Cyber Security News

A threat actor known as TeamPCP has taken a sharp turn toward destruction with a new payload that goes far beyond credential theft or backdoor installation. The group, tracked as a cloud-native attacker since late 2025, has deployed a Kubernetes wiper that specifically targets systems configured for Iran — a geopolitical targeting tactic that marks […]

The post CanisterWorm Gets Destructive as TeamPCP Deploys Iran-Focused Kubernetes Wiper appeared first on Cyber Security News.

A persistent threat actor known as Larva-26002 has been continuously targeting poorly managed Microsoft SQL (MS-SQL) servers, this time deploying a new scanner malware called ICE Cloud Client. The campaign has been active since at least January 2024 and continues into 2026, with the attacker upgrading their tools with every cycle. What started as a […]

The post Threat Actors Continuously Attacking MS-SQL Servers to Deploy ICE Cloud Scanner appeared first on Cyber Security News.

Attackers have found a new way to push malware by weaponizing one of the most trusted everyday tools — Google Forms. A newly identified campaign is exploiting business-themed lures, including fake job interviews, project briefs, and financial documents, to deliver a Remote Access Trojan (RAT) known as PureHVNC onto victim machines. What sets this campaign […]

The post Google Forms Job Lures Deliver PureHVNC in New Multi-Stage Malware Campaign appeared first on Cyber Security News.

One of the world’s most dangerous state-backed hacking groups is actively targeting Remote Desktop Protocol (RDP) servers across critical infrastructure, defense organizations, and government agencies. The threat actor, known as APT-C-13 and widely tracked as Sandworm, APT44, Seashell Blizzard, and Voodoo Bear, has long been conducting cyber operations since at least 2009. Its latest campaign, […]

The post APT Hackers Attacking RDP Servers to Deploy Malicious Payloads and Establish Persistence appeared first on Cyber Security News.

A powerful iOS exploit toolkit known as DarkSword has been publicly leaked on GitHub, dramatically lowering the barrier for cybercriminals to target hundreds of millions of iPhones and iPads still running outdated software. Security researchers are sounding the alarm as the leak transforms what was once a sophisticated, state-linked offensive tool into an accessible attack […]

The post DarkSword Exploit Chain That Can Hack Millions of iPhones Leaked Online appeared first on Cyber Security News.

There is a version of threat monitoring that looks impressive on paper and fails in practice. High log ingestion volumes. Hundreds of detection rules. A dashboard full of metrics. And yet, attackers dwell in the environment for weeks or months completely undetected, moving laterally, exfiltrating data, preparing a payload.  The problem is not a lack of […]

The post Why Your Monitoring Program Is Letting Attackers Win  appeared first on Cyber Security News.

The rapid rise of generative AI has brought new security concerns that organizations can no longer afford to overlook. Microsoft has now outlined a detailed framework of security safeguards designed to protect generative AI models hosted on its Azure AI Foundry platform, addressing a growing threat that sits squarely at the intersection of software supply […]

The post Microsoft Details New Security Safeguards for Generative AI Models on Azure AI Foundry appeared first on Cyber Security News.

Luxembourg, Luxembourg, March 24th, 2026, CyberNewswire Gcore data highlights a threat landscape defined by newfound automated attack capabilities, scale, and frequency Gcore, the global infrastructure and software provider for AI, cloud, network, and security solutions, today announced the findings of its Q3-Q4 2025 Gcore Radar report DDoS attack trends. The report reveals growing attack volumes, […]

The post Gcore Radar report reveals 150% surge in DDoS attacks year-on-year appeared first on Cyber Security News.

The underground cybercriminal world saw a notable development on March 22, 2026, when a new Tor-based leak site called “ALP-001” appeared on the dark web, openly marketing itself as a “Data Leaks / Access Market.” The emergence of this platform points to a growing trend where established threat actors who traditionally sell corporate network access […]

The post New Data Leak Site Uncovered Linked to Active Initial Access Broker on Underground Forums appeared first on Cyber Security News.

The National Institute of Standards and Technology (NIST) has released NIST SP 1308, the “Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide”. Published in March 2026, this strategic document provides a structured methodology to integrate cybersecurity risk management (CSRM) into broader enterprise risk management (ERM) strategies. The guide emphasizes workforce planning to address the […]

The post NIST Releases Quick-Start Guide on Cybersecurity, Risk, and Workforce Management appeared first on Cyber Security News.

A widely used open-source web-based IMAP email client, Roundcube Webmail, has released version 1.6.14, delivering critical security patches to fix multiple severe vulnerabilities in the 1.6.x branch. The release resolves a complex range of security issues, spanning from pre-authentication arbitrary file write risks to cross-site scripting (XSS) and server-side request forgery (SSRF). System administrators are […]

The post Roundcube Webmail Security Updates Patches Multiple Critical Vulnerabilities appeared first on Cyber Security News.

Google has rolled out an urgent security update for the Chrome browser to address eight high-severity vulnerabilities. These newly patched security flaws could allow threat actors to execute arbitrary code remotely, posing a significant risk to user data and system integrity. The stable channel is currently receiving updates to version 146.0.7680.164 or 146.0.7680.165 for Windows […]

The post Chrome Security Update Fixes 8 Vulnerabilities Allowing Remote Code Execution appeared first on Cyber Security News.

Cybercriminals have set their sights on Android users through a well-crafted phishing scheme that disguises malicious applications as beta-testing opportunities for ChatGPT and Meta advertising tools. What appears to be a legitimate app-testing invitation turns out to be a carefully planned attempt to steal Facebook credentials and seize full control of user accounts. This campaign […]

The post Hackers Attacking Android Users With Fake ChatGPT Invites to Deploy Malware appeared first on Cyber Security News.

Sparks, Nevada — March 6, 2026  NAKIVO Inc. announced the release of NAKIVO Backup & Replication v11.2, offering expanded platform support, enhanced security and faster disaster recovery for organizations worldwide. This version is the product of a focused engineering roadmap, while NAKIVO’s international growth reflects deepening market demand for reliable, cost-effective data protection.  What v11.2 Delivers  The update […]

The post NAKIVO Backup & Replication Launches v11.2 with Automated Real-Time Replication and VMware vSphere 9 Support  appeared first on Cyber Security News.

A massive attack surface involving outdated Microsoft Internet Information Services (IIS) servers. During Shadowserver’s daily network scans on March 23, 2026, researchers identified over 511,000 End-of-Life (EOL) IIS instances actively connected to the internet. This widespread exposure presents a serious security risk for organizations worldwide, as these obsolete servers no longer receive standard security patches. […]

The post 511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now! appeared first on Cyber Security News.

Mazda Motor Corporation has officially disclosed a security incident involving unauthorized external access to an internal warehouse management system, potentially exposing 692 personal data records of employees, group company staff, and business partners. The Japanese automaker published its formal breach notification on March 19, 2026, revealing that the intrusion had first been detected in mid-December […]

The post Mazda Data Breach Exposing Employee and Partner Records Via System Vulnerability appeared first on Cyber Security News.

Every April, millions of Americans rush to file taxes before the deadline — and attackers count on it. A large-scale malvertising campaign, active since at least January 2026, has been exploiting that urgency by placing fake tax form pages through Google Ads, ultimately deploying a kernel-mode EDR killer on victim machines. The campaign targeted U.S. […]

The post Tax-Themed Google Ads Lead to BYOVD EDR Killer in Huntress-Traced Malvertising Campaign appeared first on Cyber Security News.

A sophisticated SEO poisoning campaign has been quietly targeting Windows users since at least October 2025, luring them into downloading trojanized installers for more than 25 popular software applications. The operation went undetected for roughly five months before investigators uncovered its full scope in March 2026, revealing a multi-stage infection chain that silently compromises victims’ […]

The post SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025 appeared first on Cyber Security News.

QNAP has released a critical security advisory addressing a severe vulnerability in its QVR Pro surveillance software. Tracked as CVE-2026-22898, this flaw allows remote, unauthenticated attackers to gain unauthorized access to affected systems. Users relying on QVR Pro 2.7. x must immediately apply the latest patches to secure their network-attached storage environments against potential intrusions. […]

The post Critical QNAP QVR Pro Vulnerability Let Remote Attackers Gain Access to the System appeared first on Cyber Security News.

Cloud Software Group has released urgent security patches for NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), addressing two significant vulnerabilities that could allow unauthenticated remote attackers to compromise affected systems. Organizations running customer-managed deployments are strongly urged to apply the updates immediately. CVE-2026-3055: Critical Out-of-Bounds Read via SAML IDP The more […]

The post Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems appeared first on Cyber Security News.