Latest Cybersecurity News and Articles
24 March 2026
CESER’s Project Armor is a five year initiative to harden the US critical energy infrastructure, including strengthening energy systems ‘to prevent and recover from wildfires and other hazards’.
The post DoE Publishes 5-Year Energy Security Plan appeared first on SecurityWeek.
24 March 2026
Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access,
The post Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw appeared first on SecurityWeek.
24 March 2026
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor.
Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on
24 March 2026
A ransomware attack on Foster City, California, triggered a state of emergency to access additional resources to keep systems up and running.
24 March 2026
The attacks included a destructive infiltration of Poland's energy system in December and was suspected of originating in Russia.
The post Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector appeared first on SecurityWeek.
24 March 2026
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own vulnerable driver (BYOVD) technique.
"The campaign abuses Google Ads to serve rogue ScreenConnect (
24 March 2026
An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers.
"The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails," Securonix researchers Shikha Sangwan, Akshay Gaikwad, and Aaron Beardslee said in a report shared
24 March 2026
A summary of the announcements made by vendors on the first day of the RSAC 2026 Conference.
The post RSAC 2026 Conference Announcements Summary (Day 1) appeared first on SecurityWeek.
24 March 2026
The Lapsus$ hackers allegedly compromised internal code repositories, credentials, and employee data.
The post Extortion Group Claims It Hacked AstraZeneca appeared first on SecurityWeek.
24 March 2026
The software refresh fixes eight memory safety bugs affecting seven Chrome components.
The post Chrome 146 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
24 March 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 24, 2026 – Read the full story from Sophos The 2026 CISO Report, published by Cybersecurity Ventures in partnership with Sophos, highlights a critical imbalance in global cybersecurity leadership. Despite decades of
The post The Global CISO Landscape: A Leadership Gap Too Large To Ignore appeared first on Cybercrime Magazine.
24 March 2026
Learn how the CIS Critical Security Controls and the CIS Benchmarks can be used together to support secure configuration at scale.
The post Webinar Today: Putting CIS Controls and Benchmarks into Practice appeared first on SecurityWeek.
24 March 2026
Hackers stole personal, medical, and health insurance information from the company’s internal systems.
The post 3.1 Million Impacted by QualDerm Data Breach appeared first on SecurityWeek.
24 March 2026
The role of Israel’s hijacking of Iran’s street cameras in the killing of the country’s supreme leader underscores how surveillance systems are increasingly being targeted by adversaries in wartime.
The post Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool appeared first on SecurityWeek.
24 March 2026
Dr Richard Horne delivered a keynote about cyber risks and opportunities at the RSA Conference in San Francisco
24 March 2026
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data.
The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below -
react-performance-suite
react-state-optimizer-core
react-fast-utilsa
ai-fast-auto-trader
24 March 2026
On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short term. With the focus on early, more chaotic markets, a Market Guide does not rate or position
24 March 2026
An out-of-bounds read vulnerability can be exploited remotely without authentication to read sensitive information from memory.
The post Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn appeared first on SecurityWeek.
24 March 2026
The hackers stole internal IDs, names, email addresses, and business partner IDs from an internal management system.
The post Mazda Says Employee, Partner Information Stolen in Cyberattack appeared first on SecurityWeek.
24 March 2026
Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands.
These challenges do not