> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 17 Mar 16 Mar 15 Mar 14 Mar 13 Mar 12 Mar 11 Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Tuesday, March 17, 2026

  1. 1
    0
    The Hacker News general
    GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

    The GlassWorm malware campaign leverages stolen GitHub tokens to force-push malicious code into hundreds of Python repositories, targeting Django apps, ML research code, Streamlit dashboards, and PyPI packages by appending obfuscated code to setup.py, main.py, and app.py files. StepSecurity researchers identified dozens of malicious GlassWorm extensions using new evasion techniques to hide in dependencies and avoid detection.

  2. 2
    0
    BleepingComputer general
    Stryker attack wiped tens of thousands of devices, no malware needed

    Medical technology giant Stryker suffered a cyberattack that remotely wiped tens of thousands of employee devices without using malware, limiting the impact to its internal Microsoft environment. The attack occurred last week and demonstrates a novel destructive technique that bypasses traditional malware-based detection methods.

  3. 3
    0
    BleepingComputer general
    CISA flags Wing FTP Server flaw as actively exploited in attacks

    CISA added a Wing FTP Server vulnerability to its Known Exploited Vulnerabilities catalog, warning U.S. government agencies that the flaw is being actively exploited and may be chained with other vulnerabilities for remote code execution attacks. Federal agencies must secure their Wing FTP Server instances to prevent compromise.

  4. 4
    0
    The Record threat-intel
    Russia-linked espionage campaign targeting Ukraine using Starlink and charity lures

    A Russia-linked threat group launched a cyber-espionage campaign against Ukrainian organizations using fake documents about Starlink satellite internet terminals and a well-known Ukrainian charity as lures to infect devices with spyware. The campaign demonstrates continued Russian intelligence targeting of Ukrainian infrastructure and humanitarian organizations.

  5. 5
    0
    SecurityWeek general
    China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

    China-linked state-sponsored hackers deployed custom tools against Asian military organizations in a patient espionage operation, remaining dormant in compromised environments for months before activating their payloads. The campaign used novel backdoors and familiar evasion techniques to maintain persistent access to regional defense targets.

  6. 6
    0
    SecurityWeek general
    Threat Actor Targeting VPN Users in New Credential Theft Campaign

    The Storm-2561 threat actor is distributing fake VPN clients through SEO poisoning techniques, deploying trojans to steal login credentials from users seeking VPN services. The campaign targets users searching for legitimate VPN solutions, compromising their authentication data through malicious software disguised as security tools.

  7. 7
    0
    BleepingComputer general
    UK’s Companies House confirms security flaw exposed business data

    UK's Companies House confirmed a security flaw in its WebFiling service exposed business registration data since October 2025, prompting the temporary shutdown of the service on Friday for remediation. The vulnerability affected the government agency that operates the registry for all UK companies, potentially exposing sensitive corporate information.

  8. 8
    0
    SecurityWeek general
    Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact

    Following the Oracle EBS hack, only four major corporations—Broadcom, Bechtel, Estée Lauder, and Abbott Technologies—have yet to issue public statements about potential impact from the breach. The silence from these corporate giants raises questions about the scope of data exposure and customer notification obligations.

  9. 9
    0
    SecurityWeek general
    Security Firm Executive Targeted in Sophisticated Phishing Attack

    A security firm executive was targeted in a sophisticated phishing attack using DKIM-signed emails, trusted redirect infrastructure, compromised servers, and Cloudflare-protected phishing pages to bypass security controls. The attack demonstrates advanced techniques specifically designed to target cybersecurity professionals with enhanced technical defenses.

  10. 10
    0
    Dark Reading general
    Attackers Abuse LiveChat to Phish Credit Card, Personal Data

    Attackers are abusing LiveChat customer support platforms to conduct social engineering campaigns impersonating PayPal and Amazon, using fake customer service interactions to steal credit card information and personal data. The technique leverages trusted customer support channels to bypass user suspicion and security awareness training.