Aggregator

Phobos ransomware leader facing 20 years in prison after pleading guilty to hacking charges

1 month ago

Ptitsyn and several others began using the Phobos ransomware in November 2020, attacking more than 1,000 organizations around the world. He was arrested in South Korea and extradited in November 2024.

Qilin

1 month ago

You must login to view this content

cohenido

Qilin

1 month ago

You must login to view this content

cohenido

Qilin

1 month ago

You must login to view this content

cohenido

Qilin

1 month ago

You must login to view this content

cohenido

Qilin

1 month ago

You must login to view this content

cohenido

Qilin

1 month ago

You must login to view this content

cohenido

CASI Leaderboard Shifts: Sugar-Coated Poison, and the Expanding AI Attack Surface

1 month ago

AI Security Insights – March 2026

Phobos ransomware leader pleads guilty, faces up to 20 years in prison

1 month ago

The 43-year-old Russian national ran a ransomware operation that impacted more than 1,000 victims globally. The conspiracy netted more than $39 million in extortion payments.

The post Phobos ransomware leader pleads guilty, faces up to 20 years in prison appeared first on CyberScoop.

Matt Kapko

Suspected DPRK Threat Actors Compromise Crypto Firms, Steal Keys and Cloud Assets in Coordinated Attacks

Cyber Security News

1 month ago

A coordinated campaign targeting cryptocurrency organizations has drawn attention from the security community, with evidence pointing to threat actors potentially linked to North Korea’s state-sponsored hacking operations. The attackers moved systematically across multiple tiers of the crypto supply chain — hitting staking platforms, exchange software providers, and the exchanges themselves — making off with proprietary […]

The post Suspected DPRK Threat Actors Compromise Crypto Firms, Steal Keys and Cloud Assets in Coordinated Attacks appeared first on Cyber Security News.

Tushar Subhra Dutta

Журналист взломал ChatGPT выдуманным рейтингом по поеданию хот-догов

1 month ago

Оказывается, ИИ можно заставить повторять любую выдумку, просто опубликовав её в сети.

PleaseFix Flaw Lets Hackers Access 1Password Vault via Comet AI Browser

1 month ago

Researchers at Zenity Labs uncover PleaseFix flaws in Perplexity’s Comet browser. See how zero-click calendar invites allow AI agents to steal 1Password credentials and personal files.

Deeba Ahmed

CVE-2026-3606 | Ettercap 0.8.4-Garofalo etterfilter ef_output.c add_data_segment out-of-bounds (Issue 1297)

VulDB Recent Entries

1 month ago

A vulnerability, which was classified as problematic, has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2026-3606. Local access is required to approach this attack. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.

vuldb.com

Сначала взламывают камеру. Потом прилетает ракета. Иран отработал схему — и запускает её снова

1 month ago

После ракетных ударов Иран совершил сотни хакерских атак на камеры видеонаблюдения.

CVE-2026-3009 | Keycloak IdentityBrokerService improper authentication

VulDB Recent Entries

1 month ago

A vulnerability classified as critical was found in Keycloak. Affected is an unknown function of the component IdentityBrokerService. Executing a manipulation can lead to improper authentication. This vulnerability is handled as CVE-2026-3009. The attack can only be done within the local network. There is not any exploit available.

vuldb.com

CVE-2026-2603 | Keycloak SAML Identity Provider improper authentication

VulDB Recent Entries

1 month ago

A vulnerability classified as critical has been found in Keycloak. This impacts an unknown function of the component SAML Identity Provider Handler. Performing a manipulation results in improper authentication. This vulnerability is known as CVE-2026-2603. Access to the local network is required for this attack. No exploit is available.

vuldb.com

CVE-2026-2092 | Keycloak Encrypted SAML Assertion improper authorization

VulDB Recent Entries

1 month ago

A vulnerability described as critical has been identified in Keycloak. This affects an unknown function of the component Encrypted SAML Assertion. Such manipulation leads to improper authorization. This vulnerability is traded as CVE-2026-2092. The attack may be launched remotely. There is no exploit available.

vuldb.com

Top 10 artificial intelligence security actions: A primer - ITSAP.10.049

CCCS - Guidance, news and events

1 month ago

Our top AI security actions are designed to help organizations of all sizes and sectors strengthen their cyber resilience.

Canadian Centre for Cyber Security

Submit #764648: Ettercap ettercap Ettercap v0.8.4-Garofalo and master-branch Heap-based Buffer Overflow [Accepted]

1 month ago

Submit #764648 / VDB-349218

Oneafter

Fig Security Emerges From Stealth to Fix Broken Security Operations

1 month ago

Fig Security's platform traces security data flows end-to-end across SIEMs, pipelines, and response systems to alert teams before infrastructure changes break critical defenses.

Dark Reading Staff