Latest IT News, Cybersecurity Alerts & Tech Innovations
Veeam Patches 5 Security Flaws, 3 Critical RCE Bugs
Veeam released March 2026 security updates for Backup & Replication 13, fixing five vulnerabilities including three critical remote code execution flaws.
Meta Acquires Moltbook AI Agent Social Network
Meta a terminé son acquisition de Moltbook, une plateforme sociale de style Reddit exclusivement conçue pour que les agents IA interagissent.
Legacy Industrial Controllers Sold on eBay Expose Critical Infrastructure
Outdated industrial control systems are being sold on eBay, creating cybersecurity risks for critical infrastructure operators.
INC Ransomware Targets Healthcare Systems Across Oceania
INC ransomware group attacked healthcare facilities and government agencies across Australia, New Zealand, and Tonga in recent coordinated strikes.
Xygeni GitHub Action Compromised in Supply Chain Attack
Attackers compromised AppSec vendor Xygeni's GitHub Action through tag poisoning, operating a command-and-control implant for up to one week.
WhatsApp Launches Parent-Managed Accounts for Pre-Teens
WhatsApp rolled out parent-controlled accounts for children under 13, giving guardians oversight of contacts and group memberships.
Elementor Ally Plugin SQL Injection Hits 400K+ Sites
Critical SQL injection flaw in Elementor's Ally WordPress plugin exposes sensitive data on 400,000+ sites without authentication required.
CISA Orders Federal Agencies to Patch n8n RCE Flaw
CISA added an actively exploited n8n remote code execution vulnerability to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch by March 25.
Microsoft Unveils Xbox Mode for Windows 11 at GDC 2026
Microsoft announced Xbox Mode for Windows 11 PCs at GDC 2026, unifying gaming development through a shared Game Development Kit.
Stryker Hit by Iranian Wiper Malware Attack
Medical device giant Stryker suffered a destructive wiper malware attack on March 11, 2026, claimed by Iranian-linked hacktivist group Handala.
PhantomRaven Campaign Hits npm with 88 Malicious Packages
New PhantomRaven supply-chain attack targets JavaScript developers through 88 malicious npm packages designed to steal sensitive development data.
Microsoft March 2026 Patch Tuesday Fixes Critical Flaws
Microsoft released March 2026 Patch Tuesday updates addressing multiple critical vulnerabilities across Windows and other products.
Ubuntu 26.04 LTS Changes 40-Year sudo Password Display
Ubuntu 26.04 LTS will show asterisks when typing sudo passwords, ending four decades of hidden password input tradition.
Meta Deploys AI-Powered Anti-Scam Tools Across Platforms
Meta launched new AI-driven scam protection systems on March 11, 2026, targeting fraudulent accounts across WhatsApp, Facebook, and Messenger.
Outlook for Windows Adds Offline File Attachment Support
Microsoft Outlook for Windows now lets users attach files while offline and automatically sends them when connectivity returns.
Windows 11 Gets March 2026 Updates KB5079473 and KB5078883
Microsoft released two cumulative updates for Windows 11 on March 10, 2026, addressing security patches and system improvements across both 23H2 and 24H2 versions.
Windows 10 Gets March 2026 ESU Update KB5078885
Microsoft released the Extended Security Update KB5078885 for Windows 10 on March 10, 2026, continuing critical security patches for enterprise customers beyond end-of-support.
BlackSanta EDR Killer: Russian Hackers Use HR Departments to Disable Enterprise Security Tools
Russian-speaking threat actors have been deploying BlackSanta malware for over a year to evade EDR/XDR detection, specifically targeting HR departments as entry points. The campaign exploits HR email workflows to bypass security controls and gain persistent access to corporate systems.
BeatBanker Android Banking Malware 2026: Fake Starlink App Steals Banking Credentials
Discovered March 10, 2026 by BleepingComputer, BeatBanker is a new Android banking trojan disguised as a fake Starlink app on fake Google Play Store sites. It uses advanced evasion techniques and device control to steal banking credentials from victims.
Salesforce Mass-Scanning Attack: Hackers Exploit Misconfigured Guest User Settings on Experience Cloud
Since March 10, 2026, threat actors are mass-scanning Salesforce Experience Cloud instances looking for misconfigured guest user settings to gain unauthorized access to sensitive customer data. Salesforce confirmed the attacks and warned customers to review their organization security settings immediately.
Zombie ZIP: How Malformed Archives Let Malware Slip Past Antivirus and EDR Tools
Security researchers disclosed the Zombie ZIP technique on March 10, 2026 — a method exploiting malformed ZIP archive structures to hide malicious payloads from antivirus engines and EDR platforms, with no patch available and active use in the wild already documented via the Gootloader malware family.