International joint action disrupts world’s largest DDoS botnets
Authorities from the United States, Germany, and Canada have taken down Command and Control (C2) infrastructure used by the Aisuru, KimWolf, JackSkid, and Mossad botnets…
Month: March 2026
Perseus Android Malware Steals User Notes and Enables Full Device Takeover
A new Android banking trojan named Perseus has emerged in the wild, representing the next step in the ongoing evolution of mobile malware. Built on…
Navia Confirms Data Breach Exposing Sensitive Information of 2.7 Million Users
Navia Benefit Solutions has confirmed a significant data breach impacting nearly 2.7 million individuals. The incident resulted from unauthorised access to the company’s systems, exposing…
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Ravie LakshmananMar 20, 2026Web Security / Vulnerability Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to…
Hit the north! UK datacentre focus shifts to M62 and points north
The UK’s largest datacentre construction projects are shifting north, as market saturation and power grid connection issues hit the south east of England. Of the…
Security Affairs newsletter Round 568 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email…
How Effective Is Your SAT Program?
In a recent The Wall Street Journal article titled “Phishing Tests, the Bane of Work Life, Are Getting Meaner,” writer Robert McMillan explores a common…
Kevin Mandia-founded Armadin launches with $190 million.
Investments and insights. $539M RAISED | 13 DEALS | 5 COUNTRIES Armadin has officially launched with $190 million in seed and Series A funding led…
Microsoft Azure Monitor alerts abused for callback phishing attacks
Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your…
New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation
A newly identified variant of the VoidStealer infostealer has drawn serious attention from the security community after it became the first malware known to bypass…
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
The Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration…
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting…