Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-10 08:00 PDT
- The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
BleepingComputer • 2026-03-10 07:02 • www.bleepingcomputer.com
Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, including geometry-based cursor tests and CPU timing checks. […]
https://www.bleepingcomputer.com/news/security/the-new-turing-test-how-threats-use-geometry-to-prove-humanness/ - New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
The Hacker News • 2026-03-10 06:20 • thehackernews.com
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims’ databases and exfiltrate sensitive data within organizations’ Google Cloud environments.
The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in
https://thehackernews.com/2026/03/new-leakylooker-flaws-in-google-looker.html - How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
The Hacker News • 2026-03-10 04:45 • thehackernews.com
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own.
But there is a problem. While these agents make work faster, they also open a new “back door” for hackers.
The Problem: “The Invisible Employee”
Think of an AI Agent like a new employee who has
https://thehackernews.com/2026/03/how-to-stop-ai-data-leaks-webinar-guide.html - CISA: Recently patched Ivanti EPM flaw now actively exploited
BleepingComputer • 2026-03-10 04:36 • www.bleepingcomputer.com
CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. […]
https://www.bleepingcomputer.com/news/security/cisa-recently-patched-ivanti-epm-flaw-now-actively-exploited/ - The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
The Hacker News • 2026-03-10 04:00 • thehackernews.com
You can’t control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder’s Head of Security digs into why this happens and how teams can manage it deliberately.
Time-to-exploit is shrinking
The larger and less controlled your attack surface is,
https://thehackernews.com/2026/03/the-zero-day-scramble-is-avoidable.html - APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
The Hacker News • 2026-03-10 03:55 • thehackernews.com
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel.
The two malware families have been put to use since April 2024, ESET said in a new report shared with The Hacker News.
APT28, also tracked as Blue Athena, BlueDelta, Fancy Bear, Fighting Ursa,
https://thehackernews.com/2026/03/apt28-uses-beardshell-and-covenant.html - Microsoft to enable Windows hotpatch security updates by default
BleepingComputer • 2026-03-10 03:35 • www.bleepingcomputer.com
Microsoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security update. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-enable-hotpatch-security-updates-by-default-in-may/ - BeatBanker: A dual‑mode Android Trojan
Securelist • 2026-03-10 03:00 • securelist.com
Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable of both crypto mining and stealing banking data.
https://securelist.com/beatbanker-miner-and-banker/119121/ - APT28 hackers deploy customized variant of Covenant open-source tool
BleepingComputer • 2026-03-10 03:00 • www.bleepingcomputer.com
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. […]
https://www.bleepingcomputer.com/news/security/apt28-hackers-deploy-customized-variant-of-covenant-open-source-tool/ - Jailbreaking the F-35 Fighter Jet
Schneier on Security • 2026-03-10 02:50 • www.schneier.comCountries around the world are becoming increasingly concerned about their dependencies on the US. If you’ve purchase US-made F-35 fighter jets, you are dependent on the US for software maintenance.
The Dutch Defense Secretary recently said that he could jailbreak the planes to accept third-party software.
https://www.schneier.com/blog/archives/2026/03/jailbreaking-the-f-35-fighter-jet.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
