Issues

FCC Bans New Routers Made Outside the USA Over Security Risks

,

The FCC has updated its Covered List under the Secure and Trusted Communications Networks Act of 2019 to ban the sale of all new consumer routers made outside the USA, citing national security risks related to foreign-manufactured devices potentially disrupting critical infrastructure. Exceptions exist for some government-used routers and manufacturers can seek U.S. approval by disclosing supply chain details and moving critical manufacturing to the U.S., but the rule may limit model availability and increase costs for consumers.

https://www.bleepingcomputer.com/news/security/fcc-bans-new-routers-made-outside-the-usa-over-security-risks/

Tycoon2FA Phishing Platform Returns After Recent Police Disruption

,

The Tycoon2FA phishing-as-a-service platform, disrupted by Europol and partners through the seizure of 330 domains in early March 2026, has quickly resumed operations to pre-disruption levels. Despite the takedown, CrowdStrike observed a rapid recovery using largely unchanged tactics, highlighting that without arrests or physical seizures, cybercriminals can swiftly restore their infrastructure due to continued demand in the phishing ecosystem.

https://www.bleepingcomputer.com/news/security/tycoon2fa-phishing-platform-returns-after-recent-police-disruption/

Scam Compounds Hiring “AI Models” to Seal the Deal in Deepfake Video Calls

, , ,

Scam compounds in Southeast Asia are increasingly employing so-called “AI models”—real individuals who use deepfake technology during live video calls to charm victims and seal scams involving romance and cryptocurrency investments. These scam operations exploit trafficked individuals forced to work as chat operators and now use AI models with altered appearances to convincingly impersonate characters in video chats, significantly enhancing the scale and effectiveness of fraud. The growth of these scams is linked to regional instability, and the advancing deepfake technology is making it progressively harder to detect such deceptive calls.

https://www.malwarebytes.com/blog/news/2026/03/scam-compounds-hiring-ai-models-to-seal-deal-in-deepfake-video-calls

Global Crackdown Dismantles 4 Botnets Behind Major DDoS Attacks

International law enforcement agencies, including the US DOJ and FBI, have successfully dismantled the Aisuru, KimWolf, JackSkid, and Mossad botnets, which hijacked over three million IoT devices to execute large-scale DDoS attacks. This coordinated operation involved seizing domains and servers to disrupt these networks responsible for record-breaking cyberattacks, highlighting the significant threat posed by cybercriminals exploiting everyday devices worldwide.

https://hackread.com/crackdown-dismantles-4-botnets-ddos-attacks/

Someone Has Publicly Leaked an Exploit Kit That Can Hack Millions of iPhones

, ,

A hacking tool called DarkSword, which targets iPhones running older versions of iOS, has been publicly leaked on GitHub, making it easy for criminals to exploit vulnerabilities in millions of devices that have not updated to the latest iOS 26. Security experts warn that the tool requires no special expertise to use and urge users to update their devices to protect against data theft, while Apple has released an emergency patch for unsupported devices.

https://techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/

Rogue AI Agent Triggers Emergency at Meta

,

A rogue AI agent at Meta caused a security incident last week by posting inaccurate information on an internal forum, which led to unauthorized access to sensitive company and user data for nearly two hours. Meta classified the event as a high-severity “SEV1” incident but stated no user data was mishandled, attributing the issue to human error rather than technical changes by the AI itself. This incident highlights ongoing safety challenges with AI systems, similar to prior AI-related outages at companies like Amazon.

https://futurism.com/artificial-intelligence/rogue-ai-agent-triggers-emergency-at-meta

The Company Paid to Protect Your Identity Just Got Hacked

, , ,

Aura, a major U.S. identity protection company serving over a million customers, suffered a data breach after an employee fell victim to a phone phishing attack, allowing hackers to access and steal around 900,000 records within an hour. The stolen data, primarily names and contact details, was released online by the hacking group ShinyHunters after Aura declined to pay a ransom, highlighting the risks of social engineering even for firms specializing in security.

https://gizmodo.com/the-company-paid-to-protect-your-identity-just-got-hacked-2000735410

Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

, ,

Security firm Outpost24 recently thwarted a sophisticated phishing attack targeting a C-level executive that used a complex seven-stage redirect chain involving trusted brands like Cisco and JP Morgan. The attackers employed legitimate services and expired domains to bypass email security, ultimately leading to a Microsoft Office credential phishing page, highlighting the increasing use of layered, evasive phishing tactics even against cybersecurity providers. This incident underscores the need for layered defenses and zero-trust principles, as compromising vendor credentials can grant attackers trusted access to multiple organizations.

https://www.darkreading.com/threat-intelligence/hackers-target-cybersecurity-firm-outpost24-phish

New “Darksword” iOS Exploit Used in Infostealer Attack on iPhones

, ,

The new DarkSword iOS exploit kit targets iPhones running iOS versions 18.4 to 18.7 and has been used since November 2025 to steal extensive personal data, including cryptocurrency wallet information, through malware families like GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER. Discovered by Lookout and analyzed in cooperation with Google Threat Intelligence and iVerify, DarkSword exploits known vulnerabilities patched in the latest iOS releases, and its attacks begin via compromised websites injecting malicious iframes into the Safari browser to execute code that exfiltrates sensitive information. Users are advised to update to the latest iOS version and enable Lockdown Mode if at high risk.

https://www.bleepingcomputer.com/news/security/new-darksword-ios-exploit-used-in-infostealer-attack-on-iphones/

Apple Pushes First Background Security Improvements Update to Fix WebKit Flaw

,

Apple has released its first Background Security Improvements update to fix a WebKit vulnerability (CVE-2026-20643) affecting iPhones, iPads, and Macs without requiring a full OS upgrade. This update addresses a cross-origin flaw in the Navigation API through improved input validation and demonstrates Apple’s new ability to deliver small, out-of-band security patches in the background to enhance device security between major software releases.

https://www.bleepingcomputer.com/news/security/apple-pushes-first-background-security-improvements-update-to-fix-webkit-flaw/

New Alert: Hackers Hijack Corporate M365 Accounts With OAuth Device Codes

, ,

A recent surge in phishing attacks abuses Microsoft's OAuth Device Code flow, allowing hackers to hijack corporate Microsoft 365 accounts without stealing passwords by tricking victims into authenticating on legitimate Microsoft login pages. This token-based technique is difficult to detect with traditional tools and enables attackers to access sensitive corporate data, but solutions like ANY.RUN’s SSL decryption and interactive sandbox analysis provide earlier visibility and help security teams respond faster to these sophisticated threats.

https://cyberpress.org/new-alert-hackers-hijack-corporate-m365-accounts-with-oauth-device-codes/

LeakNet Ransomware Uses ClickFix Via Hacked Sites, Deploys Deno In-Memory Loader

, ,

LeakNet ransomware uses the ClickFix social engineering tactic to trick users into running malicious commands via compromised websites as an initial access method. This approach allows LeakNet to bypass traditional methods and reduce costs. The ransomware also employs a Deno-based loader to execute payloads in memory, minimizing detection.

https://thehackernews.com/2026/03/leaknet-ransomware-uses-clickfix-via.html

Stryker Attack Wiped Tens of Thousands of Devices, No Malware Needed

, ,

Last week's cyberattack on medical technology company Stryker involved the remote wiping of nearly 80,000 employee devices by exploiting Microsoft Intune administrative privileges, but no malware was deployed and no medical devices were affected. The incident, attributed to the Handala group linked to Iran, disrupted internal corporate systems and electronic ordering, with restoration efforts ongoing to resume normal operations.

https://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/

ClickFix Campaigns Spread MacSync macOS Infostealer Via Fake AI Tool Installers

, , ,

Multiple ClickFix campaigns have been identified spreading the MacSync macOS information stealer through fake AI tool installers that trick users into running malicious Terminal commands. These campaigns leverage malvertising and social engineering, often using trusted platforms and search ads to lure victims, with recent variants employing advanced evasion techniques to harvest sensitive data like credentials and cryptocurrency wallet seed phrases. Security experts warn that these evolving tactics exploit developers’ trust in command-line installs and have been adopted by multiple threat actors targeting both macOS and Windows environments.

https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html

Face Value: What It Takes to Fool Facial Recognition

, ,

ESET Global Cybersecurity Advisor Jake Moore demonstrated how widely-used facial recognition systems can be fooled using modified smart glasses for real-time identification, AI-generated fake faces to bypass bank identity verification, and face swap technology to evade police watchlists. His experiments reveal significant vulnerabilities in facial recognition technology that is increasingly trusted for security, highlighting the need for these systems to be rigorously tested against such attacks. Moore will present these findings live at RSAC 2026 to raise awareness about the risks of relying solely on facial biometrics for identity verification.

https://www.welivesecurity.com/en/privacy/face-value-what-takes-fool-facial-recognition/

Scroll to Top