138/69 Tuesday, March 10, 2026 Security researchers from JFrog have discovered a malicious npm package named @openclaw-ai/openclawai, uploaded on March 3, 2026. The package impersonates an installer for the OpenClaw application and is designed to spread malware on macOS systems. The package has already been downloaded more than 180 times and remains available for download. […]
137/69 Tuesday, March 10, 2026 A critical security vulnerability has been discovered in Nginx UI, tracked as CVE-2026-27944 with a CVSS score of 9.8. The flaw could allow attackers to download and decrypt server backup files without authentication, potentially exposing sensitive information such as system configurations, credentials, and encryption keys-particularly if the management interface is […]
136/69 Tuesday, March 10, 2026 Security experts from Infoblox have discovered a sophisticated phishing campaign in which attackers abuse the “.arpa” top-level domain (TLD)-a domain normally reserved for internet infrastructure-to host malicious links. The .arpa domain is typically used for infrastructure functions such as Reverse DNS lookups, where IP addresses are mapped back to hostnames. […]
135/69 Monday, March 9, 2026 Anthropic has announced the discovery of 22 previously unknown vulnerabilities in the Mozilla Firefox browser through a collaboration with Mozilla. The findings were made using the large language model Claude Opus 4.6, which analyzed Firefox source code for only two weeks in January 2026. Among the vulnerabilities discovered, 14 were […]
134/69 Monday, March 9, 2026 TriZetto Provider Solutions, a healthcare information technology provider that delivers software and systems to health insurers and medical service providers-and has operated under Cognizant since 2014—has disclosed a data breach affecting the personal information of more than 3.4 million patients. The company reported detecting suspicious activity within its systems on […]
133/69 Monday, March 9, 2026 OpenAI officially launched Codex Security on Friday, introducing an AI-powered security agent designed to automatically identify, verify, and suggest fixes for vulnerabilities in source code. The feature is currently available as a Research Preview for users of ChatGPT Pro, Enterprise, Business, and Edu plans, with the first month offered free […]
132/69 Friday, March 6, 2026 Security researchers from Microsoft’s Defender team have identified a new phishing campaign observed since February 2026 that targets office workers through fake meeting invitations impersonating Zoom and Microsoft Teams. Victims are often lured into opening a blurred PDF attachment designed to prompt curiosity. When users click the embedded link, they […]
131/69 Friday, March 6, 2026 LastPass has issued a warning to users about a new phishing campaign that impersonates security alert emails claiming unauthorized account access or changes to a user’s Master Password. The attackers use display name spoofing to make the messages appear as if they originate from LastPass, increasing the likelihood that recipients […]
130/69 Friday, March 6, 2026 A recent report from Check Point Research has identified cyberattack attempts linked to Iranian-affiliated hacker groups targeting hundreds of IP cameras (CCTV systems) across Israel and several Middle Eastern countries, including Qatar, Bahrain, and the United Arab Emirates-regions with significant military activity. The campaign primarily focuses on compromising cameras from […]
129/69 Thursday, March 5, 2026 Amazon has confirmed that three Amazon Web Services (AWS) data centers in the United Arab Emirates and one in Bahrain were damaged by drone attacks, causing widespread service disruptions affecting dozens of cloud services. The incident occurred amid escalating tensions in the Middle East and is believed to be linked […]
