> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 15 Mar 14 Mar 13 Mar 12 Mar 11 Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Wednesday, March 11, 2026

  1. 1
    0
    Krebs on Security threat-intel
    Microsoft Patch Tuesday, March 2026 Edition

    Microsoft's March 2026 Patch Tuesday addresses 77 vulnerabilities in Windows and other software, with no zero-day exploits compared to February's five zero-day threats. This represents the first month in six months without actively exploited vulnerabilities, providing security teams a less urgent patching cycle.

  2. 2
    0
    BleepingComputer general
    Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws

    Microsoft's March 2026 Patch Tuesday fixes 79 flaws including 2 publicly disclosed zero-day vulnerabilities, marking the first update in six months without actively exploited zero-days. The update addresses critical security gaps while giving organizations breathing room from emergency patching.

  3. 3
    1
    BleepingComputer general
    New ‘BlackSanta’ EDR killer spotted targeting HR departments

    Russian-speaking threat actors have deployed BlackSanta EDR killer malware against HR departments for over a year, specifically targeting human resource workflows to bypass endpoint detection and response systems. The campaign demonstrates sophisticated evasion techniques designed to steal data while remaining undetected by security tools.

  4. 4
    0
    BleepingComputer general
    New BeatBanker Android malware poses as Starlink app to hijack devices

    BeatBanker Android malware masquerades as a Starlink app on fake Google Play Store websites to hijack devices and build a malicious proxy network. The malware specifically targets Android users by tricking them into downloading what appears to be legitimate SpaceX Starlink software.

  5. 5
    0
    BleepingComputer general
    New 'Zombie ZIP' technique lets malware slip past security tools

    The "Zombie ZIP" technique allows malware to hide payloads in specially crafted compressed files that evade antivirus and EDR detection systems. This new method exploits weaknesses in how security solutions parse ZIP file structures, enabling attackers to deliver malware undetected.

  6. 6
    0
    BleepingComputer general
    New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network

    The KadNap botnet has infected over 14,000 ASUS routers and edge devices since August 2025, with 60% of victims located in the U.S. The malware converts compromised devices into proxies for malicious traffic, creating a stealth network for cybercriminal operations.

  7. 7
    0
    The Hacker News general
    FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

    Threat actors are exploiting FortiGate NGFW appliances through recently disclosed vulnerabilities and weak credentials to extract configuration files containing service account credentials and network topology. The campaign demonstrates how network security devices become high-value targets for lateral movement and credential theft.

  8. 8
    0
    The Hacker News general
    APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

    APT28 has deployed BEARDSHELL and COVENANT malware against Ukrainian military personnel since April 2024, representing a return to sophisticated tooling for long-term surveillance operations. The Russian state-sponsored group previously known as Fancy Bear is using custom variants of open-source frameworks for espionage.

  9. 9
    0
    The Hacker News general
    New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

    Nine cross-tenant vulnerabilities dubbed "LeakyLooker" in Google Looker Studio could have allowed attackers to execute arbitrary SQL queries on victims' databases and steal data from Google Cloud environments. Tenable researchers found the flaws enable unauthorized access across organizational boundaries within the business intelligence platform.

  10. 10
    0
    SecurityWeek general
    Adobe Patches 80 Vulnerabilities Across Eight Products

    Adobe patched 80 vulnerabilities across eight products including Commerce, Illustrator, Acrobat Reader, and Premiere Pro in its March 2026 security update. The extensive patch release addresses multiple attack vectors across Adobe's creative and business software suite used by millions globally.