Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-16 08:00 PDT
- Shadow AI is everywhere. Here’s how to find and secure it.
BleepingComputer • 2026-03-16 07:01 • www.bleepingcomputer.com
Shadow AI is quietly spreading across SaaS environments as employees adopt new AI tools without IT oversight. Nudge Security explains how security teams can discover AI apps, monitor usage, and govern risky AI activity. […]
https://www.bleepingcomputer.com/news/security/shadow-ai-is-everywhere-heres-how-to-find-and-secure-it/ - /proxy/ URL scans with IP addresses, (Mon, Mar 16th)
SANS ISC Diary (full) • 2026-03-16 06:48 • isc.sans.eduAttempts to find proxy servers are among the most common scans our honeypots detect. Most of the time, the attacker attempts to use a host header or include the hostname in the URL to trigger the proxy server forwarding the request. In some cases, common URL prefixes like “/proxy/” are used. This weekend, I noticed a slightly different pattern in our logs:
- Microsoft pulls Samsung app blocking Windows C: drive from Store
BleepingComputer • 2026-03-16 06:14 • www.bleepingcomputer.com
Microsoft has removed the Samsung Galaxy Connect app from the Microsoft Store because it was causing issues on specific Samsung Galaxy Book 4 and desktop models running Windows 11. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-samsung-app-blocking-windows-c-drive-from-store/ - Why Security Validation Is Becoming Agentic
The Hacker News • 2026-03-16 04:58 • thehackernews.com
If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated pentesting product, in another. A vulnerability scanner feeding an attack surface management platform somewhere else. Each tool gives you a slice of the picture. None of them talks to each other in any
https://thehackernews.com/2026/03/why-security-validation-is-becoming.html - ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
The Hacker News • 2026-03-16 04:41 • thehackernews.com
Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync.
“Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands – making it particularly effective against users who may not appreciate the implications of running
https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html - Free real estate: GoPix, the banking Trojan living off your memory
Securelist • 2026-03-16 04:00 • securelist.com
Kaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) files for man-in-the-middle attacks, and malvertising via Google Ads.
https://securelist.com/gopix-banking-trojan/119173/ - Possible New Result in Quantum Factorization
Schneier on Security • 2026-03-16 02:46 • www.schneier.comI’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s a theoretical improvement in the speed of factoring large numbers with a quantum computer.
https://www.schneier.com/blog/archives/2026/03/possible-new-result-in-quantum-factorization.html
- DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
The Hacker News • 2026-03-16 02:07 • thehackernews.com
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo’s LAB52 threat intelligence team.
The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear (aka UAC-0190 or Void Blizzard) aimed at Ukrainian defense forces with a malware
https://thehackernews.com/2026/03/drillapp-backdoor-targets-ukraine.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
