Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the system. The vulnerability, tracked as CVE-2026-0628 (CVSS score: 8.8), has been…
Iran-linked hackers raise threat level against US, allies
Security researchers warn that hacktivists and state-linked groups are using DDoS, phishing and other tactics against critical infrastructure. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Iran-linked hackers raise threat level against US,…
University of Mississippi Medical Center reopens clinics after ransomware attack
The academic medical center’s clinics can once again access patient records and are resuming normal operations more than a week after the attack. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: University of…
Claude AI Suffers Global Outage: Elevated Errors Disrupt Web Interface and APIs
On March 2, 2026, Anthropic’s artificial intelligence assistant, Claude, experienced a significant global outage that disrupted workflows for users and developers worldwide. Organizations relying on the AI model for daily threat intelligence reporting, code generation, and automated security analysis faced…
MSHTML Framework 0-Day Exploited by APT28 Hackers Before Feb 2026’s Patch Tuesday Update
A zero-day vulnerability in the Microsoft HTML (MSHTML) framework was actively exploited in the wild. The vulnerability, tracked as CVE-2026-21513, allows attackers to bypass security features and execute arbitrary files. With a CVSS score of 8.8, it impacts all Windows…
DuckDuckGo Browser UXSS Flaw in Auto Consent JS Bridge Enables Cross-Origin Code Execution
A critical Universal Cross-Site Scripting (UXSS) vulnerability was recently discovered in the DuckDuckGo Android browser. This flaw allowed untrusted, cross-origin iframes to execute arbitrary JavaScript in the top-level origin, tracked with a high-severity CVSS score of 8.6. The vulnerability was…
PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation
A critical local privilege escalation (LPE) vulnerability affecting Microsoft Windows has recently come to light following the public release of a Proof-of-Concept (PoC) exploit. Tracked as CVE-2026-20817, this security flaw resides within the Windows Error Reporting (WER) service. The vulnerability…
NDSS 2025 – SHAFT: Secure, Handy, Accurate And Fast Transformer Inference
Authors, Creators & Presenters: (All Via The Chinese University of Hong Kong) Andes Y. L. Kei, Sherman S. M. Chow PAPER SHAFT: Secure, Handy, Accurate and Fast Transformer Inference Adoption of transformer-based machine learning models is growing, raising concerns about…
IT Security News Hourly Summary 2026-03-02 18h : 10 posts
10 posts were published in the last hour 16:34 : War in Iran Spiked Oil Prices. Trump Will Decide How High They Go 16:34 : Hacktivists claim to have hacked Homeland Security to release ICE contract data 16:34 : Samsung…
War in Iran Spiked Oil Prices. Trump Will Decide How High They Go
The conflict in the Middle East is driving oil prices up in a midterm year when Americans are already focused on high energy bills. This article has been indexed from Security Latest Read the original article: War in Iran Spiked…
Hacktivists claim to have hacked Homeland Security to release ICE contract data
A hacking group called Department of Peace said they hacked a specific office within Homeland Security to protest ICE’s mass deportation campaign, and the companies aiding it. This article has been indexed from Security News | TechCrunch Read the original…
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
As Samsung settles a lawsuit over how its smart TVs collect and monetize viewing data using ACR, here’s how the rest of us can limit the data we’re sharing. The post Samsung TVs stop spying on viewers in Texas. Here’s…
Dust Specter APT Targets Government Officials in Iraq
IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM. Due to significant overlap in tools, techniques, and procedures (TTPs), as well as victimology, between this…
Top Data Breaches of February 2026
February 2026 brought a series of significant data breaches spanning automotive, aviation, hospitality, finance, telecom, and media. The incidents were not driven by a single attack method. Some resulted from… The post Top Data Breaches of February 2026 appeared first…
Chrome Unveils Plan For Quantum-Safe HTTPS Certificates
Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS This article has been indexed from www.infosecurity-magazine.com Read the original article: Chrome Unveils Plan For Quantum-Safe HTTPS Certificates
Understanding IAM for Managed AWS MCP Servers
As AI agents become part of your development workflows on Amazon Web Services (AWS), you want them to work with your existing AWS Identity and Access Management (IAM) permissions, not force you to build a separate permissions model. At the…
Meta AI in WhatsApp organizes chats and reopens privacy issues
The trend of integrating AI into digital platforms continues. In the latest Android beta release (2.26.9.4), the company has introduced a feature that allows users to organize their chat history with the help of Meta AI. Organize WhatsApp chats with…
IPFire ships its 200th core update with a new domain blocklist and kernel upgrade
Network firewall distribution IPFire released Core Update 200, marking the 200th incremental update to the 2.29 branch. The release bundles a kernel upgrade, a beta domain blocklist service, security patches for OpenSSL and glibc, and a range of component updates.…
Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel
John Hultquist suggests “aggressive” Iranian cyber attackers will target the US and its Gulf allies with plausibly deniable ransomware attacks, hacktivist campaigns and more This article has been indexed from www.infosecurity-magazine.com Read the original article: Expect Iran to Launch Cyber-Attacks…
BYOVD Turns Trusted Drivers Against Windows Security
BYOVD lets attackers exploit signed but vulnerable Windows drivers to gain kernel-level access and disable security tools. The post BYOVD Turns Trusted Drivers Against Windows Security appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Chrome Extension Hijacked to Push ClickFix Malware
A trusted Chrome extension was hijacked to strip browser protections, deploy ClickFix malware, and steal cryptocurrency and user data. The post Chrome Extension Hijacked to Push ClickFix Malware appeared first on eSecurity Planet. This article has been indexed from eSecurity…
South Korean Tax Agency Leak Leads to $4.8M Crypto Theft
A South Korean tax agency press release exposed a seized wallet’s seed phrase, enabling a $4.8 million cryptocurrency theft. The post South Korean Tax Agency Leak Leads to $4.8M Crypto Theft appeared first on eSecurity Planet. This article has been…
Europol Operation Targets Online Network Exploiting Minors
A Europol-led operation across 28 countries led to 30 arrests targeting “The Com,” a decentralized network accused of exploiting minors online. The post Europol Operation Targets Online Network Exploiting Minors appeared first on eSecurity Planet. This article has been indexed…
Operator of AI Fake ID Platform Pleads Guilty
The operator of an AI-powered fake ID platform that helped bypass KYC checks has pleaded guilty and faces up to 15 years in prison. The post Operator of AI Fake ID Platform Pleads Guilty appeared first on eSecurity Planet. This…