ClickFix campaigns use fake AI installers to push MacSync infostealer on macOS
Three ClickFix campaigns are using fake AI installers to trick macOS users into running terminal commands that deploy the MacSync infostealer.
Oracle patches critical flaw in Identity Manager that could allow unauthenticated remote code execution
Oracle fixed CVE-2026-21992, a critical 9.8 flaw in Identity Manager and Web Services Manager enabling unauthenticated remote code execution.
Microsoft patches two publicly disclosed zero-days in March security update
Microsoft fixed 79 flaws in March, including two publicly disclosed zero-days affecting Windows SmartScreen and Microsoft Office.
Cloud attackers are shifting from stolen credentials to software exploits, Google Cloud says
Google Cloud says attackers increasingly breach cloud environments through software exploits instead of stolen credentials.
Hackers exploited critical Langflow bug within 20 hours of disclosure
Sysdig says attackers started exploiting Langflow RCE flaw CVE-2025-3248 within 20 hours of disclosure, hitting exposed instances.
TriZetto Provider Solutions breach hits 3.4 million patients
TriZetto’s breach exposed data tied to 3.4 million patients, underscoring the outsized risk posed by third-party healthcare billing vendors.
Global takedown disrupts Tycoon2FA phishing service tied to MFA bypass
A global operation disrupted Tycoon2FA, a phishing service used to steal credentials and bypass MFA through adversary-in-the-middle attacks.
Ex-data analyst stole company data in $2.5M extortion scheme
A contractor’s $2.5M extortion scheme against Brightly Software shows how insider access can become a serious data-theft threat.
CISA orders federal agencies to patch exploited Zimbra XSS flaw
CISA added Zimbra flaw CVE-2024-27443 to KEV, ordering federal agencies to patch the actively exploited XSS bug on deadline.
Huge ‘Shadow Layer’ of organizations hit by supply chain attacks
Black Kite says 26,000 hidden corporate victims were exposed through 136 third-party breaches, revealing the true scale of supply-chain risk.
Iranian cyber threat actor targets Iraqi government officials in AI-powered campaign
Zscaler links an AI-assisted campaign targeting Iraqi officials to an Iranian adversary, highlighting rising espionage risks for diplomats.
North Korea’s APT37 expands toolkit to breach air-gapped networks
Zscaler says North Korea’s APT37 added five new tools, including capabilities that can help breach air-gapped networks.