Latest Internet & Cybersecurity News
Cisco Confirms Active Exploitation of Catalyst SD-WAN Vulnerabilities
Cisco disclosed active exploitation of CVE-2026-20122 and CVE-2026-20128 in Catalyst SD-WAN Manager, with patches released in versions like 20.18.2.1. Exploitation attempts spiked on March 4 from numerous IPs worldwide, deploying web shells. Any exposed systems should be considered compromised.
March 2026 Patch Tuesday Forecast: AI Security Concerns
Analysts forecast Microsoft updates for OS, Office, and servers amid lean February patching. Google patched CVE-2026-0628 in Chrome's Gemini AI (CVSS 8.8), allowing malicious extensions to hijack panels. Microsoft enhances Copilot data protections to prevent confidential info leaks.
Apple Releases Major Security Updates for macOS, iOS, Safari
Apple addressed 55 CVEs in macOS Tahoe 26.3, 36 in Sequoia 15.7.4, and 42 in Sonoma 14.8.4, plus iOS and other OS updates. Early March 26.3.1 patches issued without listed CVEs. Users urged to deploy immediately post-Patch Tuesday.
INC Ransomware Compromises Japanese Firm JA Akita Kita Life Service
INC Ransomware leaked 43.1GB of data from JA Akita Kita Life Service, including internal records, financials, and client lists. The Japanese energy and lifestyle services provider was targeted recently. Data posted on underground forums.
Gentlemen Ransomware Hits Japanese Machinery Firm Sando Tech
Sando Tech, specializing in machinery development and sales, suffered a breach by Gentlemen Ransomware. Compromised data exposed on forums. Highlights ongoing ransomware targeting Japanese manufacturing.
Space Bears Ransomware Attacks Taiwanese Manufacturer Kymco
Space Bears Ransomware exfiltrated and published data from Kymco (Kwang Yang Motor Co.), disrupting operations in manufacturing. Attack focused on web applications for data leak and financial gain. Potential reputational damage reported.
AI-Driven Insider Risks Deemed Critical Business Threat
Mimecast's 2026 report warns of rising malicious insiders misusing AI for data exfiltration and phishing. Concerns grew 10% yearly, expecting six monthly threats. Attackers exploit negligence to bypass defenses.
Police Dismantle Tycoon 2FA Phishing Platform
Law enforcement shut down Tycoon 2FA, a major phishing platform linked to attacks on hospitals, schools, and universities. In New York alone, multiple institutions compromised. Separate takedown neutralized a stolen data hub.
New Zealand Releases Cyber Security Strategy 2026-2030
NZ's strategy aims to enable innovation and protect digital life amid health tech breaches like Manage My Health. Calls to strengthen Privacy Act with penalties for mishandling personal data from cyber threats. Includes action plan for resilience.
Germany's New Cybersecurity Regulations Registration Deadline March 6
Covered entities must register with BSI platform by March 6, 2026, using ELSTER certificate. Violations punishable. Targets enhanced cybersecurity compliance.
Trends: Deepfakes Surge Vishing Attacks by 442%
RSA Conference 2026 highlights 442% rise in AI deepfake vishing and impersonation. Software supply chain malware up 73%, targeting developer tools. Shift to cognitive resilience and token defense needed.
California AG Issues Largest CCPA Fine to Disney
Disney settled for failing to honor opt-out requests across devices under CCPA. Highlights enforcement on data sales/sharing. Part of broader U.S. privacy actions including foreign adversary probes.