> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Wednesday, March 04, 2026

  1. 1
    1
    BleepingComputer general
    CISA flags VMware Aria Operations RCE flaw as exploited in attacks

    CISA added VMware Aria Operations vulnerability CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, confirming active exploitation of this RCE flaw. Federal agencies must patch by the CISA deadline, and the KEV listing signals widespread threat actor interest in this VMware infrastructure management platform vulnerability.

  2. 2
    1
    Dark Reading general
    Qualcomm Zero-Day Exploited in Targeted Android Attacks

    Google patched CVE-2026-21385, a high-severity memory corruption flaw in Qualcomm's graphics component that has been actively exploited in targeted Android attacks. The vulnerability allows buffer over-read when adding user data without checking available buffer space, with exploitation potentially linked to commercial spyware or nation-state groups.

  3. 3
    1
    SecurityWeek general
    Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters

    Iranian drone strikes directly hit two AWS data centers in the UAE and damaged another facility in Bahrain, disrupting cloud services across the Middle East. The physical attacks demonstrate how geopolitical conflicts can directly impact critical cloud infrastructure that enterprises worldwide depend on for operations.

  4. 4
    0
    BleepingComputer general
    Paint maker giant AkzoNobel confirms cyberattack on U.S. site

    Dutch paint giant AkzoNobel confirmed hackers breached the network of one of its U.S. sites in what appears to be a targeted attack on industrial infrastructure. The breach affects a multinational company with significant manufacturing operations, highlighting ongoing threats to critical industrial sector organizations.

  5. 5
    0
    Dark Reading general
    Dark Reading Confidential: This Threat Hunter Helped Cops Bust Up An African Cybercrime Syndicate

    Interpol's operation against an African cybercrime syndicate led to 574 arrests and recovery of over $3 million, with threat hunters helping decrypt six malware variants. The international law enforcement action demonstrates the scale of organized cybercrime operations and the critical role of private sector threat intelligence in dismantling criminal networks.

  6. 6
    1
    CyberScoop general
    Possible U.S.-developed exploits linked to first known ‘mass’ iOS attack

    Researchers traced U.S.-developed exploits through a supply chain from spyware vendors to Russian hackers to Chinese cybercriminals in the first known mass iOS attack. The exploit kit's journey illustrates how advanced nation-state tools proliferate through cybercriminal ecosystems, creating broader security risks beyond their original targets.

  7. 7
    0
    BleepingComputer general
    LexisNexis confirms data breach as hackers leak stolen files

    LexisNexis Legal & Professional confirmed a data breach where hackers accessed customer and business information, with threat actors subsequently leaking 2 GB of stolen data containing millions of records. The breach affects a major legal and professional services data provider, potentially exposing sensitive client information and legal research data.

  8. 8
    1
    BleepingComputer general
    Microsoft: Hackers abuse OAuth error flows to spread malware

    Microsoft identified hackers abusing legitimate OAuth redirection mechanisms to bypass email and browser phishing protections, targeting government and public-sector organizations. The technique leverages trusted OAuth flows to redirect victims to attacker-controlled infrastructure without stealing authentication tokens, representing an evolution in phishing tactics.

  9. 9
    1
    SecurityWeek general
    Quantum Decryption of RSA is Much Closer than Expected

    A newly announced quantum algorithm challenges assumptions about RSA decryption timelines, suggesting quantum computers could break RSA encryption much sooner than expected without requiring million-qubit systems. This development accelerates concerns about quantum threats to current encryption standards and the urgency of post-quantum cryptography adoption.

  10. 10
    0
    CyberScoop general
    Researchers discover suite of agentic AI browser vulnerabilities

    Researchers discovered vulnerabilities in agentic AI browsers like Comet that allow attackers to access local file systems, browse directories, and exfiltrate data through simple calendar invites. The findings highlight new attack surfaces created by AI-powered browsing tools that can be manipulated to perform unauthorized system operations.