← Latest brief

Security news.

·Morning Brief

Today's security brief highlights significant data breaches, critical vulnerabilities, and state-sponsored cyber activities. The FBI is investigating suspicious activity on a sensitive surveillance system, while a major healthcare IT company exposed data for millions. CISA has also issued urgent warnings for actively exploited iOS and industrial control system flaws.

SECURITYWEEKPRIVACY
Mar 7READ

FBI Investigates Cyber Activity on Sensitive Surveillance System

The FBI is probing "suspicious" cyber activity on a system containing sensitive surveillance information, working to determine the scope and impact of the incident.

BLEEPINGBREACH
Mar 6READ

Cognizant TriZetto Breach Exposes 3.4 Million Patient Records

TriZetto Provider Solutions, a healthcare IT company, suffered a data breach that exposed sensitive health information belonging to over 3.4 million individuals.

BLEEPINGEXPLOIT
Mar 6READ

CISA Warns of Actively Exploited iOS Flaws

CISA has added three iOS security flaws, exploited in cyberespionage and crypto-theft attacks using the Coruna exploit kit, to its Known Exploited Vulnerabilities Catalog, urging federal agencies to patch immediately.

SECURITYWEEKEXPLOIT
Mar 6READ

Rockwell ICS Vulnerability Exploited in Attacks

A Rockwell vulnerability (CVE-2021-22681) allowing remote ICS hacking, disclosed and mitigated in 2021, has now been confirmed as actively exploited in the wild.

THNMALWARE
Mar 6READ

Transparent Tribe Uses AI for Mass Malware Production

The Pakistan-aligned threat actor Transparent Tribe is leveraging AI-powered coding tools to mass-produce malware implants in lesser-known programming languages, targeting India.

READ

Iran-Linked MuddyWater Targets U.S. Networks

The state-sponsored hacking group MuddyWater (aka Seedworm) has been found embedding itself in several U.S. companies' networks, including banks and airports, using a new Dindoor backdoor.

READ

China-Linked Hackers Target South American Telecoms

A China-linked APT actor, UAT-9244, has been targeting critical telecommunications infrastructure in South America since 2024, deploying TernDoor, PeerTime, and BruteEntry implants on Windows, Linux, and edge devices.

BLEEPINGMALWARE
Mar 6READ

Fake Claude Code Install Guides Push Infostealers

Threat actors are using a new "InstallFix" social engineering technique, disguised as legitimate CLI tool installation guides for "Claude Code," to trick users into running malicious commands that deploy infostealers.

Generated twice daily from public security RSS feeds. Informational only.