CIRCLE WITH A DOT

New ransom group blog post!Group name: dragonforcePost title: M3 GroupInfo: https://cti.fyi/groups/dragonforce.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: akiraPost title: Mooers ImmigrationInfo: https://cti.fyi/groups/akira.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New.Securonix: Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto miners and Infostealers Targeting Enterprise Environments https://www.securonix.com/blog/faux-elevate-threat-actors-crypto-miners-and-infostealers/ #infosec #threatresearch

Security News Digest - 2026-03-24 25 updates from 8 sources: SecurityWeek: Chrome 146 Update Patches High-Severity Vulnerabilities https://www.securityweek.com/chrome-146-update-patches-high-severity-vulnerabilities/🦠 Malwarebytes: FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts https://www.malwarebytes.com/blog/news/2026/03/fbi-cisa-warn-of-russian-hackers-hijacking-signal-and-whatsapp-accounts BleepingComputer: Infinite Campus warns of breach after ShinyHunters claims data theft https://www.bleepingcomputer.com/news/security/infinite-campus-warns-of-breach-after-shinyhunters-claims-data-theft/ SecurityWeek: Extortion Group Claims It Hacked AstraZeneca https://www.securityweek.com/extortion-group-claims-it-hacked-astrazeneca/ BleepingComputer: HackerOne discloses employee data breach after Navia hack https://www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/ BleepingComputer: Zero Trust: Bridging the Gap Between Authentication and Trust https://www.bleepingcomputer.com/news/security/zero-trust-bridging-the-gap-between-authentication-and-trust/ Security Boulevard: Utimaco Survey: 78% of US Companies Say Data Breaches Are the Top GenAI Risk, But Most Haven’t Acted https://securityboulevard.com/2026/03/utimaco-survey-78-of-us-companies-say-data-breaches-are-the-top-genai-risk-but-most-havent-acted/ Security Boulevard: KnowBe4 Expands AIDA to Eight AI Agents at RSAC 2026, Targeting Fully Autonomous Human Risk Management https://securityboulevard.com/2026/03/knowbe4-expands-aida-to-eight-ai-agents-at-rsac-2026-targeting-fully-autonomous-human-risk-management/ Security Boulevard: CSA and Aembit Survey: 68% of Organizations Can’t Distinguish AI Agent Actions from Human Activity https://securityboulevard.com/2026/03/csa-and-aembit-survey-68-of-organizations-cant-distinguish-ai-agent-actions-from-human-activity/ Security Boulevard: News: AI-native Security Assurance leads the GRC Transformation https://securityboulevard.com/2026/03/news-ai-native-security-assurance-leads-the-grc-transformation/ Security Boulevard: Why Your Encrypted Data From 2019 Is Already Compromised: The Quantum Time Bomb https://securityboulevard.com/2026/03/why-your-encrypted-data-from-2019-is-already-compromised-the-quantum-time-bomb/ The Record from Recorded Future News: Dutch Finance Ministry probing cyber breach affecting internal systems https://therecord.media/netherlands-finance-ministry-cyberattack-breach Security News | TechCrunch: FCC bans import of new consumer routers made overseas, citing security risks https://techcrunch.com/2026/03/24/fcc-bans-import-of-new-consumer-routers-made-overseas-citing-security-risks/ The Record from Recorded Future News: Iran-linked ransomware gang targeted US healthcare org amid military conflict https://therecord.media/iran-linked-ransomware-gang-targeted-us-healthcare-org Security Boulevard: News alert: DDoS attacks surge 150%—Gcore analysis shows faster, cheaper more frequent attacks https://securityboulevard.com/2026/03/news-alert-ddos-attacks-surge-150-gcore-analysis-shows-faster-cheaper-more-frequent-attacks/ darkreading: GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead https://www.darkreading.com/application-security/github-openclaw-deployer-repo-delivers-trojan Security Boulevard: BSidesSLC 2025 – Buffer Overflows Demystified — Chaitanya Rahalkar On Exploits & Patching https://securityboulevard.com/2026/03/bsidesslc-2025-buffer-overflows-demystified-chaitanya-rahalkar-on-exploits-patching/ BleepingComputer: Microsoft fixes bug causing Classic Outlook sync issues with Gmail https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-outlook-sync-issues-for-gmail-users/ Security Boulevard: Swissbit Adds HID Seos to iShield Key 2, Previews PQC Platform and Face Biometrics at RSAC 2026 https://securityboulevard.com/2026/03/swissbit-adds-hid-seos-to-ishield-key-2-previews-pqc-platform-and-face-biometrics-at-rsac-2026/ SecurityWeek: RSAC 2026 Conference Announcements Summary (Day 1) https://www.securityweek.com/rsac-2026-conference-announcements-summary-day-1/ Security Boulevard: Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet https://securityboulevard.com/2026/03/azure-apim-signup-bypass-97-9-of-developer-portals-still-exploitable-anonymously-and-from-the-internet/ The Record from Recorded Future News: FCC bans foreign-made routers from US market over ‘unacceptable risk’ https://therecord.media/fcc-routers-banned-security-china The Hacker News: Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner https://thehackernews.com/2026/03/hackers-use-fake-resumes-to-steal.html The Hacker News: 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents https://thehackernews.com/2026/03/5-learnings-from-first-ever-gartner.html Security Boulevard: Databricks Expands Into Cybersecurity with AI-Driven Lakewatch Platform https://securityboulevard.com/2026/03/databricks-expands-into-cybersecurity-with-ai-driven-lakewatch-platform/#InfoSec #SecurityNews

Stay ahead of cyber threats. Today’s playlist dives deep into network breaches and how to stop them. https://www.youtube.com/playlist?list=PLXqx05yil_mf6QlsxNU6pBnlAWgx8SWOB#NetworkSecurity #InfoSec #CyberDefense #Ransomware #OnlineSafety

ASN: AS24940Location: Helsinki, FIAdded: 2026-03-19T09:17#shodansafari #infosec

Possible Phishing on: ️hxxps[:]//rediffmaiii[.]weebly[.]com 🧬 Analysis at: https://urldna.io/scan/69c25a673b7750000585ed7b#cybersecurity #phishing #infosec #urldna #scam #infosec

New. This updates a critical Broadcom vulnerability that was first published in February. You need a login for details.Broadcom: Web Viewer 12.1 Vulnerability https://support.broadcom.com/web/ecx/security-advisory #Broadcom #infosec #vulnerability

Surfshark launches HeyPolo • No always-on tracking• Share exact / approx / none• Granular visibility controlsPrivacy-first location sharing.https://www.technadu.com/surfshark-introduces-privacy-focused-location-app-heypolo/624213/#Privacy #InfoSec #MobileSecurity

New by me: The FCC’s Router Crackdown Shouldn’t Surprise Anyone in CybersecurityThis really did not come out of nowhere.Consumer Wi-Fi routers have been showing up in botnets, proxy networks, and larger cybersecurity conversations for years. The FCC action is really the policy side of a problem security folks have been watching for a long time.I wrote about the ruling, what it actually means, and why this is just as much a privacy story as it is a cybersecurity one.https://www.kylereddoch.me/blog/the-fccs-router-crackdown-shouldnt-surprise-anyone-in-cybersecurity/#Cybersecurity #Privacy #InfoSec #Networking

What does it take to break into digital forensics? Dr. Catherine Ullman starts with a mystery from day one: a five-second gap in the logs that shouldn't exist.She's the author of The Active Defender (Wiley), security architect at University at Buffalo, and a seasoned conference speaker.May 16th. Chicago. BSides312.️ https://bsides312.org#BSides312 #DFIR #DigitalForensics #InfoSec #CyberSecurity #Chicago

Please boost! Please share! #fedihire #fedihired #jobs #infosec #noai I am Kim Crawley and I research and write about all areas of cybersecurity. I do it the "old fashioned" way by actually using my brain and doing the work... No Gen AI! Fuck Gen AI! I hate Gen AI! I founded Stop Gen AI!I've worked for:- Siemens (Digital Industries World)- BlackBerry Cylance- Kaspersky- Hack The Box- O'Reilly Media- Wiley Tech- AT&T CybersecurityMy portfolio is here: https://kimcrawley.com- Whitepapers- Blogs- Documentation- Books- Threat analysis- Enterprise cybersecurity instruction and consultingI'm in Tribe of Hackers. I cowrote The Pentester Blueprint. I'm writing Technofascism Survival Guide now, successful Kickstarter is still taking late pledges for $12 USD eBooks: https://www.kickstarter.com/projects/kimcrawley/technofascism-survival-guideEmail me: kim(dot)crawley(at)stopgenai.comSignal: crowgirl.84Or reply here.

More about the Checkmarx incident.Hacker News: TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html @thehackernews Sisdig posted about it yesterday: TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions Checkmarx notice of breach: https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions #databreach #infosec #GitHub

New.ReversingLabs: Fake install logs in npm packages load RAT https://www.reversinglabs.com/blog/npm-fake-install-logs-ratMore:The Hacker News: Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials https://thehackernews.com/2026/03/ghost-campaign-uses-7-npm-packages-to.html @thehackernews #infosec #npm #phishing #javascript

Possible Phishing on: ️hxxps[:]//netflix-clone-6[.]vercel[.]app 🧬 Analysis at: https://urldna.io/scan/69c298ff3b77500009beeb38#cybersecurity #phishing #infosec #urldna #scam #infosec

FriendlyDealer scam abusing PWAs:• 1,500+ fake app store domains• Browser-based installs bypass OS checks• Apps appear legit• Fake MrBeast affiliations usedShift to stealth mobile delivery.https://www.technadu.com/friendlydealer-scam-mimics-app-stores-to-push-gambling-platforms-some-impersonate-mr-beast-affiliations/624237/#InfoSec #MobileSecurity #ScamAlert

Critical Memory Leak and Session Hijacking Vulnerabilities Patched in Citrix NetScalerCitrix patched a critical memory overread (CVE-2026-3055) and a high-severity session-swapping race condition (CVE-2026-4368) in NetScaler ADC and Gateway. These vulnerabilities allow unauthenticated attackers to leak sensitive memory data or hijack user sessions in environments configured for SAML or VPN services.**If possible, make sure your NetScaler ADC and Gateway appliances are isolated from the internet and accessible from trusted networks only. Them plan a quick update. If you can't isolate from the internet, this is urgent. Update the firmware to the fixed versions (14.1-66.59, 13.1-62.23, or 13.1-37.262 for FIPS/NDcPP). Attackers have previously exploited similar flaws via the CitrixBleed exploit.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-memory-leak-and-session-hijacking-vulnerabilities-patched-in-citrix-netscaler-s-x-0-i-0/gD2P6Ple2L

Possible Phishing on: ️hxxps[:]//loginacstrasbourgfrdpprofileo1cauthorize1executione1e13[.]weebly[.]com 🧬 Analysis at: https://urldna.io/scan/69c276a03b775000086c2241#cybersecurity #phishing #infosec #urldna #scam #infosec

ASN: AS8374Location: Warsaw, PLAdded: 2026-03-19T07:32#shodansafari #infosec

DarkSword iOS exploit kit leaked on GitHub.• 6-vuln chain• Targets iOS 18 and older• Enables full spyware deployment• Now usable by low-skill actorsShift from targeted espionage → scalable threat.https://www.technadu.com/darksword-iphone-exploit-kit-newer-version-leaks-on-github-exposing-ios-users-to-spyware/624227/#InfoSec #ZeroDay #iOSSecurity