Attackers are abusing fake court documents and GitHub‑hosted payloads in a focused spear‑phishing campaign that deploys a stealthy Rust‑based COVERT RAT against Argentina’s judicial sector. This operation chains Windows LNK shortcuts, BAT loaders, and PowerShell to quietly fetch and execute…
AWS Bedrock AgentCore Sandbox Bypass Enables Stealthy C2 and Data Exfiltration
A newly disclosed vulnerability in AWS Bedrock AgentCore Code Interpreter allows threat actors to bypass network isolation and establish stealthy command-and-control (C2) channels. AWS originally advertised this mode as providing complete isolation without external access, researchers found that it permits…
IT Security News Hourly Summary 2026-03-18 06h : 4 posts
4 posts were published in the last hour 4:34 : Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran 4:34 : Another Medicat Device Firm Hit 4:16 : Linux Foundation kicks off effort to shield…
Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran
Akamai researchers saw a 245% spike in cyberattacks in the first two weeks after the start of the U.S. and Israeli war against Iran as Iranian nation-state groups and independent hacktivists launch increasingly decentralized and destructive cyberattacks, which are expected…
Another Medicat Device Firm Hit
Medical Device Breaches, Anti-Scam Pledge Scrutiny, AI Font Trick, and Iran-Linked Cyber Updates. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one…
Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
Big Tech donates $12.5 million to get things rolling Half a dozen Big Tech players have together delivered $12.5 million in grants towards a project that aims to help maintainers of open source projects to cope with AI slop bug…
Microsoft Teams Support Call Leads to Quick Assist Compromise in New Vishing Attack
Microsoft Detection and Response Team details a sophisticated voice phishing (vishing) campaign that successfully compromised a corporate environment in November 2025. Unlike conventional intrusions that rely on software exploits, this attack weaponized trust, collaboration platforms, and built-in Windows tooling to…
Japan to allow ‘proactive cyber-defense’ from October 1st
In less polite places, this is called ‘hacking back’ or ‘offensive cyber-ops’ Japan’s government yesterday decided to allow its Self-Defense Force to conduct offensive cyber-operations, starting on October 1st.… This article has been indexed from The Register – Security Read…
Top UEBA use cases in enterprise cybersecurity
<p>User and entity behavior analytics technology uncovers hidden risks to the enterprise. It does this by sifting through streams of data from various sources and looking for patterns and anomalies. That is, UEBA learns what is expected or normal and…
News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub
NEW YORK, Mar.17, 2026, CyberNewswire — GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the…
IT Security News Hourly Summary 2026-03-18 03h : 2 posts
2 posts were published in the last hour 1:38 : Lattice-Based Identity and Access Management for AI Agents 1:11 : [un]prompted: Key Insights from the AI Security Practitioners Conference – FireTail Blog
Lattice-Based Identity and Access Management for AI Agents
Secure your AI agents with lattice-based IAM. Learn how ML-KEM and ML-DSA protect Model Context Protocol (MCP) from quantum threats and puppet attacks. The post Lattice-Based Identity and Access Management for AI Agents appeared first on Security Boulevard. This article…
[un]prompted: Key Insights from the AI Security Practitioners Conference – FireTail Blog
Mar 17, 2026 – Jeremy Snyder – The State of AI Security: Moving Beyond TheoryThe biggest shift evident at the [un]prompted AI Security Practitioners Conference was the move from purely theoretical discussions about “what could go wrong” to concrete, battle-tested…
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure
EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU…
IT Security News Hourly Summary 2026-03-18 00h : 7 posts
7 posts were published in the last hour 22:55 : IT Security News Daily Summary 2026-03-17 22:32 : Anton’s Vibe Coding Experience: A Reflection on Risk Decisions 22:32 : Hijacked npm Packages Deliver Malware via Solana, Linked to Glassworm 22:32…
IT Security News Daily Summary 2026-03-17
190 posts were published in the last hour 22:32 : Anton’s Vibe Coding Experience: A Reflection on Risk Decisions 22:32 : Hijacked npm Packages Deliver Malware via Solana, Linked to Glassworm 22:32 : Are your company’s NHIs meticulously managed 22:32…
Anton’s Vibe Coding Experience: A Reflection on Risk Decisions
Look, I’m not a developer, and the last time I truly “wrote code” was probably a good number of years ago (and it was probably Perl so you may hate me). I am also not an appsec expert (as I…
Hijacked npm Packages Deliver Malware via Solana, Linked to Glassworm
Sonatype Security Research has identified two hijacked npm packages in the React Native ecosystem that receive more than 30,000 downloads collectively per week and were modified to deliver multi-stage malware. Sonatype is tracking the malicious packages as sonatype-2026-001153. The post…
Are your company’s NHIs meticulously managed
Is Your Organization Overlooking the Nuances of Non-Human Identity Management? Spotlighting the Intricacies of Non-Human Identity Management How often does your security team delve into the complexities of Non-Human Identity (NHI) management? When organizations increasingly shift operations to the cloud,…
What makes NHIs crucial for secure cloud environments
How Can Non-Human Identities Revolutionize Cloud Security? Have you ever considered how machine identities play a role in your cloud security strategy? When organizations increasingly rely on cloud environments, the significance of securing Non-Human Identities (NHIs) and Secrets Management has…
How can Agentic AI stay protected against cyber threats
What Is the Impact of Non-Human Identities on Cloud Security? When dealing with cyber threats, how secure is your AI? Non-Human Identities (NHIs) have emerged as pivotal resources, particularly in managing protected AI environments such as Agentic AI. NHIs, essentially…
Iranian Cyber Ops Maintain US Network Footholds, Target Cameras for Regional Surveillance
Iran’s cyber operations took a sharp turn in early 2026, with state-linked threat actors quietly embedding themselves inside US and Canadian networks while also targeting internet-connected surveillance cameras across the Middle East for battlefield intelligence. The Iranian APT group MuddyWater,…
Top 8 benefits of hybrid cloud for business
<p>Businesses are migrating workloads to the public cloud and implementing private clouds in-house. As these forms of cloud computing continue to expand, large and small businesses are focused on a <a href=”https://www.techtarget.com/searchcloudcomputing/definition/hybrid-cloud”>hybrid cloud</a> strategy to bridge the two models and form a…
Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot
Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries. The post Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot appeared first on TechRepublic. This article has been…