Critical Zero-Days from Cisco & Google Under Active Attack; Iran-Linked Cyber Warfare Escalates

Google Patches Actively Exploited Qualcomm Zero-Day in Massive Android Update

Google's March 2026 security update for Android addresses 129 vulnerabilities, including a high-severity zero-day flaw, CVE-2026-21385, in a Qualcomm display component. The vulnerability, a memory corruption issue affecting over 230 Qualcomm chipsets, is confi...

APT37's 'Ruby Jumper' Malware Breaches Air-Gapped Networks via USB

The North Korean state-sponsored group APT37 (aka ScarCruft) is using a new malware suite called 'Ruby Jumper' to breach and exfiltrate data from highly secure, air-gapped networks. Active since at least December 2025, the campaign uses weaponized USB drives t...

Bitrefill Breach: North Korea's Lazarus Group Suspected in Attack on Crypto Service

Bitcoin payment service Bitrefill has disclosed a data breach that occurred on March 1, 2026, after a single employee's laptop was compromised. The attack methods bear a strong resemblance to campaigns by the North Korean state-sponsored Lazarus Group. The bre...

Russia's APT28 Linked to Exploitation of MSHTML Zero-Day Before Patch

Security firm Akamai has found evidence suggesting that the Russian state-sponsored group APT28 (Fancy Bear) exploited a high-severity zero-day vulnerability, CVE-2026-21513, in Microsoft's MSHTML framework before it was patched in February 2026. The flaw, whi...

DragonForce Ransomware Hits Top Brazilian University, Threatens Data Leak

The DragonForce ransomware group has claimed responsibility for a cyberattack on Fundação Getulio Vargas (FGV), a prominent Brazilian university and research institution. In a post on March 2, 2026, the group threatened to publish a 'full leak' of sensitive da...

Qilin Ransomware Strikes Italian Logistics Firm, Threatening Supply Chain Disruption

The Qilin ransomware group has claimed an attack on Traffic Tech, a major logistics and freight company based in Italy. The claim was made on March 1, 2026, with the group threatening to leak sensitive operational data. This attack highlights the persistent an...

Vect Ransomware Claims Breach of Indian Manufacturer USHA, Accessing SAP Data

The Vect ransomware group has claimed a cyberattack on USHA International Limited, a major Indian manufacturer of consumer durables. In a post on March 1, 2026, the attackers alleged they have breached sensitive employee data and crucial databases, including S...

Iran-Linked 'Dust Specter' APT Uses AI-Generated Malware to Spy on Iraqi Officials

A suspected Iran-nexus threat actor, tracked by Zscaler ThreatLabz as 'Dust Specter,' was observed targeting Iraqi government officials in a cyberespionage campaign in January 2026. The campaign used previously undocumented malware, including a dropper called...

Samsung Settles with Texas Over Unauthorized Smart TV Data Collection

Samsung Electronics has settled with the State of Texas over allegations that it used Automated Content Recognition (ACR) technology in its Smart TVs to collect detailed user viewing data without obtaining proper, express consent. Announced on March 1, 2026, t...

Conduent Breach Explodes: Safepay Ransomware Hits 25 Million with Sensitive Data Theft

Update:Conduent has begun sending official notification letters to the 25 million individuals affected by the Safepay ransomware breach. The new report emphasizes critical steps for victims, including immediately freezing credit with all three major bureaus, acceptin...