botnet-operators.html - Suspected China-Based Espionage Campaign Against Military Targets in Southeast Asia https://unit42.paloaltonetworks.com/espionage-campaign-against-military-targets/ - DarkSword iOS Exploit Chain Adopted by Multiple Threat Actors https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain - French Aircraft Carrier Charles de Gaulle Tracked via Strava in OPSEC Failure https://securityaffairs.com/189696/intelligence/french-aircraft-carrier-charles-de-gaulle-tracked-via-strava-activity-in-opsec-failure.html - 7,500+ Magento Sites Defaced in Global Hacking Campaign https://securityaffairs.com/189734/hacking/7500-magento-sites-defaced-in-global-hacking-campaign.html