Cyber Hawk

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

March 26, 2026

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are getting way too comfortable abusing things they probabl…

Cyber Security

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks

March 26, 2026

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Trian…

Cyber Security

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

March 26, 2026

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls. "Inste…

Cyber Security

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

March 25, 2026

Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Austra…

Cyber Security

FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

March 25, 2026

The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing "unacceptable" risks to cyber and national secur…

Cyber Security

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

March 24, 2026

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester…

Cyber Security

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

March 24, 2026

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the …

Bitcoin Mining

Hot News

Labels

Report Abuse

Recent posts

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Popular Feeds

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Featured News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

Random Posts

Popular Posts

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Bitcoin Mining

Hot News

Labels

Recent posts

Share

Popular Feeds

Featured News

Random Posts

Popular Posts