Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-25 08:00 PDT
- GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
The Hacker News • 2026-03-25 07:26 • thehackernews.com
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs.
“It logs keystrokes, dumps cookies and session tokens, captures screenshots, and
https://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.html - Paid AI Accounts Are Now a Hot Underground Commodity
BleepingComputer • 2026-03-25 07:02 • www.bleepingcomputer.com
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale. […]
https://www.bleepingcomputer.com/news/security/paid-ai-accounts-are-now-a-hot-underground-commodity/ - Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
BleepingComputer • 2026-03-25 05:31 • www.bleepingcomputer.com
Kali Linux 2026.1, the first release of the year, is now available for download, featuring 8 new tools, a theme refresh, and a new BackTrack mode for Kali-Undercover. […]
https://www.bleepingcomputer.com/news/linux/kali-linux-20261-released-with-8-new-tools-new-backtrack-mode/ - The Kill Chain Is Obsolete When Your AI Agent Is the Threat
The Hacker News • 2026-03-25 04:58 • thehackernews.com
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed.
This incident is worrying, but there’s a scenario that should
https://thehackernews.com/2026/03/the-kill-chain-is-obsolete-when-your-ai.html - Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
The Hacker News • 2026-03-25 04:52 • thehackernews.com
The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies.
Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases “milan” and “okart,” is said to have co-managed a Russia-based cybercriminal group known as TA551 (aka
https://thehackernews.com/2026/03/russian-hacker-sentenced-to-2-years-for.html - Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
The Hacker News • 2026-03-25 04:34 • thehackernews.com
Cybersecurity researchers are calling attention to an active device code phishing campaign that’s targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany.
The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then. Notably, the campaign leverages
https://thehackernews.com/2026/03/device-code-phishing-hits-340-microsoft.html - TP-Link warns users to patch critical router auth bypass flaw
BleepingComputer • 2026-03-25 04:11 • www.bleepingcomputer.com
TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware. […]
https://www.bleepingcomputer.com/news/security/tp-link-warns-users-to-patch-critical-router-auth-bypass-flaw/ - Sen. Wyden Warns of Another Section 702 Abuse
Schneier on Security • 2026-03-25 04:02 • www.schneier.comSen. Ron Wyden is warning us of an abuse of Section 702:
Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved (with support of many Democrats) nomination of Joshua Rudd to lead the NSA. Wyden was protesting that nomination, but in the context of Rudd being unwilling to agree to basic constitutional limitations on NSA surveillance. But that’s just a jumping off point ahead of Section…
https://www.schneier.com/blog/archives/2026/03/sen-wyden-warns-of-another-section-702-abuse.html - Anatomy of a Cyber World Global Report 2026
Securelist • 2026-03-25 04:00 • securelist.com
The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report also includes Incident Response findings based on real-world cases identified and mitigated in 2025.
https://securelist.com/global-report-security-services-2026/119233/ - How one man used 10,000 bots to steal $8,000,000 from music artists
Graham Cluley • 2026-03-25 03:22 • www.bitdefender.com
A man has pleaded guilty to defrauding online music streaming platforms out of more than US $8 million, after creating hundreds of thousands of songs with AI, and then using bots to play them billions of times.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/10k-bots-steal-8-million-from-music-artists
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
