Microsoft released an out-of-band hotpatch update on March 13, 2026, addressing serious security vulnerabilities in Windows 11 versions 24H2 and 25H2. Tracked as KB5084597 and targeting OS Builds 26200.7982 and 26100.7982, this update patches three actively concerning flaws in the…
Divine Skins – 105,814 breached accounts
In March 2026, the League of Legends custom skins service Divine Skins suffered a data breach. The incident was disclosed via the service’s Discord server, where Divine Skins stated that an unauthorised third party accessed part of its systems, deleted…
Microsoft Releases Out-of-Band Patch to Fix Critical RRAS RCE Vulnerabilities in Windows 11
Microsoft released an out-of-band hotpatch update on March 13, 2026, addressing serious security vulnerabilities in Windows 11 versions 24H2 and 25H2. Tracked as KB5084597 and targeting OS Builds 26200.7982 and 26100.7982, this update patches three actively concerning flaws in the…
Baydöner – 1,266,822 breached accounts
In March 2026, the Turkish restaurant chain Baydöner suffered a data breach which was subsequently published to a public hacking forum. The incident exposed over 1.2M unique email addresses along with names, phone numbers, cities of residence and plaintext passwords.…
IT Security News Hourly Summary 2026-03-15 06h : 1 posts
1 posts were published in the last hour 4:11 : FortiGate Firewalls Exploited in Wave of Attacks to Breach Networks and Steal Credentials
FortiGate Firewalls Exploited in Wave of Attacks to Breach Networks and Steal Credentials
A series of intrusions in early 2026 in which threat actors compromised FortiGate Next-Generation Firewalls (NGFW) to establish persistent footholds within enterprise environments. Each case was intercepted during the lateral movement phase before the attackers could fully achieve their objectives.…
What makes AI in travel industry security powerful
How Can Non-Human Identities Transform AI Security in Travel? The rapid integration of artificial intelligence (AI) across industries is reshaping how organizations manage security, especially in travel. But how can Non-Human Identities (NHIs) be a game-changer in AI security? With…
Are healthcare data systems supported by NHIs effectively
Can Machine Identities Be the Key to Greater Security in Healthcare Data Systems? Where data breaches are alarmingly frequent, the role of Non-Human Identities (NHIs) in safeguarding healthcare data systems has garnered increased attention. Understanding and harnessing the power of…
How reassured can we be with our current cloud security strategies
Are Your Cloud Security Strategies Providing the Reassurance You Need? Achieving confidence requires more than just traditional measures. Non-Human Identities (NHIs) are a pivotal component of robust cloud security strategies. These machine identities offer an evolved approach to managing cybersecurity…
IT Security News Hourly Summary 2026-03-15 00h : 2 posts
2 posts were published in the last hour 22:55 : IT Security News Daily Summary 2026-03-14 22:7 : MY TAKE: The AI magic is back — whether it endured depends on Amazon’s next moves
IT Security News Daily Summary 2026-03-14
43 posts were published in the last hour 22:7 : MY TAKE: The AI magic is back — whether it endured depends on Amazon’s next moves 21:34 : Deploy AWS applications and access AWS accounts across multiple Regions with IAM…
MY TAKE: The AI magic is back — whether it endured depends on Amazon’s next moves
I ran an experiment this week that I did not expect to be instructive, and it was. Related: How ChatGPT is becoming Microsoft Office The setup was simple. I had been working through a spontaneous personal essay — about cognitive…
Deploy AWS applications and access AWS accounts across multiple Regions with IAM Identity Center
If your organization relies on AWS IAM Identity Center for workforce access, you can now extend that access across multiple AWS Regions with multi-Region replication. Previously, AWS access portal was only available in one Region, when you add an additional…
Roll Your Own… LMS
People say don’t roll your own crypto but nobody ever warns you not to roll your own LMS (when you have minimal dev experience). This article has been indexed from ZephrSec – Adventures In Information Security Read the original article:…
Starbucks data breach impacts 889 employees
Starbucks disclosed a breach after phishing attacks on its employee portal led to unauthorized access to Partner Central accounts, exposing staff data. Starbucks reported a data breach affecting hundreds of employees after phishing attacks targeted its Partner Central employee portal.…
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on…
Meta to Discontinue End-to-End Encrypted Chats on Instagram Come May 2026
Meta Platforms has confirmed that it will remove support for end-to-end encrypted messaging in Instagram direct messages beginning May 8, 2026. After this date, conversations that previously relied on this encryption feature will no longer be protected by the…
IT Security News Hourly Summary 2026-03-14 18h : 1 posts
1 posts were published in the last hour 16:36 : Upcoming Speaking Engagements
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at 5:30 PM GMT on Thursday, March 19, 2026. I’m speaking at RSAC…
USENIX Security ’25 (Enigma Track) – Zombie Devices Are Running Amuck!
Presenter: Stacey Higginbotham, Consumer Reports Our thanks to USENIX Security ’25 (Enigma Track) (USENIX ’25 for publishing their Creators, Authors and Presenter’s tremendous USENIX Security ’25 (Enigma Track) (USENIX ’25 content on the Organizations’ YouTube Channel. Permalink The post USENIX…
Shadow AI Risks Rise as Employees Use Generative AI Tools at Work Without Oversight
With speed surprising even experts, artificial intelligence now appears routinely inside office software once limited to labs. Because uptake grows faster than oversight, companies care less about who uses AI and more about how safely it runs. Research referenced…
Debunking the Myth of “Military‑Grade” Encryption
Military-grade encryption sounds impressive, but in reality it is mostly a marketing phrase used by VPN providers to describe widely available, well‑tested encryption standards like AES‑256 rather than some secret military‑only technology. The term usually refers to the Advanced…
Chinese Threat Actors Attack Southeast Asian Military Targets via Malware
A China-based cyber espionage campaign is targeting Southeast Asian military targets. The state-sponsored campaign started in 2020. Palo Alto Networks Unit 42 has been tracking the campaign under the name CL-STA-1087. Here, CL means cluster, and STA means state-backed motivation. …
Researchers Investigate AI Models That Can Interpret Fragmented Cognitive Signals
Despite being among the most complex and least understood systems in science for decades, the human brain continues to be one of the most complex and least understood. Advancements in brain-imaging technology have enabled researchers to observe neural activity…