Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-04 02:00 PST
- Want More XWorm?, (Wed, Mar 4th)
SANS ISC Diary (full) • 2026-03-04 01:48 • isc.sans.eduAnd another XWorm[1] wave in the wild! This malware family is not new and heavily spread but delivery techniques always evolve and deserve to be described to show you how threat actors can be imaginative! This time, we are facing another piece of multi-technology malware.
- Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
The Hacker News • 2026-03-04 01:37 • thehackernews.com
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.
The names of the packages are listed below –nhattuanbl/lara-helper (37 Downloads)
nhattuanbl/simple-queue (29 Downloads)
nhattuanbl/lara-swagger (49 Downloads)
https://thehackernews.com/2026/03/fake-laravel-packages-on-packagist.html - APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
The Hacker News • 2026-03-04 00:14 • thehackernews.com
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024.
“Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said
https://thehackernews.com/2026/03/apt41-linked-silver-dragon-targets.html - CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
The Hacker News • 2026-03-03 20:35 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild.
The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an
https://thehackernews.com/2026/03/cisa-adds-actively-exploited-vmware.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
