Satnam Narang, senior staff research engineer at Tenable, commented on the fix for Azure Model Context Protocol (MCP) tools. “This bug is a server-side request forgery,” he said in an email, “so an attacker could exploit it by sending a… Read More "March Patch Tuesday: Three high severity holes in Microsoft Office"
Cyber threats have gained the upper hand on many global organizations, attacking through a relentless cycle of new phishing scams, malware attacks and deepfake incidents. As new-age IT and cybersecurity projects continue to proliferate, CIOs, CISOs, and their teams are… Read More "Threat intelligence by ESET is a game changer"
A data breach affecting 15,661 Ericsson Inc. employees and customers has been disclosed after attackers compromised a third-party service provider used by the company. The incident involved unauthorised access to files containing personal information, according to breach notifications filed with US… Read More "Ericsson Breach Exposes Data of 15k Employees and Customers"
Ravie LakshmananMar 10, 2026Cyber Espionage / Threat Intelligence The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families… Read More "APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military"
AI and cybersecurity are proving to be extremely challenging for organisations. AI is a double-edged sword – as used by threat actors and under effectively by security companies to ward off AI-centric threats besides the traditional threats. Organizations are continuously… Read More "The CSO role is evolving fast with AI in Cyber Defense strategy"
Google Cloud has warned that threat actors targeting cloud environments now favor campaigns which gain initial access by exploiting software vulnerabilities over credential-based attacks. Published on 9 March, the Google Cloud Office of the CISO’s H1 2026 Google Cloud Threat… Read More "Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials"
The US Department of Homeland Security removed multiple career Customs and Border Protection officials from their roles this year after they objected to orders to mislabel records about surveillance technologies and block their release under the Freedom of Information Act,… Read More "DHS Ousts CBP Privacy Officers Who Questioned ‘Illegal’ Orders"
Ravie LakshmananMar 10, 2026Network Security / Vulnerability Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks. The activity involves the exploitation of recently… Read More "FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials"
OpenAI is stepping up its push to bolster the security framework surrounding its enterprise-focused AI ecosystem. Recently, the AI giant has looked to address the need for agentic AI security testing through its acquisition of agentic security testing firm Promptfoo.… Read More "OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap"
Cybersecurity researchers have discovered a new malware called KadNap that’s primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected… Read More "KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet"
