Cybersecurity Articles

182/69 Tuesday, March 31, 2026 A security vulnerability has been discovered in the widely used Smart Slider 3 plugin for WordPress, which is installed on more than 800,000 websites. The flaw, tracked as CVE-2026-3098, allows low-privileged users such as Subscribers to access sensitive files on the server, including wp-config.php, which contains critical information such as […]

181/69 Tuesday, March 31, 2026 The hacking group Handala, reportedly linked to Iran’s Ministry of Intelligence (MOIS), has claimed responsibility for breaching the personal Gmail account of Kash Patel, the current Director of the Federal Bureau of Investigation, on March 27, 2026. The group published personal photos, documents, and email correspondence from before Patel assumed […]

180/69 Monday, March 30, 2026 Security researchers at Malwarebytes have reported a new ClickFix campaign targeting macOS users by impersonating Cloudflare verification pages to distribute a Python-based information-stealing malware. The attack begins by luring victims to a fake CAPTCHA page that closely mimics legitimate Cloudflare verification. It then uses social engineering techniques to trick users […]

179/69 Monday, March 30, 2026 The cybercrime group ShinyHunters has claimed responsibility for breaching the European Commission and exfiltrating more than 350GB of data. The stolen data was reportedly published on the group’s Tor-based leak site and is believed to include email system data, databases, internal documents, and contractual records. However, the exact scope and […]

178/69 Monday, March 30, 2026 There are reports of threat actors actively scanning for a newly disclosed critical vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway (CVE-2026-3055), which carries a high severity score of 9.3 (Critical). The vulnerability stems from insufficient input validation, leading to an out-of-bounds read issue. This flaw allows unauthenticated remote […]

177/69 Friday, March 27, 2026 Threat actors are actively targeting TikTok for Business accounts in a new phishing campaign designed to evade security bots and bypass detection mechanisms. These accounts are considered high-value targets, as they can be abused for malicious advertising, ad fraud, and the distribution of harmful content. Due to their credibility and […]

176/69 Friday, March 27, 2026 The cybercrime group LAPSUS$ has claimed responsibility for breaching AstraZeneca and exfiltrating approximately 3GB of internal data. The allegedly stolen data includes system credentials, authentication tokens, source code in multiple languages such as Java, Angular, and Python, as well as employee information. However, AstraZeneca has not officially confirmed the incident. […]

175/69 Friday, March 27, 2026 A recent report from Pulsedive and Spamhaus highlights alarming trends in the second half of 2025, revealing a 24% increase in command-and-control (C&C) servers worldwide. These servers are increasingly leveraging everyday IoT devices from homes and offices as part of cyberattack infrastructure. Notably, the United States has surpassed China as […]

174/69 Thursday, March 26, 2026 Google has released Chrome 146 to address eight high-severity vulnerabilities, primarily related to memory safety issues affecting seven different components of the browser. The most notable flaw, CVE-2026-4673, is a heap buffer overflow in WebAudio, for which the researcher received a $7,000 bug bounty reward. Another issue, CVE-2026-4677, involves an […]

173/69 Thursday, March 26, 2026 QualDerm Partners, a U.S.-based provider of dermatology clinic management services, has disclosed a data breach that occurred in December 2025, affecting more than 3.1 million individuals. The incident involved unauthorized access to the company’s internal systems, allowing attackers to exfiltrate sensitive data. QualDerm supports multiple dermatology clinics by providing administrative, […]