Cyber Daily News

Cyber Daily News for March 2, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Hackers Weaponize Claude Code AI to Steal 150GB from Mexican Government https://securityaffairs.com/188696/ai/claude-code-abused-to-steal-150gb-in-cyberattack-on-mexican-agencies.html - ShinyHunters Dumps Full Odido Dataset in Netherlands' Biggest Data Leak https://securityaffairs.com/188709/data-breach/shinyhunters-leaked-the-full-odido-dataset.html - OnlyFake AI ID Scam Operator Pleads Guilty to Selling 10,000+ Fake IDs https://securityaffairs.com/188734/cyber-crime/ukrainian-hacker-pleads-guilty-to-running-onlyfake-ai-id-scam-site.html - Ring Camera Super Bowl Ad Sparks Massive Privacy Backlash https://thecyberexpress.com/ring-camera-doorbells-privacy-security-cameras/ - Vietnam Announces National Cybersecurity Firewall Plan https://thecyberexpress.com/vietnam-cybersecurity-firewall/ - Chilean National Extradited for Trafficking 26,000+ Stolen Credit Cards https://thecyberexpress.com/stolen-credit-card-data-trafficking-case/ - Purchase Order Phishing Uses Double Extension Trick to Harvest Credentials https://www.malwarebytes.com/blog/threat-intel/2026/03/purchase-order-attachment-isnt-a-pdf-its-phishing-for-your-password

Cyber Daily News for March 01, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Canadian Tire Data Breach Impacts 38 Million Accounts https://securityaffairs.com/188659/data-breach/canadian-tire-2025-data-breach-impacts-38-million-users.html - Iran's Internet Near-Totally Blacked Out Amid US, Israeli Strikes https://securityaffairs.com/188648/cyber-warfare-2/iran-s-internet-near-totally-blacked-out-amid-us-israeli-strikes.html - Aeternum Botnet Hides Commands in Polygon Smart Contracts https://securityaffairs.com/188627/mobile-2/aeternum-botnet-hides-commands-in-polygon-smart-contracts.html - Microsoft Warns of RAT Delivered Through Trojanized Gaming Utilities https://securityaffairs.com/188639/malware/microsoft-warns-of-rat-delivered-through-trojanized-gaming-utilities.html - Juniper Issues Emergency Patch for Critical PTX Router RCE https://securityaffairs.com/188609/security/juniper-issues-emergency-patch-for-critical-ptx-router-rce.html - iPhone and iPad First Consumer Devices Cleared for NATO RESTRICTED Classification https://securityaffairs.com/188618/security/iphone-and-ipad-are-the-first-consumer-devices-cleared-for-natos-restricted-classification.html - How AI Is Transforming Incident Response Operations https://securityaffairs.com/188599/ai/how-ai-aids-incident-response-why-humans-alone-cannot-do-ir-efficiently.html

Cyber Daily News for February 28, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Juniper Issues Emergency Patch for Critical PTX Router RCE https://securityaffairs.com/188609/security/juniper-issues-emergency-patch-for-critical-ptx-router-rce.html - Public Google API Keys Can Be Used to Expose Gemini AI Data https://www.malwarebytes.com/blog/news/2026/02/public-google-api-keys-can-be-used-to-expose-gemini-ai-data - Fake Google Security Check Deploys Browser-Based Surveillance Toolkit https://www.malwarebytes.com/blog/privacy/2026/02/inside-a-fake-google-security-check-that-becomes-a-browser-rat - Aeternum Botnet Hides C2 Commands in Polygon Smart Contracts https://securityaffairs.com/188627/mobile-2/aeternum-botnet-hides-commands-in-polygon-smart-contracts.html - North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks https://www.infosecurity-magazine.com/news/north-korea-apt37-expands-toolkit/ - Microsoft Warns of RAT Delivered Through Trojanized Gaming Utilities https://securityaffairs.com/188639/uncategorized/microsoft-warns-of-rat-delivered-through-trojanized-gaming-utilities.html - 38 Million Allegedly Impacted by ManoMano Data Breach https://www.securityweek.com/38-million-allegedly-impacted-by-manomano-data-breach/ - iPhone and iPad First Consumer Devices Cleared for NATO RESTRICTED https://securityaffairs.com/188618/security/iphone-and-ipad-are-the-first-consumer-devices-cleared-for-natos-restricted-classification.html

Cyber Daily News for February 27, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cisco SD-WAN Zero-Day Exploited Since 2023 — CVSS 10, Now on CISA KEV https://securityaffairs.com/188540/security/hackers-abused-cisco-sd-wan-zero-day-since-2023-to-gain-full-admin-control.html - Conduent Breach Balloons to 25 Million Victims https://www.malwarebytes.com/blog/news/2026/02/the-conduent-breach-from-10-million-to-25-million-and-counting - 12 Million Exposed .env Files Reveal Widespread Security Failures https://securityaffairs.com/188590/hacking/12-million-exposed-env-files-reveal-widespread-security-failures.html - UAT-10027 Hits US Education and Healthcare With Stealthy Dohdoor Backdoor https://securityaffairs.com/188558/apt/uat-10027-campaign-hits-u-s-education-and-healthcare-with-stealthy-dohdoor-backdoor.html - Aeternum Botnet Shifts Command Control to Polygon Blockchain https://www.infosecurity-magazine.com/news/aeternum-botnet-c2-polygon/

Cyber Daily News for February 26, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cisco Patches Catalyst SD-WAN Zero-Day Exploited for Three Years (CVSS 10.0) https://www.securityweek.com/cisco-patches-catalyst-sd-wan-zero-day-exploited-by-highly-sophisticated-hackers/ - Google Disrupts China-Linked APT UNC2814 Across 42 Countries https://securityaffairs.com/188521/apt/google-gtig-disrupted-china-linked-apt-unc2814-halting-attacks-on-53-orgs-in-42-countries.html - ShinyHunters Leaks 12.4 Million CarGurus User Records https://www.securityweek.com/over-12-million-users-impacted-by-cargurus-data-breach/ - IBM X-Force: 44% Surge in App Exploits as AI Accelerates Attacks https://www.infosecurity-magazine.com/news/app-exploits-surge-ai-speeds/ - Critical Claude Code Flaws Enable RCE via Malicious Repositories https://securityaffairs.com/188508/security/untrusted-repositories-turn-claude-code-into-an-attack-vector.html

Cyber Daily News February 25, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - U.S. Sanctions Russian Broker Over Zero-Day Exploits Theft https://thecyberexpress.com/zero-day-exploits-theft/

Cyber Daily News February 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration https://securityaffairs.com/188421/apt/operation-macromaze-apt28-exploits-webhooks-for-covert-data-exfiltration.html - Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen https://securityaffairs.com/188397/data-breach/everest-ransomware-hits-vikor-scientific-s-supplier-data-of-140000-patients-stolen.html - CVE-2026-1731 fuels ongoing attacks on BeyondTrust remote access products https://securityaffairs.com/188370/hacking/cve-2026-1731-fuels-ongoing-attacks-on-beyondtrust-remote-access-products.html - AI Content Generation Systems Face Global Pressure Over Privacy and Deepfake Risks https://thecyberexpress.com/ai-content-generation-systems/ - Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth https://securityaffairs.com/188388/malware/wormable-xmrig-campaign-leverages-byovd-and-timed-kill-switch-for-stealth.html

Cyber Daily News February 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - ATM Jackpotting Losses Cross $20M as Malware Targets U.S. Cash Machines https://thecyberexpress.com/fbi-flags-rise-in-atm-jackpotting-attacks/ - X vs EU: Platform Appeals Against €120M Digital Services Act Penalty https://thecyberexpress.com/e120m-digital-services-act-penalty/ - Anthropic unveils Claude Code Security to detect and fix code bugs https://securityaffairs.com/188358/ai/anthropic-unveils-claude-code-security-to-detect-and-fix-code-bugs.html

Cyber Daily News February 22, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/188324/security/u-s-cisa-adds-roundcube-webmail-flaws-to-its-known-exploited-vulnerabilities-catalog.html

Cyber Daily News February 21, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - PayPal discloses extended data leak linked to Loan App glitch https://securityaffairs.com/188309/data-breach/paypal-discloses-extended-data-leak-linked-to-loan-app-glitch.html - North Korean IT worker scam nets Ukrainian five-year sentence in the U.S. https://securityaffairs.com/188305/cyber-crime/north-korean-it-worker-scam-nets-ukrainian-five-year-sentence-in-the-u-s.html

Cyber Daily News February 20, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head https://thecyberexpress.com/israel-data-breach-incd-head/ - Cyberattack Forces Clinic Closures, Surgery Cancellations at University of Mississippi Medical Center https://thecyberexpress.com/ummc-cyberattack-clinic-closures-it-shutdown/ - First Android Malware Weaponizes Gemini AI to Evade Detection, Maintain Persistence https://thecyberexpress.com/first-android-malware-promptspy/ - Germany’s national rail operator Deutsche Bahn hit by a DDoS attack https://securityaffairs.com/188254/breaking-news/germanys-national-rail-operator-deutsche-bahn-hit-by-a-ddos-attack.html - U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/188243/hacking/u-s-cisa-adds-dell-recoverpoint-and-gitlab-flaws-to-its-known-exploited-vulnerabilities-catalog.html - CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs https://securityaffairs.com/188234/security/cisa-alerts-to-critical-auth-bypass-cve-2026-1670-in-honeywell-cctvs.html - Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions https://securityaffairs.com/188272/cyber-crime/red-card-2-0-interpol-busts-scam-networks-across-africa-seizes-millions.html

Cyber Daily News February 19, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Mozilla Firefox Issues Emergency Patch for Heap Buffer Overflow in Firefox v147 https://thecyberexpress.com/firefox-v147-cve-2026-2447/ - China-linked APT weaponized Dell RecoverPoint zero-day since 2024 https://securityaffairs.com/188176/apt/china-linked-apt-weaponized-dell-recoverpoint-zero-day-since-2024.html - Notepad++ patches flaw used to hijack update system https://securityaffairs.com/188192/hacking/notepad-patches-flaw-used-to-hijack-update-system.html - Critical Security Flaws Discovered in Four VS Code Extensions Affecting Millions https://thecyberexpress.com/vs-code-extensions-supply-chain-security-flaws/ - Advantest Cyberattack Triggers Ransomware Investigation Across Internal Network https://thecyberexpress.com/advantest-cyberattack-ransomware-investigation/ - French Ministry confirms data access to 1.2 Million bank accounts https://securityaffairs.com/188200/hacking/french-ministry-confirms-data-access-to-1-2-million-bank-accounts.html - Betterment data breach might be worse than we thought https://www.malwarebytes.com/blog/news/2026/02/betterment-data-breach-might-be-worse-than-we-thought

Cyber Daily News February 18, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Update Chrome now: Zero-day bug allows code execution via malicious webpages https://www.malwarebytes.com/blog/news/2026/02/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages - Attackers Deploy Dormant Backdoors in Ivanti EPMM to Bypass Patching of Latest 0-Days https://thecyberexpress.com/attackers-deploy-backdoors-in-ivanti-epmm/ - Zero-Day in Dell RecoverPoint Exploited by Chinese Hacker Group https://thecyberexpress.com/cve-2026-22769-dell-recoverpoint/ - South Korea slaps $25M fine on Dior, Louis Vuitton, Tiffany over Salesforce breach https://securityaffairs.com/188064/hacking/south-korea-slaps-25m-fine-on-dior-louis-vuitton-tiffany-over-salesforce-breach.html

Cyber Daily News February 17, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CleanTalk WordPress Plugin Vulnerability Puts 200,000 Sites at Risk https://thecyberexpress.com/cleantalk-cve-2026-1490/ - Eurail Breach Escalates as Stolen Passport Data and IBANs Surface on Dark Web for Sale https://thecyberexpress.com/eurail-breach-data-on-dark-web-for-sale/ - A security flaw at DavaIndia Pharmacy allowed attackers to access customers’ data and more https://securityaffairs.com/188056/security/a-security-flaw-at-davaindia-pharmacy-allowed-attackers-to-access-customers-data-and-more.html - ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached https://securityaffairs.com/188046/data-breach/shinyhunters-leaked-600k-canada-goose-customer-records-but-the-firm-denies-it-was-breached.html - Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup https://securityaffairs.com/188039/hacking/microsoft-alerts-on-dns-based-clickfix-variant-delivering-malware-via-nslookup.html

Cyber Daily News February 16, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Google Chrome Fixes Actively Exploited CVE-2026-2441 Bug https://thecyberexpress.com/cve-2026-2441-google-chrome/ - Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign https://securityaffairs.com/188009/apt/malicious-npm-and-pypi-packages-llinked-to-lazarus-apt-fake-recruiter-campaign.html - Japanese sex toys maker Tenga discloses data breach https://securityaffairs.com/188022/data-breach/japanese-sex-toys-maker-tenga-discloses-data-breach.html

Cyber Daily News February 15, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/187982/breaking-news/u-s-cisa-adds-a-flaw-in-beyondtrust-rs-and-pra-to-its-known-exploited-vulnerabilities-catalog.html - Suspected Russian hackers deploy CANFAIL malware against Ukraine https://securityaffairs.com/187976/hacking/suspected-russian-hackers-deploy-canfail-malware-against-ukraine.html

Cyber Daily News February 14, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release https://securityaffairs.com/187962/uncategorized/attackers-exploit-beyondtrust-cve-2026-1731-within-hours-of-poc-release.html - New threat actor UAT-9921 deploys VoidLink against enterprise sectors https://securityaffairs.com/187969/ai/new-threat-actor-uat-9921-deploys-voidlink-against-enterprise-sectors.html

Cyber Daily News February 13, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Apple patches zero-day flaw that could let attackers take control of devices https://www.malwarebytes.com/blog/news/2026/02/apple-patches-zero-day-flaw-that-could-let-attackers-take-control-of-devices - 8,000+ ChatGPT API Keys Left Publicly Accessible https://thecyberexpress.com/exposed-chatgpt-api-keys-github-websites/ - Odido confirms massive breach; 6.2 Million customers impacted https://securityaffairs.com/187927/uncategorized/odido-confirms-massive-breach-6-2-million-customers-impacted.html - ApolloMD data breach impacts 626,540 people https://securityaffairs.com/187921/data-breach/apollomd-data-breach-impacts-626540-people.html - U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/187937/security/u-s-cisa-adds-solarwinds-web-help-desk-notepad-microsoft-configuration-manager-and-apple-devices-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks https://thecyberexpress.com/gtig-ai-threat-tracker/ - Outlook add-in goes rogue and steals 4,000 credentials and payment data https://www.malwarebytes.com/blog/news/2026/02/outlook-add-in-goes-rogue-and-steals-4000-credentials-and-payment-data

Cyber Daily News February 12, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - February 2026 Patch Tuesday includes six actively exploited zero-days https://www.malwarebytes.com/blog/news/2026/02/february-2026-patch-tuesday-includes-six-actively-exploited-zero-days - Volvo Group hit in massive Conduent data breach https://securityaffairs.com/187875/security/volvo-group-hit-in-massive-conduent-data-breach.html - Reynolds ransomware uses BYOVD to disable security before encryption https://securityaffairs.com/187869/security/reynolds-ransomware-uses-byovd-to-disable-security-before-encryption.html - SMS and OTP Bombing Campaigns Found Abusing API, SSL and Cross-Platform Automation https://thecyberexpress.com/sms-and-otp-bombing-bypass-analysis/ - Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass https://securityaffairs.com/187882/uncategorized/multiple-endpoint-manager-bugs-patched-by-ivanti-including-remote-auth-bypass.html

Cyber Daily News February 11, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Microsoft Patch Tuesday February Update Flags Exchange and Azure Vulnerabilities as High-Priority Risks https://thecyberexpress.com/microsoft-patch-tuesday-february-2026/ - ZeroDayRAT spyware grants attackers total access to mobile devices https://securityaffairs.com/187820/malware/zerodayrat-spyware-grants-attackers-total-access-to-mobile-devices.html - Senegal shuts National ID office after ransomware attack https://securityaffairs.com/187811/data-breach/senegal-shuts-national-id-office-after-ransomware-attack.html - Romance, Fake Platforms, $73M Lost: Crypto Scam Leader Gets 20 Years https://thecyberexpress.com/global-cryptocurrency-investment-scam/ - 12 Lakh SIM Cards Cancelled, over 3 Lakh IMEI Numbers Blocked as Centre Intensifies Crackdown on Cybercrime https://thecyberexpress.com/sim-cards-cancelled-india-cybercrime/