Latest IT News, Cybersecurity Alerts & Tech Innovations
Sednit APT28 Returns with Two Advanced Malware Tools Targeting European Defense & Government
Russia's APT28/Sednit group — the GRU's cyber arm active since 2004 — has been detected in March 2026 with two new sophisticated malware tools targeting government and defense organizations across Europe, marking a major tactical upgrade from years of basic implant usage.
Microsoft releases Windows 10 KB5078885 security update
Microsoft released Windows 10 KB5078885 extended security update on March 10, 2026, patching two zero-day vulnerabilities and a shutdown bug.
Microsoft Patch Tuesday March 2026: 79 Flaws Fixed Including 2 Zero-Days and Critical Office RCEs
Microsoft's March 2026 Patch Tuesday (March 10) patches 79 vulnerabilities including 2 publicly disclosed zero-days (CVE-2026-21262 SQL Server EoP), 3 Critical flaws, and two Office RCEs (CVE-2026-26110, CVE-2026-26113) exploitable via the preview pane — plus a dangerous Excel/Copilot data exfiltration flaw (CVE-2026-26144).
Microsoft makes Autopatch default for Windows security updates
Microsoft enabled Windows Autopatch by default for enterprise customers to automatically deploy security updates across managed devices.
HPE Patches Five Critical AOS-CX Flaws: RCE, Privilege Escalation and Session Hijacking
HPE released emergency patches on March 10, 2026 for five critical and high-severity vulnerabilities in Aruba Networking AOS-CX, including two command injection flaws enabling remote code execution, an SSH privilege escalation, a web session hijacking bug, and a port ACL bypass on CX 9300 switches. Immediate patching is required for all enterprise Aruba CX deployments.
Google Photos 2026: How to Disable Ask Photos AI and Switch Back to Classic Search
On March 10, 2026, Google Photos rolled out a new toggle allowing users to disable the AI-powered Ask Photos search feature and revert to classic search. The change follows significant user backlash over Ask Photos' accuracy and speed compared to traditional search.
NVIDIA unveils RTX Dynamic MFG at GDC 2026
NVIDIA announced RTX Dynamic Multi-Frame Generation and Mega Geometry Foliage rendering at GDC 2026 on March 10.
Microsoft Entra adds passkey support for Windows sign-ins
Microsoft rolled out passkey authentication for Entra on Windows devices today, enabling phishing-resistant passwordless sign-ins through Windows Hello.
KadNap Botnet Hijacks Thousands of ASUS Routers to Build Proxy Network
A new botnet campaign tracked as KadNap is actively hijacking thousands of ASUS routers, turning compromised devices into persistent proxy nodes used to route cybercriminal traffic — with backdoor access surviving reboots and firmware updates.
CISA adds Ivanti EPM flaw to exploited vulnerabilities list
CISA ordered federal agencies to patch a high-severity Ivanti Endpoint Manager vulnerability within three weeks after confirming active exploitation.
Microsoft to Enable Windows Hotpatch Updates by Default for All Intune Devices in May 2026
Microsoft will automatically enable hotpatch security updates by default for all eligible Intune-managed Windows devices starting May 11, 2026 — cutting patch compliance time by up to 50% and eliminating most forced reboots in enterprise environments.
Microsoft 365 E7 at $99/User/Month: Copilot AI + Agent 365 Bundled in New Enterprise Plan
Microsoft unveiled the Microsoft 365 E7 plan at $99 per user per month, bundling Copilot AI and Agent 365 autonomous agents in a single enterprise package. This is the first M365 tier to natively include AI agents alongside the full productivity suite.
APT28 Deploys Custom Covenant Framework for Espionage
Russian APT28 hackers modified the open-source Covenant tool for persistent espionage campaigns targeting government and defense sectors.
Teams Phishing Campaign Deploys A0Backdoor Malware
Hackers targeted financial and healthcare employees via Microsoft Teams to deploy A0Backdoor malware through Quick Assist remote access.
Cloud Attacks Exploit Fresh Bugs Within Days
Hackers now exploit newly disclosed third-party vulnerabilities to breach cloud environments within days instead of weeks.
Russian hackers target Signal, WhatsApp in govt phishing
Dutch intelligence warns Russian state hackers are targeting government officials through Signal and WhatsApp phishing attacks to steal sensitive communications.
ClickFix Malware Campaign Targets AI Coding Assistants
Cybercriminals launched a malvertising campaign using ClickFix techniques to exploit AI coding assistant users through fake command-line interfaces.
Ericsson US Hit by Data Breach Through Service Provider
Ericsson's U.S. subsidiary disclosed a data breach on March 9, 2026, after attackers compromised a third-party service provider and stole employee and customer data.
Salesforce warns of Experience Cloud data exposure attacks
Salesforce alerts customers about hackers exploiting misconfigured Experience Cloud platforms while ShinyHunters claims active data theft.
FBI Warns of Phishing Attacks Targeting Permit Applicants
FBI alerts businesses and individuals that criminals impersonate city officials in phishing campaigns targeting permit applications.
Microsoft confirms ongoing Windows 11 File Explorer flash bug
Microsoft acknowledges persistent white flash issue affecting Windows 11 File Explorer on some systems, with no timeline for complete resolution.