12 News Items
THN · BleepingComputer · Krebs · Dark Reading · SANS
THN · BleepingComputer · Krebs · Dark Reading · SANS
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of March 22, 2026.
-
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
— Bleeping Computer
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-ste… -
Google adds ‘Advanced Flow’ for safe APK sideloading on Android
— Bleeping Computer
Google has announced a new mechanism in Android called Advanced Flow that will allow sideloading APKs from unverified developers for power u… -
Microsoft Azure Monitor alerts abused for callback phishing attacks
— Bleeping Computer
Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team … -
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
— The Hacker News
Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging application… -
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
— The Hacker News
Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be e… -
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
— The Hacker News
The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that h… -
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
— The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, and Laravel… -
FBI links Signal phishing attacks to Russian intelligence services
— Bleeping Computer
The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encr… -
Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw
— Dark Reading
Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web. -
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
— Dark Reading
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP. -
Interlock Ransomware Targets Cisco Enterprise Firewalls
— Dark Reading
The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly … -
GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
— SANS ISC
Yesterday, I discovered a malicious Bash script that installs a GSocket backdoor on the victim's computer. I don't know the source o…
Generated by HiveNet.ai Threat Intelligence Platform · March 22, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC