Home

CYBER SECURITY NEWS

• Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
  March 11, 2026
  Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vulnerabilities relate to privilege escalation, followed by 18 remote code execution, 10 […]
• UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
  March 11, 2026
  A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours. The attack started with the theft of a developer's GitHub token, which the threat actor then used to gain unauthorized access […]
• Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
  March 11, 2026
  Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below – chrono_anchor dnp3times time_calibrator time_calibrators time-sync The crates, per Socket, impersonate timeapi.io and were published between late February and early March
• How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
  March 11, 2026
  Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new […]
• FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
  March 11, 2026
  Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks.  The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology
• KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
  March 11, 2026
  Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60% of victims located in the U.S., according to the Black […]
• New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
  March 10, 2026
  Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in

LATEST POSTS

• Data Protection and Backup
• Awakening Conference Byron Bay (19th – 21st September) 2025
• Online Conference 14th September (Sydney A.E.S.T)
• WebRoot Zero Day Malware Protection
• Cyber Security (MailGuard)