Cyber Security Week in Review: March 13, 2026
In brief: Google fixes two Chrome zero-days, CISA updates its KEV list with four new entries, and more.
Cybersecurity News - Page 1
Exposed toolkit reveals suspected APT28 campaign targeting Ukrainian government
The directory contained what appears to be a complete exploitation framework designed to target vulnerabilities in Roundcube.
BlackSanta malware targets HR departments in year-long campaign
The attackers combined social engineering with advanced evasion techniques to infiltrate corporate systems and steal data.
Microsoft's March 2026 Patch Tuesday addresses over 70 flaws
The company patched two publicly disclosed flaws; neither has been observed to be actively exploited in attacks.
KadNap malware ensnares over 14K routers in massive botnet
The malware’s operators mainly exploit home and small-office networking equipment.
Threat actors exploit FortiGate firewalls to breach healthcare, government networks
Attackers are exploiting recently disclosed vulnerabilities or weak credentials to gain access to FortiGate devices.
Russian APT28 deploys malicious Covenant variant for long-term espionage against Ukraine
The threat actor has been using the BeardShell and Covenant custom malware implants since April 2024.
SolarWinds, Ivanti, and Workspace One flaws actively exploited in the wild
Organizations are recommended to patch the vulnerabilities as soon as possible.
AI Vibeware campaign linked to Pakistan-based APT36 targets Indian government
Instead of relying on established off-the-shelf malware, the group is now creating disposable binaries across multiple programming languages.
Russian hackers target Signal and WhatsApp accounts of officials worldwide
The attackers are trying to obtain verification and PIN codes that protect accounts on the messaging platforms.
Showing elements 1 - 10