ICYMI: 2026-02-24
Latest Headlines
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Identity Prioritization isn’t a Backlog Problem - It’s a Risk Math Problem
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Here’s What a Google Subpoena Response Looks Like, Courtesy of the Epstein Files
VMware Aria Operations Vulnerability Could Allow Remote Code Execution
CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO
GitHub Issues Abused in Copilot Attack Leading to Repository Takeover
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs
Threat Actors Weaponized AI Tools to Gain Full Domain Access within 30 Minutes
65% of Financial Organizations Targeted by Ransomware as Cybercriminals Escalate Attacks
Malicious NuGet Packages Attacking ASP.NET Developers to Steal Login Credentials
Reddit Fined £14.47 Million by UK Regulator for Children’s Privacy Failures
New Deserialization Vulnerability in Ruby Workers Could Enable Full System Compromise
Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection
Sendmarc Releases DMARCbis Fireside Chat Featuring Co-Editor Todd Herr
Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads
Fake Huorong Download Site Used to Deploy ValleyRAT Backdoor in Targeted Malware Campaign
Diesel Vortex Russian Cybercrime Group Targets Global Logistics Sector and Steals 1,600+ Credentials
Phishing campaign targets freight and logistics orgs in the US, Europe
Wynn Resorts confirms employee data breach after extortion threat
1Campaign platform helps malicious Google ads evade detection
CarGurus data breach exposes information of 12.4 million accounts
Microsoft adds Copilot data controls to all storage locations
Identity-First AI Security: Why CISOs Must Add Intent to the Equation
UK fines Reddit $19 million for using children’s data unlawfully
Critical SolarWinds Serv-U flaws offer root access to servers
ShinyHunters extortion gang claims Odido breach affecting millions
North Korean Lazarus group linked to Medusa ransomware attacks
– MTZ