Latest Cybersecurity News and Articles
30 March 2026
The company has disclosed a cybersecurity incident involving one of its electronic health record environments.
The post Healthcare IT Platform CareCloud Probing Potential Data Breach appeared first on SecurityWeek.
30 March 2026
LLMs can write complex Rego and Cedar code in seconds, but a single missing condition or hallucinated attribute can quietly dismantle your organization’s least-privilege security model.
The post Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control appeared first on SecurityWeek.
30 March 2026
Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention.
There's a bit of everything this week. Persistence plays, legal wins, influence ops, and at least one thing that looks boring
30 March 2026
What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier 1 move faster, reduce unnecessary escalations, and improve how the entire SOC responds under pressure
30 March 2026
The startup has built an edge security management (ESM) platform, an AI engine atop the entire edge security stack.
The post Huskeys Emerges From Stealth With $8 Million in Funding appeared first on SecurityWeek.
30 March 2026
The NCSC is encouraging UK organisations to mitigate an unauthenticated remote code execution vulnerability affecting F5 BIG-IP Access Policy Manager.
30 March 2026
The state-sponsored group’s campaign has targeted government, higher education, financial, and legal entities, as well as think tanks.
The post Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit appeared first on SecurityWeek.
30 March 2026
Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year and the largest single-year jump ever recorded.
This year's findings reveal three core trends: AI has
30 March 2026
The ShinyHunters hacker group claimed to have stolen over 350GB of information from European Commission cloud systems.
The post European Commission Reports Cyber Intrusion and Data Theft appeared first on SecurityWeek.
30 March 2026
Iran-linked hacking groups are turning to high-volume, low-impact cyberattacks, and AI is providing a boost.
The post Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare appeared first on SecurityWeek.
30 March 2026
Two malicious versions of the popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux.
The post Telnyx Targeted in Growing TeamPCP Supply Chain Attack appeared first on SecurityWeek.
30 March 2026
Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders.
The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunneling
30 March 2026
The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs.
The post Exploitation of Fresh Citrix NetScaler Vulnerability Begins appeared first on SecurityWeek.
30 March 2026
The agency said Iranian hackers targeted the director’s personal email account and noted that the compromised information is old.
The post FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers appeared first on SecurityWeek.
30 March 2026
Initially disclosed as a high-severity denial-of-service (DoS), the bug was reclassified as a critical RCE issue.
The post F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild appeared first on SecurityWeek.
30 March 2026
Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a "complex and well-resourced operation."
The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL
28 March 2026
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet.
Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement
28 March 2026
The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer.
The post Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs appeared first on SecurityWeek.
28 March 2026
A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr.
The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information.
Per
28 March 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution.
"When a