Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-09 08:00 PDT
- Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th)
SANS ISC Diary (full) • 2026-03-09 07:46 • isc.sans.eduLast week, two related RFCs were published:
- Why Password Audits Miss the Accounts Attackers Actually Want
BleepingComputer • 2026-03-09 07:10 • www.bleepingcomputer.com
Password audits often focus on complexity rules but miss the accounts attackers actually target. Specops Software explains how breached passwords, orphaned users, and service accounts can leave organizations exposed. […]
https://www.bleepingcomputer.com/news/security/why-password-audits-miss-the-accounts-attackers-actually-want/ - Microsoft still working to fix Windows Explorer white flashes
BleepingComputer • 2026-03-09 07:10 • www.bleepingcomputer.com
Microsoft has confirmed that it’s still working to fully address a known issue that causes bright white flashes when opening the File Explorer on some Windows 11 systems. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-still-working-to-fix-windows-explorer-white-flashes/ - ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
The Hacker News • 2026-03-09 06:46 • thehackernews.com
Another week in cybersecurity. Another week of “you’ve got to be kidding me.”
Attackers were busy. Defenders were busy. And somewhere in the middle, a whole lot of people had a very bad Monday morning. That’s kind of just how it goes now.
The good news? There were some actual wins this week. Real ones. The kind where the good guys showed up, did the work, and made a dent. It doesn’t always
https://thehackernews.com/2026/03/weekly-recap-qualcomm-0-day-ios-exploit.html - Can the Security Platform Finally Deliver for the Mid-Market?
The Hacker News • 2026-03-09 04:45 • thehackernews.com
Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With heightened awareness of supply chain attacks, your customers and business partners are defining the security level you must meet.
What if you could be the enabler for your organization to remain competitive — and help win business — by easily demonstrating that you meet these
https://thehackernews.com/2026/03/can-security-platform-finally-deliver.html - New Attack Against Wi-Fi
Schneier on Security • 2026-03-09 03:57 • www.schneier.comIt’s called AirSnitch:
Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and higher layers, other nodes, and other network names such as SSIDs (Service Set Identifiers). This cross-layer identity desynchronization is the key driver of AirSnitch attacks.
The most powerful such attack is a full, bidirectional https://www.schneier.com/blog/archives/2026/03/new-attack-against-wi-fi.html
- Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
The Hacker News • 2026-03-09 03:28 • thehackernews.com
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code, and harvest sensitive data.
The extensions in question, both originally associated with a developer named “akshayanuonline@gmail.com” (BuildMelon), are listed below –QuickLens – Search Screen with
https://thehackernews.com/2026/03/chrome-extension-turns-malicious-after.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
