Die besten Cyber-Recovery-Lösungen

Thu Mar 05 2026

Nicht greifende Recovery-Prozesse sind für Unternehmen ein Albtraumszenario, das dank ausgefeilter Angriffe immer öfter zur Realität wird.

CSO Online

Microsoft leads takedown of Tycoon2FA phishing service infrastructure

Thu Mar 05 2026

The infrastructure hosting the Tycoon2FA service, which Europol said was among the largest phishing operations worldwide, has been taken down by a coalition of IT companies and law enforcement agencie

CSO Online

How Vulnerable Are Computers to an 80-Year-Old Spy Technique? Congress Wants Answers

Wed Mar 04 2026

A pair of US lawmakers are calling for an investigation into how easily spies can steal information based on devices’ electromagnetic and acoustic leaks—a spying trick the NSA once codenamed TEMPEST.

Wired

149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict

Wed Mar 04 2026

Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. "The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, driving nearly 70% of all attack activity between February 28 and March 2," Radware said in a Tuesday...

The Hacker News

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Wed Mar 04 2026

Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It's not effective against the latest version of iOS. The findings were first reported by WIRED. "The...

The Hacker News

Iranian cyberattacks fail to materialize but threat remains acute

Wed Mar 04 2026

Five days into US and Israel’s war with Iran, the worst predictions for cyber-retaliation have yet to materialize.

CSO Online

New RFP Template for AI Usage Control and AI Governance

Wed Mar 04 2026

As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need "AI Governance," but they have no idea what they are actually looking for. The CISO’s Dilemma: You Have the AI Budget, but Do You Have the Requirements? As AI...

The Hacker News

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Wed Mar 04 2026

Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that's functional on Windows, macOS, and Linux systems. The names of the packages are listed below - nhattuanbl/lara-helper (37 Downloads) nhattuanbl/simple-queue (29 Downloads) nhattuanbl/lara-swagger (49 Downloads)...

The Hacker News

Anthropic AI ultimatums and IP theft: The unspoken risk

Wed Mar 04 2026

Two recent high-profile events concerning Anthropic’s Claude AI underscore a little-discussed risk at the heart of the enterprise’s rush to capitalize on leading AI capabilities.

CSO Online

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Wed Mar 04 2026

Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. "Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments," Check Point said...

The Hacker News

How to know you’re a real-deal CSO — and whether that job opening truly seeks one

Wed Mar 04 2026

Recruiters of senior-level IT professionals often say that a truly skilled and experienced CSO is among the hardest of all IT roles to fill.

CSO Online

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

Wed Mar 04 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an...

The Hacker News

AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

Wed Mar 04 2026

AI is making it ever easier for bad actors to launch attacks, and a newly-identified open source platform, CyberStrikeAI, seems to be lowering the bar even further.

CSO Online

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals

Tue Mar 03 2026

A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government.

Wired

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Tue Mar 03 2026

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner organizations, involved the threat actors using email spam as lures, followed by a phone call from...

The Hacker News

Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow

Tue Mar 03 2026

Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts sit at the front line of detection, and yet they are also the most vulnerable to the cognitive and organizational pressures that quietly erode SOC performance over time. The Paradox at the Gate:...

The Hacker News

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

Tue Mar 03 2026

The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis of the IP address ("212.11.64[.]250") that was used by the suspected...

The Hacker News

OAuth phishers make ‘check where the link points’ advice ineffective

Tue Mar 03 2026

Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domain

CSO Online

Jetzt Staats-CISO werden – für unter 160.000 Euro

Tue Mar 03 2026

width="1600" height="900" sizes="auto, (max-width: 1600px) 100vw, 1600px">Das britische Government Communications Headquarters (GCHQ) in Cheltenham, England.

CSO Online

AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged

Tue Mar 03 2026

The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automate end-to-end business workflows across the enterprise. This is already showing up in production...

The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Tue Mar 03 2026

Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It's advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a dashboard that lets them select a brand to impersonate or enter a brand's real URL. It also lets...

The Hacker News

Studie: Hacker legen Betrieb bei vielen Unternehmen lahm

Tue Mar 03 2026

Hacker hatten auch 2025 deutsche Unternehmen im Visier.

CSO Online

Epic Fury introduces new layer of enterprise risk

Tue Mar 03 2026

Operation Epic Fury — the US administration’s sustained kinetic pressure on core Iranian regime assets — introduces a new layer of operational risk for every multinational with people, assets, or depe

CSO Online

How Journalists Are Reporting From Iran With No Internet

Tue Mar 03 2026

After strikes killed senior Iranian officials, Iran cut off internet access. Journalists are relying on satellite links, encrypted apps, and smuggled footage to report from inside the country.

Wired

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

Tue Mar 03 2026

Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with the end goal of redirecting victims to attacker-controlled infrastructure without stealing their tokens. It described...

The Hacker News

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Tue Mar 03 2026

Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component. "Memory corruption when adding user-supplied data without checking available buffer space," Qualcomm said in an advisory,...

The Hacker News

7 factors impacting the cyber skills gap

Tue Mar 03 2026

Individuals with strong cybersecurity skills are in high demand.

CSO Online

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

Tue Mar 03 2026

The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of two distinct attack chains to deliver malware families tracked as BurrowShell and a Rust-based...

The Hacker News

Das gehört in Ihr Security-Toolset

Tue Mar 03 2026

Lesen Sie, welche Werkzeuge essenziell sind, um Unternehmen gegen Cybergefahren abzusichern.

CSO Online

Vulnerability monitoring service secures public-sector websites faster

Mon Mar 02 2026

An automated scanning system has cut the time it takes to fix cybersecurity vulnerabilities across public sector IT systems, reducing median remediation time for general cyber vulnerabilities from 53

CSO Online

Attacks on GPS Spike Amid US and Israeli War on Iran

Mon Mar 02 2026

New analysis shows that attacks on satellite navigation systems have impacted some 1,100 ships in the Middle East since the US and Israel attacked Iran on February 28.

Wired

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Mon Mar 02 2026

Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the system. The vulnerability, tracked as CVE-2026-0628 (CVSS score: 8.8), has been described as a case of insufficient policy enforcement in the WebView tag. It was patched by Google in early January 2026...

The Hacker News

Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome

Mon Mar 02 2026

Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers. "To ensure the scalability and efficiency of the ecosystem, Chrome has no immediate plan to add traditional X.509 certificates containing post-quantum cryptography to the Chrome Root Store," the Chrome Secure Web and Networking Team said. "...

The Hacker News

War in Iran Spiked Oil Prices. Trump Will Decide How High They Go

Mon Mar 02 2026

The conflict in the Middle East is driving oil prices up in a midterm year when Americans are already focused on high energy bills.

Wired

⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More

Mon Mar 02 2026

This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all being pushed in different ways. Small gaps in access control, exposed keys, and normal features are being used as entry points. The pattern becomes clear only when you see everything together. Faster scans, smarter misuse of trusted services, and steady...

The Hacker News

How to Protect Your SaaS from Bot Attacks with SafeLine WAF

Mon Mar 02 2026

Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API calls. But in reality, something feels off: Sign-ups increase, but users aren’t activating. Server costs rise faster than revenue. Logs are filled with repeated requests from strange user agents. If...

The Hacker News

Innovation without exposure: A CISO’s secure-by-design framework for business outcomes

Mon Mar 02 2026

The brief for security leaders has changed.

CSO Online

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

Mon Mar 02 2026

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 (CVSS score: 8.8), a high-severity security feature bypass affecting the MSHTML Framework. "Protection mechanism failure in MSHTML Framework allows an unauthorized...

The Hacker News

A scorecard for cyber and risk culture

Mon Mar 02 2026

Have you once watched a leadership team clap for their “security culture month” like they’d landed a rover? Posters everywhere.

CSO Online

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

Mon Mar 02 2026

Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry. The packages masquerade as developer tools, but contain functionality to extract the actual command-and-control (C2) by using seemingly harmless Pastebin content as a dead drop resolver and...

The Hacker News

Hacker erpressen weniger Lösegeld

Mon Mar 02 2026

immer mehr betroffene Unternehmen und Organisationen folgen dem Rat, kein Lösegeld zu zahlen.

CSO Online

How CISOs can build a resilient workforce

Mon Mar 02 2026

With ongoing skills gaps, AI reshaping roles and workforce stress as standing concerns for many CISOs, ensuring the resilience of the workforce has become top of mind.

CSO Online

Im Fokus: RZ-Modernisierung

Mon Mar 02 2026

CSO Online

Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern

Mon Mar 02 2026

Anatoliy Eremin | shutterstock.

CSO Online

The 5 Big ‘Known Unknowns’ of Donald Trump’s New War With Iran

Sun Mar 01 2026

The all-out air assault on the Islamic Republic might be the biggest gamble of the president’s career.

Wired

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

Sat Feb 28 2026

OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. "Our vulnerability lives in the core system itself – no plugins, no marketplace, no user-installed extensions – just the bare OpenClaw gateway, running exactly as documented," Oasis...

The Hacker News

Hacked Prayer App Sends ‘Surrender’ Messages to Iranians Amid Israeli and US Strikes

Sat Feb 28 2026

As Israeli airstrikes hit Tehran this morning, Iranians received mysterious push notifications saying that “help is on the way,” promising amnesty if they surrender.

Wired

This Is the System That Intercepted Iran’s Missiles Over the UAE

Sat Feb 28 2026

As Iranian missiles targeted US-linked sites across the Gulf, the UAE’s missile shield was activated in real time.

Wired

Area Man Accidentally Hacks 6,700 Camera-Enabled Robot Vacuums

Sat Feb 28 2026

Plus: The top US cyber agency falls into shambles, AI models develop an upsetting penchant for nuclear weapons, and more.

Wired

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Sat Feb 28 2026

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by the prefix "AIza") embedded in client-side code to provide Google-related services like...

The Hacker News

US and Israel Launch Strikes Against Iran

Sat Feb 28 2026

US president Donald Trump said a “major combat operation” against Iran had begun as he called for the country’s government to be overthrown.

Wired

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute

Sat Feb 28 2026

Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a "supply chain risk." "This action follows months of negotiations that reached an impasse over two exceptions we requested to the lawful use of our AI model, Claude: the mass domestic surveillance of Americans and fully autonomous weapons," the...

The Hacker News

Security hole could let hackers take over Juniper Networks PTX core routers

Fri Feb 27 2026

Network admins with Juniper PTX series routers in their environments are being warned to patch immediately, because a newly-discovered critical vulnerability could lead to an unauthenticated threat ac

CSO Online

‘Silent’ Google API key change exposed Gemini AI data

Fri Feb 27 2026

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from T

CSO Online

DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

Fri Feb 27 2026

The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering. The confiscated funds were traced to cryptocurrency addresses used for the laundering of criminally derived proceeds stolen from victims of cryptocurrency investment scams, the department added. "Criminal...

The Hacker News

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Fri Feb 27 2026

The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France. The non-profit entity said the compromises are likely...

The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

Fri Feb 27 2026

Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, but injects malicious code that's responsible for exfiltrating secrets entered via terminal password...

The Hacker News

One of the ‘most influential cybersecurity’ roles will pay under $175,000

Fri Feb 27 2026

A recent job ad  is causing plenty of head-shaking, suggesting that some government high-ups  appear to be out of touch with the current state of the cybersecurity job market.

CSO Online

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

Fri Feb 27 2026

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks. The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware...

The Hacker News

Your personal OpenClaw agent may also be taking orders from malicious websites

Fri Feb 27 2026

If you thought running an AI agent locally kept it safely inside your machine’s walls, you’re in for a surprise.

CSO Online

US authorities punish sellers of malware and spyware

Fri Feb 27 2026

The US authorities have made it clear that they will have no truck with any individuals trying to by-pass regulations on trading cyberweapons with hostile powers.

CSO Online

Why application security must start at the load balancer

Fri Feb 27 2026

For a long time, I thought of the load balancer as a performance device.

CSO Online

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Fri Feb 27 2026

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT). "A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar," the Microsoft Threat Intelligence team said in a post on X. "This downloader used PowerShell...

The Hacker News

Enterprise Spotlight: Data Center Modernization

Fri Feb 27 2026

CSO Online

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

Fri Feb 27 2026

A report copublished by WIRED sparked a probe into opt-out pages hidden by data brokers. Now congressional Democrats say breaches tied to the industry have cost people tens of billions of dollars.

Wired

How to make LLMs a defensive advantage without creating a new attack surface

Fri Feb 27 2026

Large language models (LLMs) have arrived in security in three different forms at once: as productivity tools that sit beside analysts, as components embedded inside products and workflows and as targ

CSO Online