Trivy security tool compromised in major supply-chain attack
Researchers determined that the attackers gained access through previously stolen credentials from an earlier March breach.
Cybersecurity News - Page 6
Police dismantle over 370K fake dark web sites offering CSAM and CaaS
The sites were part of a large-scale scam that advertised fake CSAM “packages,” as well as other cybercrime services.
Russian intelligence targeting Signal and WhatsApp in phishing campaigns
The attacks do not break end-to-end encryption but instead rely on account hijacking techniques.
Cyber Security Week in Review: March 20, 2026
In brief: Threat actors are exploiting Zimbra, MS SharePoint and WingFTP flaws, police disrupt the Aisuru, KimWolf, JackSkid and Mossad botnets, and more.
New DarkSword exploit kit targets iPhones, steals crypto and personal data
DarkSword leverages six known vulnerabilities to gain deep access to compromised devices.
Interlock ransomware gang exploits Cisco firewall zero-day in targeted attacks
Interlock had been abusing the flaw as a zero-day issue in real-world attacks as early as January 26.
GlassWorm supply-chain attack expands across GitHub, npm, and VSCode
Attackers gained initial access by compromising GitHub accounts and force-pushing malicious commits into existing projects.
Iranian MuddyWater expands cyberespionage operations with AI-driven tools
The group is now using AI-assisted malware that includes anti-analysis features, helping it stay hidden in compromised systems for longer periods.
Russia turns Vienna into hub for electronic and satellite spying
Russia systematically employs diplomatic missions for intelligence collection, cyber operations, and influence campaigns.
Threat actors abuse Bench.sh benchmarking tool for reconnaissance
Attackers are now incorporating Bench.sh as a lightweight reconnaissance utility after gaining initial access.
Showing elements 51 - 60