CIRCLE WITH A DOT

Security News Digest - 2026-03-11 5 updates from 3 sources: Security Boulevard: Protecting OTP & Magic Link Endpoints from Abuse: IP Reputation, Rate Limiting, and Suspicious IP Throttling https://securityboulevard.com/2026/03/protecting-otp-magic-link-endpoints-from-abuse-ip-reputation-rate-limiting-and-suspicious-ip-throttling/ The Hacker News: UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours https://thehackernews.com/2026/03/unc6426-exploits-nx-npm-supply-chain.html Security Boulevard: What Is an Exposure Assessment Platform — And Why Your Website Is the Blind Spot https://securityboulevard.com/2026/03/what-is-an-exposure-assessment-platform-and-why-your-website-is-the-blind-spot/ SecurityWeek: ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric https://www.securityweek.com/ics-patch-tuesday-vulnerabilities-fixed-by-siemens-schneider-moxa-mitsubishi-electric/ Security Boulevard: Who Actually Owns This Service Account? https://securityboulevard.com/2026/03/who-actually-owns-this-service-account/#InfoSec #SecurityNews

The Live Terminal feature of Cortex XDR can be abused by attackers as a pre-installed, EDR-trusted C2 channelhttps://labs.infoguard.ch/posts/abusing_cortex_xdr_live_response_as_c2#infosec #cybersecurity #redteam #pentest

ASN: AS22369Location: Parsippany, USAdded: 2026-02-24T17:45#shodansafari #infosec

Possible Phishing on: ️hxxps[:]//asmails[.]weebly[.]com 🧬 Analysis at: https://urldna.io/scan/69b040293b77500003a6b3ad#cybersecurity #phishing #infosec #urldna #scam #infosec

Possible Phishing on: ️hxxps[:]//myredform-acc-sec[.]weebly[.]com 🧬 Analysis at: https://urldna.io/scan/69b04e333b77500003a6b5d5#cybersecurity #phishing #infosec #urldna #scam #infosec

New ransom group blog post!Group name: kairosPost title: Institute of Social Security - ParaguayInfo: https://cti.fyi/groups/kairos.html#ransomware #cti #threatintelligence #cybersecurity #infosec

2026-03-10 RDP #Honeypot IOCs - 198 scansThread with top 3 features in each category and links to the full dataset#DFIR #InfoSecTop IPs:39.96.172.69 - 60170.64.228.22 - 3080.94.95.221 - 21Top ASNs:AS37963 - 60AS396982 - 36AS14061 - 30Top Accounts:hello - 114Administr - 24Test - 15Top ISPs:Hangzhou Alibaba Advertising Co - 60Google LLC - 36DigitalOcean, LLC - 30Top Clients:Unknown - 198Top Software:Unknown - 198Top Keyboards:Unknown - 198Top IP Classification:hosting - 153Unknown - 45Pastebin links with full 24-hr RDP Honeypot IOC Lists:Bad API request, invalid api_dev_key#CyberSec #SOC #Blueteam #SecOps #Security

CRITICAL: CVE-2026-28806 in nerves_hub_web ≤2.3.x allows authenticated users to take over devices/orgs via improper authorization. Upgrade to 2.4.0+ ASAP! Remote console: high risk of full compromise. https://radar.offseq.com/threat/cve-2026-28806-cwe-285-improper-authorization-in-n-d2ddfb8c #OffSeq #nerveshub #infosec #CVE202628806

ASN: AS132335Location: Artist Village, INAdded: 2026-03-10T10:53#shodansafari #infosec

Possible Phishing on: ️hxxp[:]//padisahbet[.]guvenli-resmi-giris[.]vip/ 🧬 Analysis at: https://urldna.io/scan/69b06a6e3b77500003a6b9f1#cybersecurity #phishing #infosec #urldna #scam #infosec

Security News Digest - 2026-03-10 17 updates from 6 sources: Security Boulevard: CISA Warns SolarWinds and Ivanti Vulnerabilities Are Actively Exploited https://securityboulevard.com/2026/03/cisa-warns-solarwinds-and-ivanti-vulnerabilities-are-actively-exploited/ BleepingComputer: HPE warns of critical AOS-CX flaw allowing admin password resets https://www.bleepingcomputer.com/news/security/hpe-warns-of-critical-aos-cx-flaw-allowing-admin-password-resets/🦠 Malwarebytes: How to see your Google Search history (and delete it) https://www.malwarebytes.com/blog/how-to/2026/03/how-to-see-your-google-search-history-and-delete-it Security Boulevard: How to see your Google Search history (and delete it) https://securityboulevard.com/2026/03/how-to-see-your-google-search-history-and-delete-it/ BleepingComputer: Windows 11 KB5079473 & KB5078883 cumulative updates released https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5079473-and-kb5078883-cumulative-updates-released/ Security News | TechCrunch: US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine https://techcrunch.com/2026/03/10/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine/ SecurityWeek: Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP https://www.securityweek.com/jazz-emerges-from-stealth-with-61m-in-funding-for-ai-powered-dlp/ BleepingComputer: Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2026-patch-tuesday-fixes-2-zero-days-79-flaws/ Security News | TechCrunch: Mandiant’s founder just raised $190M for his autonomous AI agent security startup https://techcrunch.com/2026/03/10/mandiants-founder-just-raised-190m-for-his-autonomous-ai-agent-security-startup/ SecurityWeek: Adobe Patches 80 Vulnerabilities Across Eight Products https://www.securityweek.com/adobe-patches-80-vulnerabilities-across-eight-products/ BleepingComputer: Microsoft releases Windows 10 KB5078885 extended security update https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5078885-extended-security-update/ darkreading: Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit https://www.darkreading.com/cyber-risk/sednit-resurfaces-with-sophisticated-new-toolkit Security Boulevard: USENIX Security ’25 (Enigma Track) – Risk Is Not A Hammer, And Most Hazards Aren’t Nails https://securityboulevard.com/2026/03/usenix-security-25-enigma-track-risk-is-not-a-hammer-and-most-hazards-arent-nails/ SecurityWeek: Microsoft Patches 83 Vulnerabilities https://www.securityweek.com/microsoft-patches-83-vulnerabilities/ Security Boulevard: Google Cloud Security Threat Horizons Report #13 (H1 2026) Is Out! https://securityboulevard.com/2026/03/google-cloud-security-threat-horizons-report-13-h1-2026-is-out/ BleepingComputer: New 'Zombie ZIP' technique lets malware slip past security tools https://www.bleepingcomputer.com/news/security/new-zombie-zip-technique-lets-malware-slip-past-security-tools/ Security News | TechCrunch: DOGE employee stole Social Security data and put it on a thumb drive, report says https://techcrunch.com/2026/03/10/doge-employee-stole-social-security-data-and-put-it-on-a-thumb-drive-report-says/#InfoSec #SecurityNews

NEW SECURITY CONTENT macOS Tahoe 26.3.2 - no CVE entries#apple #cybersecurity #infosec #security #ios

Shifting Recon Priorities: AI/LLM Infrastructure.My passive sensors are capturing targeted probing on OpenAI/Anthropic compatible endpoints. This isn't generic scanning; it's a search for exposed LLM proxies.Technical Details: Agent: FastScan/1.0 Target: /v1/chat/completions, /v1/models Observation: Attackers are moving from traditional web exploits to hunting for "Model-as-a-Service" misconfigurations to monetize compute or leak system prompts.Is anyone else seeing FastScan activity in their network background noise?#ThreatIntel #AISecurity #PassiveSensing #Infosec #FastScan

New security advisory:CVE-2025-61611 affects Linuxfoundation Yocto.• Impact: Significant security breach potential• Risk: Unauthorized access or data exposure• Mitigation: Apply patches within 24-48 hoursFull breakdown:https://www.yazoul.net/advisory/cve/cve-2025-61611#InfoSec #VulnerabilityManagement #CyberSec

Supply-chain breach alert.Ericsson says a compromised service provider exposed data of 15,661 employees and customers.Data may include SSNs, IDs, financial details, and medical info.Incident reported to the Federal Bureau of Investigation.Source: https://www.bleepingcomputer.com/news/security/ericsson-us-discloses-data-breach-after-service-provider-hack/Follow @technadu for infosec updates.#Infosec #DataBreach #CyberSecurity

Critical Gogs Vulnerability Enables Silent Supply-Chain Attacks via LFS OverwritesGogs patched a critical vulnerability (CVE-2026-25921) that allows unauthenticated attackers to overwrite Git Large File Storage (LFS) objects across repositories, enabling silent supply-chain attacks.**If you are using Gogs, this is important, and if you have public access or registration to Gogs, it's urgent. Attackers can exploit this flaw to inject their malicious versions of binaries. You should not only update to version 0.14.2 ASAP and verify the integrity of your existing large files to ensure they haven't been replaced with malicious versions.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-gogs-vulnerability-enables-silent-supply-chain-attacks-via-lfs-overwrites-g-z-x-s-r/gD2P6Ple2L

Possible Phishing on: ️hxxps[:]//t[.]co/1xJaF0jtA0 🧬 Analysis at: https://urldna.io/scan/69afebbf3b77500003a6a792#cybersecurity #phishing #infosec #urldna #scam #infosec

ASN: AS16135Location: Istanbul, TRAdded: 2026-03-05T01:06#shodansafari #infosec

New.Kaspersky: BeatBanker: A dual‑mode Android Trojan https://securelist.com/beatbanker-miner-and-banker/119121/ @Kaspersky Picus: The Role of Generative AI in BAS: Why Attackers Move in Minutes and Defenders Still Take Days https://www.picussecurity.com/resource/blog/the-role-of-generative-ai-in-bas-why-attackers-move-in-minutes-and-defenders-still-take-days SentinelOne: FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise https://www.sentinelone.com/blog/fortigate-edge-intrusions/ @SentinelOneCloudflare: Investigating multi-vector attacks in Log Explorer https://blog.cloudflare.com/investigating-multi-vector-attacks-in-log-explorer/ @cloudflare Any.Run: OAuth Device Code Phishing: A New Microsoft 365 Account Breach Vector https://any.run/cybersecurity-blog/oauth-device-code-phishing/ @anyrun_app #malware #Microsoft #phishing #threatresearch #infosec #Android #Google #Fortinet

THREAT INTELLIGENCEMalicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS CredentialsVulnerability | MEDIUMHackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the...Full analysis:https://www.yazoul.net/news/news/malicious-npm-package-posing-as-openclaw-installer-deploys-rat-steals-macos-cred#InfoSec #ZeroDay #SecurityOps