Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-24 08:00 PDT
- Zero Trust: Bridging the Gap Between Authentication and Trust
BleepingComputer • 2026-03-24 07:02 • www.bleepingcomputer.com
Passing MFA doesn’t mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains why Zero Trust must verify both user identity and device health. […]
https://www.bleepingcomputer.com/news/security/zero-trust-bridging-the-gap-between-authentication-and-trust/ - HackerOne discloses employee data breach after Navia hack
BleepingComputer • 2026-03-24 07:01 • www.bleepingcomputer.com
Bug bounty platform HackerOne is notifying hundreds of employees that their data was stolen after attackers hacked Navia, one of its U.S. benefits administrators. […]
https://www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/ - Detecting IP KVMs, (Tue, Mar 24th)
SANS ISC Diary (full) • 2026-03-24 06:55 • isc.sans.eduI have written about how to use IP KVMs securely, and recently, researchers at Eclypsium published yet another report on IP KVM vulnerabilities. But there is another issue I haven't mentioned yet with IP KVMs: rogue IP KVMs. IP …
https://isc.sans.edu/diary/rss/32824 - Infinite Campus warns of breach after ShinyHunters claims data theft
BleepingComputer • 2026-03-24 06:48 • www.bleepingcomputer.com
Infinite Campus, a widely used K-12 student information system, is warning customers of a data breach following an extortion attempt by a threat actor. […]
https://www.bleepingcomputer.com/news/security/infinite-campus-warns-of-breach-after-shinyhunters-claims-data-theft/ - Yanluowang ransomware access broker gets 81 months in prison
BleepingComputer • 2026-03-24 06:06 • www.bleepingcomputer.com
A Russian national was sentenced to nearly 7 years in prison after pleading guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks. […]
https://www.bleepingcomputer.com/news/security/yanluowang-ransomware-access-broker-gets-81-months-in-prison/ - Dutch Ministry of Finance discloses breach affecting employees
BleepingComputer • 2026-03-24 05:03 • www.bleepingcomputer.com
The Dutch Ministry of Finance confirmed on Monday that some of its systems were breached in a cyberattack detected last week. […]
https://www.bleepingcomputer.com/news/security/dutch-ministry-of-finance-discloses-breach-affecting-employees/ - Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
The Hacker News • 2026-03-24 05:00 • thehackernews.com
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data.
The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below –react-performance-suite
react-state-optimizer-core
react-fast-utilsa
ai-fast-auto-trader
https://thehackernews.com/2026/03/ghost-campaign-uses-7-npm-packages-to.html - 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
The Hacker News • 2026-03-24 04:37 • thehackernews.com
On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short term. With the focus on early, more chaotic markets, a Market Guide does not rate or position
https://thehackernews.com/2026/03/5-learnings-from-first-ever-gartner.html - Team Mirai and Democracy
Schneier on Security • 2026-03-24 04:03 • www.schneier.comJapan’s election last month and the rise of the country’s newest and most innovative political party, Team Mirai, illustrates the viability of a different way to do politics.
In this model, technology is used to make democratic processes stronger, instead of undermining them. It is harnessed to root out corruption, instead of serving as a cash cow for campaign…
https://www.schneier.com/blog/archives/2026/03/team-mirai-and-democracy.html - TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
The Hacker News • 2026-03-24 03:38 • thehackernews.com
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.
The workflows, both maintained by the supply chain security company Checkmarx, are listed below –checkmarx/ast-github-action
checkmarx/kics-github-actionCloud security
https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html - The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
The Hacker News • 2026-03-24 03:00 • thehackernews.com
Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands.
These challenges do not
https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
