ICYMI: 2026-03-20
Latest Headlines
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
A Top Democrat Is Urging Colleagues to Support Trump’s Spy Machine
The Danger Behind Meta Killing End-to-End Encryption for Instagram DMs
In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
Eclypsium Raises $25 Million for Device Supply Chain Security
US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
Cape Raises $100 Million for Protection Against Cellular Security Threats
Thousands of Magento Sites Hit in Ongoing Defacement Campaign
Allure Security Raises $17 Million for Online Brand Protection
Critical Langflow Vulnerability Exploited Hours After Public Disclosure
Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
Anthropic Launches Projects Feature for Claude Cowork Desktop
Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins
Hackers Compromised 7,500+ Magento Websites to Upload Hidden Malicious Files and Steal Data
New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation
Perseus Android Malware Steals User Notes and Enables Full Device Takeover
FBI, Thai Partners Target Southeast Asia Scam Centers Behind Cyber Fraud on Americans
Microsoft Unveils New Teams Optimizations for Windows App on iOS & Android
CISA Warns of Cisco Secure Firewall Management Center 0-Day Exploited in Ransomware Attacks
Ransomware Actors Expand EDR Killer Tactics Beyond Vulnerable Drivers
Critical Jenkins Vulnerabilities Expose CI/CD Servers to RCE Attacks
FBI links Signal phishing attacks to Russian intelligence services
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Musician admits to $10M streaming royalty fraud using AI bots
International joint action disrupts world’s largest DDoS botnets
Microsoft: March Windows updates break Teams, OneDrive sign-ins
Ex-data analyst stole company data in $2.5M extortion scheme
– MTZ