Latest Cybersecurity News and Articles
24 March 2026
The software refresh fixes eight memory safety bugs affecting seven Chrome components.
The post Chrome 146 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
24 March 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 24, 2026 – Read the full story from Sophos The 2026 CISO Report, published by Cybersecurity Ventures in partnership with Sophos, highlights a critical imbalance in global cybersecurity leadership. Despite decades of
The post The Global CISO Landscape: A Leadership Gap Too Large To Ignore appeared first on Cybercrime Magazine.
24 March 2026
Learn how the CIS Critical Security Controls and the CIS Benchmarks can be used together to support secure configuration at scale.
The post Webinar Today: Putting CIS Controls and Benchmarks into Practice appeared first on SecurityWeek.
24 March 2026
Hackers stole personal, medical, and health insurance information from the company’s internal systems.
The post 3.1 Million Impacted by QualDerm Data Breach appeared first on SecurityWeek.
24 March 2026
The role of Israel’s hijacking of Iran’s street cameras in the killing of the country’s supreme leader underscores how surveillance systems are increasingly being targeted by adversaries in wartime.
The post Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool appeared first on SecurityWeek.
24 March 2026
Dr Richard Horne delivered a keynote about cyber risks and opportunities at the RSA Conference in San Francisco
24 March 2026
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data.
The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below -
react-performance-suite
react-state-optimizer-core
react-fast-utilsa
ai-fast-auto-trader
24 March 2026
On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short term. With the focus on early, more chaotic markets, a Market Guide does not rate or position
24 March 2026
An out-of-bounds read vulnerability can be exploited remotely without authentication to read sensitive information from memory.
The post Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn appeared first on SecurityWeek.
24 March 2026
The hackers stole internal IDs, names, email addresses, and business partner IDs from an internal management system.
The post Mazda Says Employee, Partner Information Stolen in Cyberattack appeared first on SecurityWeek.
24 March 2026
Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands.
These challenges do not
24 March 2026
The FBI has published an alert describing the malware used by Iranian government hackers.
The post Stryker Says Malicious File Found During Probe Into Iran-Linked Attack appeared first on SecurityWeek.
24 March 2026
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.
The workflows, both maintained by the supply chain security company Checkmarx, are listed below -
checkmarx/ast-github-action
checkmarx/kics-github-action
Cloud security
24 March 2026
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.
According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks across the
24 March 2026
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application.
The vulnerabilities are listed below -
CVE-2026-3055 (CVSS score: 9.3) - Insufficient input validation leading to memory overread
CVE-2026-4368 (CVSS score: 7.7) - Race condition leading to user
23 March 2026
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects.
The use of VS Code "tasks.json" to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks
23 March 2026
A summary of the announcements made by vendors in the days leading up to the RSAC 2026 Conference.
The post RSAC 2026 Conference Announcements Summary (Pre-Event) appeared first on SecurityWeek.
23 March 2026
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.
23 March 2026
Six Predictions for the AI-Driven SOC – Christophe Briguet, Senior Director of Product Management – AI & Security Analytics, Stellar Cyber San Jose, Calif. – Mar. 23, 2026 SOC Key Takeaways: What is Autonomous SOC solving? It addresses critical challenges in security operations such as
The post Autonomous SOC: What It Is, Key Benefits and Core Challenges appeared first on Cybercrime Magazine.
23 March 2026
The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025.
The post M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds appeared first on SecurityWeek.