ICYMI: 2026-03-23
Latest Headlines
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
We Found Eight Attack Vectors Inside AWS Bedrock. Here’s What Attackers Can Do with Them
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
A Mysterious Numbers Station Is Broadcasting Through the Iran War
Hassan Took a Bike Ride. Now He’s One of the Thousands Missing in Gaza
M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware
Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
Tycoon 2FA Fully Operational Despite Law Enforcement Takedown
Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability
Tax-Themed Google Ads Lead to BYOVD EDR Killer in Huntress-Traced Malvertising Campaign
SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025
Critical QNAP QVR Pro Vulnerability Let Remote Attackers Gain Access to the System
Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems
Libyan Oil Refinery Hit in Long-Running Espionage Campaign Using AsyncRAT
MacOS Stealer MioLab Adds ClickFix Delivery, Wallet Theft and Team API Tools
Oblivion RAT Turns Fake Play Store Updates Into a Full-Service Android Spyware Operation
Trivy Supply Chain Attack Expands as Compromised Docker Images Hit Docker Hub
Windows 11 Emergency Update to Fix ‘No Internet’ Sign-In Errors for OneDrive, Teams, and More
CISA Warns of Craft CMS Code Injection Vulnerability Exploited in Attacks
OpenAI rolls out ChatGPT Library to store your personal files
Mazda discloses security breach exposing employee and partner data
Tycoon2FA phishing platform returns after recent police disruption
Crunchyroll probes breach after hacker claims to steal 6.8M users’ data
Microsoft Exchange Online service change causes email access issues
FBI warns of Handala hackers using Telegram in malware attacks
CISA orders feds to patch DarkSword iOS flaws exploited attacks
New KB5085516 emergency update fixes Microsoft account sign-in
– MTZ