In February 2026, the couples and relationship app Lovora allegedly suffered a data breach that exposed 496k unique email addresses. The data also included users’ display names and profile photos, along with other personal information collected through use of the…
OCRFix Botnet Uses ClickFix Phishing and EtherHiding to Mask Blockchain C2 Infrastructure
OCRFix is a multi-stage botnet Trojan campaign that abuses a fake Tesseract OCR download site, ClickFix-style PowerShell execution, and EtherHiding on BNB Smart Chain to conceal a rotating blockchain-backed command infrastructure. The fake site gates content behind a bogus CAPTCHA…
US Military Reportedly Used Claude in Iran Strikes Despite Trump’s Ban
The U.S. Department of Defense deployed Anthropic’s Claude AI during Operation Epic Fury, a joint offensive with Israel against Iran on February 28, just hours after President Trump designated Anthropic as a national security “supply chain risk” and ordered all…
Pixel Perfect Extension Abuse Enables Covert Script Injection and Security Header Removal
A browser extension that once earned a Featured badge from Google quietly turned into a remote code execution tool after its ownership changed hands, exposing thousands of users to covert script injection and full browser security header stripping. The campaign,…
Gottumukkala ousted, Wyden blocks Rudd, Hackers weaponize Claude
Gottumukkala ousted as CISA Director Ron Wyden blocks Rudd confirmation to lead Cyber Command, NSA Hackers Weaponize Claude Code in Mexican government cyberattack Get the show notes here: https://cisoseries.com/cybersecurity-news-gottumukkala-ousted-wyden-blocks-rudd-hackers-weaponize-claude/ Huge thanks to our sponsor, Adaptive Security This episode is brought…
A week in security (February 23 – March 1)
A list of topics we covered in the week of February 23 to March 1 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (February 23 – March 1)
IT Security News Hourly Summary 2026-03-02 09h : 7 posts
7 posts were published in the last hour 7:34 : Middle East AWS Outage Sends Shockwaves Through Cloud Infrastructure Service 7:34 : CISA Leadership Shakeup, OpenClaw Hijack, Robot Vacuums and More 7:9 : CISA Alerts on RESURGE Malware Exploiting Ivanti…
Middle East AWS Outage Sends Shockwaves Through Cloud Infrastructure Service
A severe infrastructure incident in the Middle East has triggered a massive Amazon Web Services (AWS) outage, disrupting critical cloud operations across the region. The event, which aggressively impacted the ME-CENTRAL-1 (United Arab Emirates) and ME-SOUTH-1 (Bahrain) regions, left countless…
CISA Leadership Shakeup, OpenClaw Hijack, Robot Vacuums and More
OpenClaw AI Agent Hijack, CISA Leadership Shakeup, Iran Cyber Campaign, Air-Gap Malware, and Robot Vacuum Flaw Jim Love covers multiple cybersecurity stories: Oasis Security revealed “ClawJacked,” a high-severity OpenClaw AI agent framework flaw caused by missing rate limiting on the…
CISA Alerts on RESURGE Malware Exploiting Ivanti Connect Secure Zero-Days
The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a new malware family dubbed RESURGE, which is actively exploiting a zero-day vulnerability in Ivanti Connect Secure devices. According to CISA, RESURGE builds upon the…
Hacked Prayer App Used as Cyber Weapon During US-Israel Strikes on Iran
As Israeli and US forces launched joint preemptive airstrikes on Tehran, a sophisticated cyber-psychological operation unfolded simultaneously. According to a report by Wired Middle East, millions of Iranian citizens and military personnel were jolted awake not only by explosions but…
Claude Code Security: The AI Shockwave Hitting Cybersecurity
Anthropic’s Claude Code Security research preview promises AI-powered code analysis and vulnerability detection at scale. The announcement triggered strong reactions across the cybersecurity community and sent several vendor stocks lower. In this episode, we break down what the tool actually…
Security debt is becoming a governance issue for CISOs
Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational pattern, fixes lag discovery, and older weaknesses stay open across release cycles. 2026 findings against the 2025 baseline…
Your dependencies are 278 days out of date and your pipelines aren’t protected
Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across the environments studied, 87%…
Pixel Perfect Browser Extension Exploited for Stealth Script Injection and Security Header Stripping
A popular Chrome add-on, “QuickLens – Search Screen with Google Lens,” has quietly morphed from a legitimate productivity tool into a full‑fledged remote code-execution platform that abuses browser trust, security headers, and silent auto‑updates. What began as a simple Google…
Prayer App Used by Millions Hacked to Broadcast Defection Messages Amid U.S.-Israel Strikes on Iran
A popular Iranian prayer timing application, BadeSaba Calendar, was hacked to deliver anti-government push notifications to millions of users. This cyber incident occurred early Saturday morning, coinciding with joint U.S. and Israeli military strikes on Iran. While the kinetic strikes…
Quitbro – 22,874 breached accounts
In February 2026, the porn addiction app Quitbro allegedly suffered a data breach that exposed 23k unique email addresses. The data also included users’ years of birth, responses to questions within the app and their last recorded relapse time. The…
BlacksmithAI: Open-source AI-powered penetration testing framework
BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. A multi-agent structure for offensive workflows BlacksmithAI runs as a hierarchical system in which an orchestrator coordinates task execution…
When cyber threats start thinking for themselves
In this Help Net Security video, Jason Rivera, Field CISO & Head of Solution Engineering at SimSpace, discusses how autonomous AI agents are changing cyber threats. Drawing on experience in the US Army, NSA, Deloitte, and CrowdStrike, he describes how…
OpenClaw 0-Click Flaw Lets Malicious Websites Hijack Developer AI Agents
OpenClaw, a highly popular open-source AI personal assistant with over 100,000 GitHub stars, recently faced a critical security flaw. This AI tool, which autonomously manages developer workflows across laptops, messaging apps, and dev tools, was found to be vulnerable to…
AI risk moves into the security budget spotlight
Enterprises are pushing AI deeper into workflows that touch sensitive data across cloud platforms and SaaS apps. The 2026 Thales Data Threat Report, based on a survey of 3,120 respondents in 20 countries, places that shift alongside growing pressure on…
IT Security News Hourly Summary 2026-03-02 06h : 2 posts
2 posts were published in the last hour 4:34 : AWS Power Outage in Middle East Triggers Major Disruption to EC2 and Networking Services 4:13 : UK government’s Vulnerability Monitoring System is working – fixes flow far faster
AWS Power Outage in Middle East Triggers Major Disruption to EC2 and Networking Services
A major power outage in the AWS me-central-1 (Middle East) region on March 1, 2026, resulted from an unusual physical incident where external objects struck a data center, triggering sparks and a fire. The event caused significant disruptions to Amazon…
UK government’s Vulnerability Monitoring System is working – fixes flow far faster
PLUS: Firefox adds XSS protection; Leadership turnover at CISA; FTC exempts some data collection Infosec In Brief DNS vulnerabilities are being addressed 84 percent faster in the UK public sector thanks to an automated vulnerability scanning system established as part…