Cybersecurity Articles

128/69 Thursday, March 5, 2026 Security researchers from Microsoft have identified a phishing campaign targeting government agencies and public-sector organizations by abusing OAuth URL redirection mechanisms to bypass email and browser security protections. Instead of stealing passwords or exploiting software vulnerabilities, attackers leverage OAuth’s legitimate design behavior to redirect users to attacker-controlled infrastructure. As a […]

127/69 Thursday, March 5, 2026 The Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability CVE-2026-22719 affecting VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog after reports confirmed active exploitation in the wild. CISA has mandated that U.S. federal agencies remediate the issue by March 24, 2026. Meanwhile, Broadcom, the parent company […]

126/69 Wednesday, March 4, 2026 The University of Hawaii Cancer Center has confirmed that a ransomware group gained access to systems within its Epidemiology Division in August 2025, potentially exposing the personal data of more than 1.2 million individuals. The university has begun sending notification letters and emails to affected individuals, including participants in past […]

125/69 Wednesday, March 4, 2026 Israeli cybersecurity firm Gambit Security has revealed that threat actors leveraged Claude Code, an AI-powered coding assistant developed by Anthropic, to build cyberattack tools. The attackers used the AI system to generate intrusion scripts and ultimately exfiltrated more than 150GB of data from systems belonging to Mexican government agencies. The […]

124/69 Wednesday, March 4, 2026 Following the military operations Epic Fury by the United States and Roaring Lion by Israel on February 28, 2026, which targeted critical Iranian infrastructure and communications systems, cybersecurity experts from organizations such as CrowdStrike and Palo Alto Networks have reported a notable increase in activity from pro-Iranian hacktivist groups. However, […]

123/69 Monday, March 2, 2026 The Microsoft Defender research team has identified a campaign in which attackers distribute trojanized “gaming utility” programs through web browsers and chat platforms. The malicious files, disguised as legitimate tools such as Xeno.exe or RobloxPlayerBeta.exe, trick users into executing them, ultimately leading to the installation of a Remote Access Trojan […]

122/69 Monday, March 2, 2026 On Saturday, internet access across Iran dropped to nearly zero amid ongoing military operations by the United States and Israel. Global internet monitoring organization NetBlocks reported network data confirming a “near-total blackout,” with national connectivity falling to approximately 4% of normal levels. NetBlocks noted that the disruption resembles measures previously […]

121/69 Monday, March 2, 2026 Security firm Truffle Security has released new research revealing that nearly 2,863 Google Cloud API keys were embedded in client-side website code and exposed to the public internet. Some of the affected websites were reportedly associated with Google itself. Although these API keys were originally intended only to identify projects […]

120/69 Friday, February 27, 2026 Check Point Research has identified multiple security vulnerabilities in Claude Code, an AI-powered coding assistant developed by Anthropic. The flaws could allow attackers to execute malicious code remotely (Remote Code Execution – RCE) and steal users’ API keys. The issues stem from configuration mechanisms within the tool, including Hooks, Model […]

119/69 Friday, February 27, 2026 The cybercrime group ShinyHunters has published personal data from more than 12.4 million user accounts belonging to CarGurus after a failed extortion attempt. CarGurus is a U.S.-based online automotive marketplace and research platform operating in the United States, Canada, and the United Kingdom. The platform attracts approximately 40 million monthly […]