# Archive
Browse past daily curated stories
Friday, March 27, 2026
-
1BleepingComputer generalCISA: New Langflow flaw actively exploited to hijack AI workflows
CISA warns that attackers are actively exploiting CVE-2026-33017, a critical vulnerability in the Langflow AI framework for building AI agents. The flaw enables code injection attacks and was being exploited within hours of disclosure, demonstrating the rapid weaponization of AI platform vulnerabilities.
-
2The Hacker News generalChina-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
China-linked threat group Red Menshen (also tracked as Earth Bluecrow) has embedded BPFDoor implants within telecom networks to conduct long-term espionage against government targets. The campaign demonstrates sophisticated positioning within critical infrastructure for persistent access to sensitive communications.
-
3BleepingComputer generalCoruna iOS exploit framework linked to Triangulation attacks
The Coruna iOS exploit kit represents an evolution of the framework used in 2023's Operation Triangulation espionage campaign that targeted iPhones via zero-click iMessage exploits. This indicates advanced iOS exploitation capabilities are being actively developed and potentially distributed to new threat actors.
-
4The Record threat-intelAlleged RedLine malware developer extradited to US, faces up to 30 years
Hambardzum Minasyan was extradited to the US and faces up to 30 years in prison for allegedly developing and administering RedLine infostealer malware. He appeared in Austin federal court on charges including conspiracy to commit access device fraud and violate the Computer Fraud and Abuse Act.
-
5BleepingComputer generalRussia arrests suspected owner of LeakBase cybercrime forum
Russian police arrested a Taganrog resident suspected of owning LeakBase, a major cybercrime forum for trading stolen data and hacking tools. This follows recent global law enforcement actions against the platform, indicating continued pressure on cybercrime infrastructure.
-
6The Hacker News generalClaude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Researchers disclosed a vulnerability in Anthropic's Claude Chrome Extension that allowed any website to silently inject prompts into the AI assistant without user interaction. The zero-click XSS flaw enabled malicious prompt injection simply by visiting a compromised webpage.
-
7BleepingComputer generalUK sanctions Xinbi marketplace linked to Asian scam centers
The UK sanctioned Xinbi, a Chinese-language cryptocurrency marketplace that sells stolen data and satellite internet equipment to Southeast Asian scam networks. The sanctions target financial infrastructure supporting large-scale online fraud operations and human trafficking.
-
8The Record threat-intelPro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware
Pro-Ukrainian hacker group Bearlyfy has conducted over 70 cyberattacks against Russian companies in the past year and is now deploying custom ransomware tools. The group represents the escalation of hacktivist operations with increasingly sophisticated malware capabilities.
-
9The Hacker News generalWebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
A new payment skimmer uses WebRTC data channels to receive payloads and exfiltrate stolen payment data from e-commerce sites, bypassing traditional Content Security Policy protections. This technique represents a novel approach to evading web security controls that rely on monitoring HTTP traffic.
-
10CyberScoop generalGoogle moves post-quantum encryption timeline up to 2029
Google accelerated its post-quantum encryption timeline from 2035 to 2029, indicating increased concern about quantum computing threats to current cryptographic systems. The company is pushing the industry to migrate away from RSA and elliptic curve cryptography more rapidly than previously planned.