As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks
The joint US-Israeli attack on Iran already has spurred a cyber response from multiple corners, including a barrage of distributed denial of service hits, critical infrastructure attacks, and network compromises that aim to do significant physical, reputational, and financial damage, according to security researchers. On Saturday, the US and Israel launched a broad military action in Iran, killing the country's Supreme Leader Ayatollah Ali Khamenei and dozens of other government officials. READ MORE...
Madison Square Garden Data Breach Confirmed Months After Hacker Attack
Madison Square Garden has confirmed being impacted by a data breach stemming from a cybercrime campaign targeting customers of Oracle's E-Business Suite (EBS) solution. In the Oracle EBS hacking campaign, the Cl0p ransomware and extortion group exploited zero-day vulnerabilities to gain access to data stored by more than 100 organizations in the enterprise management software. Madison Square Garden was named by the hackers as a victim of the campaign in November 2025. READ MORE...
UH Cancer Center data breach affects nearly 1.2 million people
The University of Hawaii has confirmed that a ransomware gang stole the data of nearly 1.2 million individuals after breaching its Cancer Center's Epidemiology Division in August 2025. Founded in 1907, the University of Hawaii (UH) System operates 3 universities and 7 community colleges, as well as multiple campuses and research centers across the Hawaiian Islands. The UH Cancer Center has over 300 faculty and staff, as well as an additional 200 affiliate members. READ MORE...
Android's March 2026 security patch fixes over 100 flaws, one under targeted exploitation
The Android March 2026 security patch addresses vulnerabilities across dozens of components and includes one CVE confirmed under active exploitation. Devices running a patch level of 2026-03-05 or later receive fixes for all disclosed issues. The bulletin notes indications that CVE-2026-21385 may be under limited, targeted exploitation. The flaw resides in the Qualcomm Display component and is rated High severity. READ MORE...
A fake FileZilla site hosts a malicious download
A trojanized copy of the open-source FTP client FileZilla 3.69.5 is circulating online. The archive contains the legitimate FileZilla application, but with a single malicious DLL added to the folder. When someone downloads this tampered version, extracts it, and launches FileZilla, Windows loads the malicious library first. From that moment on, the malware runs inside what appears to be a normal FileZilla session. READ MORE...
LLMs can unmask pseudonymous users at scale with surprising accuracy
Burner accounts on social media sites can increasingly be analyzed to identify the pseudonymous users who post to them using AI in research that has far-reaching consequences for privacy on the Internet, researchers said. The finding, from a recently published research paper, is based on results of experiments correlating specific individuals with accounts or posts across more than one social media platform. READ MORE...
Critical OpenClaw Vulnerability Exposes AI Agent Risks
A newly disclosed - and now patched - vulnerability in the fastest-growing AI agent tool in the developer ecosystem underscores the expanding risks organizations face from deploying AI in their environments without adequate security oversight or controls. The vulnerability in OpenClaw, the open source AI agent that has seen meteoric adoption among developers since its launch last November, allowed a malicious website to hijack a developer's AI agent. READ MORE...
Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability
A researcher claims to have identified a high-risk vulnerability in a Honeywell building management controller, but the vendor disputes the severity and impact of the findings. Cybersecurity researcher Gjoko Krstic, known in the industry for his analysis of high-impact vulnerabilities, recently investigated Honeywell's IQ4 controller. According to Krstic, the product exposes its web-based human-machine interface without authentication in its factory-default configuration. READ MORE...
Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite
If you wanted to steal local files from someone using Perplexity's Comet browser, until last month you could just schedule the theft by sending your victim a calendar event. You might also have been able to access the victim's 1Password vault if it wasn't protected by two factor authentication. Last October, security researchers affiliated with Zenity Labs discovered that Perplexity's AI browser, Comet, left the user's local file system unprotected. READ MORE...
- ...in 1845, Congress overrides presidential veto for first time with a two-thirds majority vote, forcing President John Tyler to get Congressional approval to build new ships.
- ...in 1923, the first issue of TIME magazine is published. The first cover subject is then-Speaker of the US House of Representatives Joseph Cannon.
- ...in 1931, President Herbert Hoover signs a congressional act making "The Star-Spangled Banner" the official national anthem of the United States.
- ...in 1959, radio host and producer Ira Glass ("This American Life") is born in Baltimore, MD.
