IT Security Weekend Catch Up – March 27, 2026

Comments
close searching

27.03.2026 | 15:40

IT Security Weekend Catch Up – March 27, 2026
avatar

badcyber

comments

IT Security Weekend Catch Up – March 27, 2026

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. North Carolina man pleads guilty to music streaming fraud aided by artificial intelligence
  2. Russian citizen sentenced to prison for hacking into U.S. companies and enabling major cybercrime groups to extort tens of millions of dollars
  3. Authorities disrupt world’s largest IoT DDoS botnets responsible for record breaking attacks targeting victims worldwide
  4. Global cybercrime crackdown: over 373 000 dark web sites shut down
  5. Armenian man extradited to U.S. faces charges for role in infostealing malware scheme
  6. FCC imposes sweeping ban on foreign-made routers, affecting all new models
  7. Hong Kong police can demand phone and computer passwords under amended national security law

For the more technical

  1. Magento PolyShell: unrestricted file upload in Magento and Adobe Commerce
  2. Pre-auth remote code execution via buffer overflow in telnetd LINEMODE SLC handler
  3. CVE-2026-3888: Important Snap flaw enables local privilege escalation to root
  4. Kali Linux 2026.1 release (2026 Theme & BackTrack Mode)
  5. Trivy compromised: Everything you need to know about the latest supply chain attack
  6. Tycoon2FA phishing-as-a-service platform persists following takedown
  7. GhostClaw expands beyond npm: GitHub repositories and AI workflows deliver macOS infostealer
  8. “Say my name”: How MioLab is building MacOS stealer empire
  9. Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka
  10. ClickFix campaigns targeting Windows and macOS
  11. RegPhantom backdoor threat analysis
  12. From W-2 to BYOVD: How a tax search leads to kernel-mode AV/EDR kill
  13. Silver Fox: The only tax audit where the fine print installs malware
  14. NICKEL ALLEY strategy: Fake it ‘til you make it
  15. Analyzing FAUX#ELEVATE: Threat actors target France with CV lures to deploy crypto miners and infostealers targeting enterprise environments
  16. FriendlyDealer mimics official app stores to push unvetted gambling apps
  17. Tracing a multi-vector malware campaign: From VBS to open infrastructure
  18. OpenClaw trap: AI-assisted lure factory targets developers & gamers
  19. When malware talks back: Real-time interaction with a threat actor during the analysis of Kiss Loader
  20. Torg Grabber: Anatomy of a new credential stealer
  21. The certificate decoding illusion: How Blank Grabber stealer hides its loader
  22. Pawn Storm campaign deploys PRISMEX, targets government and critical infrastructure entities
  23. Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER
  24. From phishing to exfiltration: A deep dive into PXA Stealer
  25. No reach, no risk: The Keitaro abuse in modern cybercrime distribution

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical North Carolina man pleads guilty to music streaming fraud aided by artificial intelligence Russia 2026-03-27T15:40:40+01:00

Comments