Cyber Security News

Fortinet has disclosed a high-severity stack-based buffer overflow vulnerability in its FortiManager platform that could allow remote unauthenticated attackers to execute unauthorized commands. Tracked as CVE-2025-54820 and assigned a CVSSv3 score of 7.0, the flaw poses a significant risk to enterprise network management environments running affected versions of FortiManager. The vulnerability resides in the fgtupdates […]

The post Fortinet FortiManager fgtupdates Vulnerability Allows Attackers to Execute Malicious Commands appeared first on Cyber Security News.

Microsoft released its March 2026 Patch Tuesday security update on March 10, 2026, addressing 78 vulnerabilities across Windows, Microsoft Office, Azure, SQL Server, and .NET. The update includes one actively exploited zero-day vulnerability and multiple Critical-rated flaws demanding immediate attention from security teams. The most urgent fix this month is CVE-2026-21262, the sole zero-day in […]

The post Microsoft Patch Tuesday March 2026 – 78 Vulnerabilities Fixed, Including One 0-day appeared first on Cyber Security News.

Cloudflare has released version 0.8.0 of its open-source Pingora framework to patch three critical vulnerabilities: CVE-2026-2833, CVE-2026-2835, and CVE-2026-2836. These flaws allow HTTP request smuggling and cache poisoning, posing a severe threat to standalone Pingora deployments exposed directly to the internet. Cloudflare confirmed that its own Content Delivery Network (CDN) and customer traffic were completely […]

The post Cloudflare Pingora Vulnerabilities Allows Request Smuggling & Cache Poisoning Attacks appeared first on Cyber Security News.

A critical flaw in how antivirus and Endpoint Detection and Response (EDR) systems process archive files. Tracked as CVE-2026-0866, this weakness allows attackers to use intentionally malformed ZIP headers to sneak malicious payloads past standard security scanners entirely undetected. ZIP archives contain embedded metadata, such as version details, operational flags, and specific compression methods, which […]

The post Malformed ZIP Files Allows Attackers to Bypass Antivirus and EDR Detections appeared first on Cyber Security News.

OpenAI has announced its acquisition of Promptfoo, an artificial intelligence security platform designed to help enterprises find and fix vulnerabilities during development. This strategic move aims to secure AI systems against emerging threats, such as prompt injection and jailbreaks, before they are deployed into live business environments. Once the acquisition is finalized, OpenAI plans to […]

The post OpenAI to Acquire Promptfoo to Fix Vulnerabilities in AI Systems appeared first on Cyber Security News.

Ivanti has issued a security update for its Desktop and Server Management (DSM) software, addressing a high-severity vulnerability that could allow a local authenticated attacker to escalate their privileges on affected systems. The flaw, tracked as CVE-2026-3483, carries a CVSS score of 7.8 and affects all DSM versions up to and including 2026.1. The vulnerability […]

The post Ivanti Desktop and Server Management Vulnerability Allows Attackers to Escalate Privileges appeared first on Cyber Security News.

The Kali Linux team has published a new entry in its growing LLM-driven security series, this time eliminating all reliance on third-party cloud services by running large language models entirely on local hardware. The guide demonstrates how security professionals can use natural language to drive penetration testing tools, all processed on-premise, with no data leaving […]

The post Kali Linux Enhances AI-driven Penetration Testing with Local Ollama, 5ire, and MCP Kali Server appeared first on Cyber Security News.

A serious security flaw in Ivanti Endpoint Manager has caught federal attention after the Cybersecurity and Infrastructure Security Agency (CISA) added it to the Known Exploited Vulnerabilities (KEV) catalog on March 9, 2026. Tracked as CVE-2026-1603, this authentication bypass vulnerability affects all versions of Ivanti Endpoint Manager prior to the 2024 SU5 release and enables […]

The post CISA Warns of Ivanti Endpoint Manager Authentication Bypass Vulnerability Exploited in Attacks appeared first on Cyber Security News.

OpenClaw, a self-hosted AI agent, rose to become GitHub’s most-starred repository weeks after its launch, drawing a large developer community and immediate researcher attention. Nobody anticipated this growth would soon become an unexpected stress test for the global vulnerability tracking ecosystem. In late February, the project began publishing security advisories at a rate few open […]

The post OpenClaw Advisory Surge Exposes Gap Between GitHub and CVE Vulnerability Tracking appeared first on Cyber Security News.

Artificial intelligence leader Anthropic has filed an unprecedented lawsuit against the United States government after being designated a “supply chain risk”. The legal action, filed in a California federal court on Monday, targets the executive office of President Donald Trump, Defense Secretary Pete Hegseth, and 16 federal agencies. The core of the dispute revolves around […]

The post Anthropic Sued the U.S. Government for Labelling Claude as ‘Supply Chain Risk’ appeared first on Cyber Security News.

Two “Important” severity vulnerabilities have been disclosed in Apache ZooKeeper, a widely used service for configuration management and naming in distributed applications, making timely security updates critical. These newly discovered flaws could allow attackers to access sensitive configuration data or bypass hostname verification to impersonate trusted servers. Both vulnerabilities affect ZooKeeper versions 3.8. x and […]

The post Apache ZooKeeper Vulnerability Allow Attackers to Access Sensitive Data appeared first on Cyber Security News.

A powerful iPhone exploit kit named “Coruna,” initially created for Western intelligence by U.S. contractor L3Harris, has fallen into the hands of Russian spies and Chinese cybercriminals.​ The Coruna toolkit features 23 different hacking components designed to compromise Apple iPhones. Trenchant originally built it, the hacking division of U.S. military contractor L3Harris, for use by […]

The post iPhone Exploit Toolkit Used by Russian Spies Likely Originated from U.S. Contractor appeared first on Cyber Security News.

A newly uncovered phishing campaign is actively targeting enterprise users by disguising malware as widely used workplace applications, including Microsoft Teams, Zoom, and Adobe Acrobat Reader. What makes this threat stand out is that the malicious files carry legitimate-looking digital signatures, making them harder for everyday users and even basic security tools to flag. The […]

The post Signed Malware Masquerading as Teams, Zoom Apps Drops RMM Backdoors appeared first on Cyber Security News.

A Chinese-linked advanced persistent threat group known as Camaro Dragon launched a targeted cyberespionage campaign against entities in Qatar just one day after the outbreak of new hostilities in the Middle East on March 1, 2026. The group used war-themed lure documents designed to look like urgent, real-world communications tied to Operation Epic Fury, tricking […]

The post Chinese APT Campaign Targets Qatar With PlugX Lures Tied to Middle East Conflict appeared first on Cyber Security News.

A dangerous malware campaign targeting software developers has surfaced, with a rogue npm package posing as a trusted developer tool to silently drain credentials, crypto wallets, SSH keys, browser sessions, and even iMessage conversations. The package, published under the name @openclaw-ai/openclawai, disguises itself as a legitimate command-line installer called “OpenClaw Installer” while deploying a deeply hidden […]

The post GhostClaw Mimic as OpenClaw to Steal Everything from Developers appeared first on Cyber Security News.

ScamAgent is an autonomous, multi-turn AI framework developed by researcher Sanket Badhe at Rutgers University that demonstrates how large language models (LLMs) can be weaponized to conduct fully automated scam calls. By integrating goal-driven planning, contextual memory, and real-time text-to-speech (TTS) synthesis, the system successfully bypasses existing AI safety guardrails to simulate highly realistic social […]

The post ScamAgent- AI Agent Built by Researchers that Run Fully Autonomous Scam Calls appeared first on Cyber Security News.

A social-engineering campaign abusing Microsoft Teams and Windows Quick Assist is evolving again, with BlueVoyant warning that the attackers are now deploying a newly identified malware family called A0Backdoor after convincing employees to hand over remote access. The activity overlaps with tactics previously tied to Blitz Brigantine, also tracked as Storm-1811, a financially motivated cluster […]

The post Hackers Attack Employees Over Microsoft Teams to Trick Them Into Granting Remote Access appeared first on Cyber Security News.

A convincing fake website posing as the popular Mac utility CleanMyMac is actively pushing dangerous macOS malware called SHub Stealer onto unsuspecting users. The site, hosted at cleanmymacos[.]org, has no connection to the real CleanMyMac software or its developers, MacPaw. Once inside a system, SHub Stealer harvests saved passwords, browser data, Apple Keychain contents, cryptocurrency […]

The post Hackers Use Fake CleanMyMac Site to Deploy SHub Stealer and Hijack Crypto Wallets appeared first on Cyber Security News.

A new data-stealing malware called BoryptGrab has been quietly spreading across Windows systems through a network of fake GitHub repositories, tricking users into downloading what appear to be popular free software tools. The campaign, which has been active since at least April 2025, uses search engine manipulation to make these malicious repositories look legitimate, luring […]

The post BoryptGrab Stealer Spreads via Fake GitHub Repositories, Stealing Browser and Crypto Wallet Data appeared first on Cyber Security News.

The Iranian advanced persistent threat group known as Seedworm — also tracked as MuddyWater, Temp Zagros, and Static Kitten — has been found actively operating inside the networks of multiple U.S. organizations since early February 2026, raising serious alarms across the cybersecurity community. The group’s intensified activity follows the coordinated U.S. and Israeli military strikes […]

The post Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity appeared first on Cyber Security News.