Cybersecurity Articles

176/69 Friday, March 27, 2026 The cybercrime group LAPSUS$ has claimed responsibility for breaching AstraZeneca and exfiltrating approximately 3GB of internal data. The allegedly stolen data includes system credentials, authentication tokens, source code in multiple languages such as Java, Angular, and Python, as well as employee information. However, AstraZeneca has not officially confirmed the incident. […]

175/69 Friday, March 27, 2026 A recent report from Pulsedive and Spamhaus highlights alarming trends in the second half of 2025, revealing a 24% increase in command-and-control (C&C) servers worldwide. These servers are increasingly leveraging everyday IoT devices from homes and offices as part of cyberattack infrastructure. Notably, the United States has surpassed China as […]

174/69 Thursday, March 26, 2026 Google has released Chrome 146 to address eight high-severity vulnerabilities, primarily related to memory safety issues affecting seven different components of the browser. The most notable flaw, CVE-2026-4673, is a heap buffer overflow in WebAudio, for which the researcher received a $7,000 bug bounty reward. Another issue, CVE-2026-4677, involves an […]

173/69 Thursday, March 26, 2026 QualDerm Partners, a U.S.-based provider of dermatology clinic management services, has disclosed a data breach that occurred in December 2025, affecting more than 3.1 million individuals. The incident involved unauthorized access to the company’s internal systems, allowing attackers to exfiltrate sensitive data. QualDerm supports multiple dermatology clinics by providing administrative, […]

172/69 Thursday, March 26, 2026 The Federal Communications Commission (FCC) has announced a major escalation in cybersecurity measures by adding consumer-grade routers manufactured outside the United States to its Covered List. This move means that new router models not produced domestically will no longer be eligible for authorization to be marketed or sold in the […]

171/69 Wednesday, March 25, 2026 Law enforcement agencies from 23 countries, led by German authorities and Europol, have successfully carried out “Operation Alice”, targeting one of the largest fraudulent networks on the dark web. The operation resulted in the takedown of more than 373,000 onion domains. The investigation began in 2021, initially focusing on a […]

170/69 Wednesday, March 25, 2026 Cybersecurity firm Resecurity has reported the discovery of threat activity linked to a cyber threat group known as Nasir Security, which is targeting energy sector organizations across the Middle East. The activity comes amid heightened regional security tensions, particularly within Gulf Cooperation Council (GCC) countries. The energy sector remains a […]

169/69 Wednesday, March 25, 2026 Security researchers have identified a rapidly spreading new worm named CanisterWorm, active since March 20, 2026. The campaign is attributed to the hacker group TeamPCP, which leveraged a software supply chain attack by embedding malicious code into more than 45 npm packages. The compromise is believed to stem from stolen […]

168/69 Tuesday, March 24, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation. These vulnerabilities carry CVSS scores ranging from 7.8 to 10.0 and include issues such as buffer overflow, improper locking, and […]

167/69 Tuesday, March 24, 2026 Oracle has released security updates to address a critical vulnerability tracked as CVE-2026-21992 (CVSS score: 9.8), affecting Oracle Identity Manager and Oracle Web Services Manager. The flaw allows unauthenticated attackers to exploit the systems remotely over HTTP, potentially leading to Remote Code Execution (RCE). Successful exploitation could result in full […]