Latest Internet & Cybersecurity News
Trump Administration Releases Cyber Strategy for America
On March 6, 2026, President Trump unveiled a seven-page Cyber Strategy outlining aggressive deterrence, private sector collaboration, and AI adoption for defense. It includes pillars for securing federal networks with zero-trust and post-quantum crypto, protecting critical infrastructure, and advancing secure AI and blockchain tech. An Executive Order combats cybercrime through interagency and public-private efforts.
IBM X-Force 2026 Threat Intelligence Index Highlights AI and Supply Chain Risks
IBM's report shows supply chain breaches quadrupled in five years, with attackers targeting vendors and CI/CD pipelines. AI aids cybercriminals in vulnerability scanning and credential theft, with 300,000 ChatGPT credentials sold on dark web. North America faces high risks due to cloud adoption and identity reliance.
AkzoNobel Confirms Cyberattack on US Site by Anubis Ransomware
Netherlands-based paint giant AkzoNobel reported a contained cyberattack on a US facility. Anubis ransomware group claimed stealing 170 GB of employee and financial data. This incident underscores rising ransomware targeting manufacturing.
LexisNexis Breach Exposes 3.9 Million Records
Legal data provider LexisNexis suffered a breach with hackers claiming 3.9 million records stolen, including 400,000 user profiles and government accounts. The company states affected systems held pre-2020 legacy data. Incident confirmed after leaked files surfaced.
Google Patches High-Severity CVE-2026-0628 in Chrome Gemini AI Panel
Chrome's Gemini AI panel vulnerability allowed malicious extensions to inject code, access cameras, mics, files, and launch phishing. Patches released; researchers demonstrated severe exploitation potential. Affects user privacy and device security.
Qualcomm Fixes CVE-2026-21385 Memory Corruption in Android Chipsets
Vulnerability in Qualcomm chipsets for Android phones, tablets, and IoT can cause crashes and code execution. Added to CISA's Known Exploited Vulnerabilities catalog due to active exploitation evidence. Patches urged for all affected devices.
Pakistan-Linked APT36 Uses AI to Generate Malware Against India
APT36 employed AI coding tools for mass-producing low-quality malware in rare languages targeting Indian government and embassies. Used legitimate cloud services for command channels to evade detection. Highlights AI's role in state-sponsored cyber ops.
Malicious AI-Themed Browser Extensions Harvest Data from 900,000 Users
Chrome and Edge extensions impersonating legit AI tools steal LLM chat histories and browsing data. Impacted 20,000 enterprise environments via Chrome Web Store. Urges vigilance in extension reviews.
Ontario Health Vendor OMS Hit by Ransomware Affecting 200,000 Patients
Ontario Medical Supply (OMS) suffered ransomware infiltration starting March 2025, locking servers and breaching health data for 200,000 patients including names and medical supplies. Confirmed on March 9, 2026, after initial vague cyberattack reports. Highlights delayed disclosures in healthcare.
Middlesex-London Health Unit Restores Systems After Cyber Incident
Health unit announced cybersecurity incident on March 6, 2026, and began restoring IT systems by March 10. Details limited, but follows pattern of healthcare-targeted attacks. Focus on operational recovery.
Researchers Demonstrate 22 Indirect Prompt Injection Techniques on AI Agents
Campaigns against web-reading AI agents use hidden instructions for data exposure, transactions, and server commands. Real-world bypass of AI ad review observed. Reveals vulnerabilities in agentic AI security.
OpenClaw AI Agent Abused in Malware Campaigns via Fake GitHub Installers
Fake OpenClaw installers on GitHub, promoted in Bing results, deliver Vidar stealer and GhostSocks proxies. Targets credentials and crypto wallets. IBM notes agents as insider threats.