Russian hackers go after high-value targets through Signal
Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of intelligence interest, including government personnel, journalists, and others with access to sensitive communications. It is believed that the campaign has compromised thousands of commercial messaging applications accounts. People who use these applications can develop a false sense of security. READ MORE...
DOJ confirms seizure of domains linked to Iran-backed threat actor
The Department of Justice on Thursday said four domains used for Iranian-backed hacking and intimidation of political opponents have been taken down in a court-ordered operation. Two of the domains were connected to Handala, the state-linked threat group that authorities confirmed was behind the hack of Stryker, a Michigan-based medical technology giant. A partially redacted FBI affidavit did not specifically identify Stryker by name, but the details of the attack match. READ MORE...
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
An open server hosted on a German cloud provider's systems has been discovered, containing the entire toolset of a member of the Beast ransomware group. The find exposes the tactics, techniques, and procedures (TTPs) of the threat actor, but also reveals that Beast shares many of those TTPs with other ransomware gangs. According to threat-intelligence firm Team Cymru, the ransomware toolset includes those used for reconnaissance, network mapping, credential theft, and exfiltration. READ MORE...
QNAP Patches Four Vulnerabilities Exploited at Pwn2Own
QNAP on Friday announced patches for multiple vulnerabilities across its products, including four issues that were demonstrated at the Pwn2Own Ireland hacking contest in October 2025. The four security defects, tracked as CVE-2025-62843 to CVE-2025-62846, impact the company's SD-WAN routers and were addressed in QuRouter version 2.6.3.009. According to QNAP's advisory, the first bug requires physical access to a vulnerable device, while the second flaw could be exploited over the local network. READ MORE...
VoidStealer malware steals Chrome master key via debugger trick
An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. The novel method is stealthier and relies on hardware breakpoints to extract the v20_master_key, used for both encryption and decryption, directly from the browser's memory, without requiring privilege escalation or code injection. READ MORE...
Trio sentenced for facilitating North Korean IT worker scheme from their homes
Three American men were sentenced Friday for crimes they committed in furtherance of North Korea's vast scheme to get operatives hired at U.S. companies, the Justice Department said. The trio pleaded guilty in November to wire fraud conspiracy for providing U.S. identities to remote North Korean IT workers. They hosted U.S. company-provided laptops at their homes and installed remote-access software so North Korean operatives could appear to be working in the country. READ MORE...
Microsoft Azure Monitor alerts abused for callback phishing attacks
Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account. Azure Monitor is Microsoft's cloud-based monitoring service that collects and analyzes data from Azure resources, applications, and infrastructure. It enables users to track performance, notify about billing changes, detect issues, and trigger alerts based on various conditions. READ MORE...
Ubiquiti defect poses account takeover risk for UniFi Networking Application users
Researchers and threat hunters are scrambling to contain a maximum-severity defect in Ubiquiti's UniFi Network Application that attackers could exploit to take over user accounts by accessing and manipulating files. The path-traversal vulnerability - CVE-2026-22557 - affects software used to manage UniFi networking devices, including access points, gateways and switches. The vendor disclosed and released patches for the defect in a security advisory Wednesday. READ MORE...
Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw
Oracle broke its usual patch cycle this week to announce a critical vulnerability in its Fusion Middleware. On March 19, the enterprise software and cloud computing giant released a special security alert for the newly discovered issue, now labeled CVE-2026-21992. It affects the Oracle Identity Manager (OIM) and Oracle Web Services Manager (OWSM), and its severity is obvious at first glance, as it enables remote code execution (RCE) and requires no authentication to exploit. READ MORE...
- ...in 1857, Elisha Otis installs his first elevator, four years after demonstrating its safety locking mechanism at the 1853 New York World's Fair
- ...in 1910, Japanese film director Akira Kurosawa, ("Seven Samurai", "Rashomon") is born in Tokyo.
- ...in 1949, musician/producer Ric Ocasek of The Cars ("Just What I Needed", "You Might Think") is born in Baltimore, MD.
- ...in 2001, Russia's Mir space station is retired via a controlled atmospheric entry, burning up in the skies above Fiji before falling into the South Pacific.
