# Archive
Browse past daily curated stories
Sunday, March 29, 2026
-
1The Hacker News generalIran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Iran-linked Handala Hack Team successfully breached FBI Director Kash Patel's personal email account and leaked photos and documents online. The attackers also conducted a wiper attack against medical device manufacturer Stryker, demonstrating escalating Iranian cyber operations targeting high-profile US officials.
-
2The Hacker News generalCitrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
CVE-2026-3055, a critical memory overread vulnerability in Citrix NetScaler ADC and Gateway with CVSS score 9.3, is under active reconnaissance by threat actors. The flaw allows attackers to exploit insufficient input validation to leak sensitive information from affected systems.
-
3The Hacker News generalCISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
CISA added CVE-2025-53521 to its KEV catalog after detecting active exploitation of F5 BIG-IP Access Policy Manager systems. The critical vulnerability has CVSS v4 score of 9.3 and enables remote code execution against affected APM deployments.
-
4The Hacker News generalTA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Russian state-sponsored group TA446 (Callisto) is deploying the leaked DarkSword iOS exploit kit in targeted spear-phishing campaigns. Proofpoint identified the attacks targeting iOS devices using recently disclosed zero-day exploits, marking a significant escalation in mobile-focused espionage operations.
-
5BleepingComputer generalNew Infinity Stealer malware grabs macOS data via ClickFix lures
Infinity Stealer malware targets macOS systems using Python payloads compiled with Nuitka and distributed through ClickFix social engineering lures. The campaign leverages fake CAPTCHA pages to trick users into executing credential-stealing malware on Apple devices.
-
6BleepingComputer generalBackdoored Telnyx PyPI package pushes malware hidden in WAV audio
TeamPCP hackers compromised the Telnyx Python package on PyPI, uploading malicious versions 4.87.1 and 4.87.2 on March 27, 2026. The threat actors concealed credential-harvesting malware inside WAV audio files to evade detection in the supply chain attack.
-
7BleepingComputer generalFake VS Code alerts on GitHub spread malware to developers
Threat actors are posting fake Visual Studio Code security alerts in GitHub Discussions sections across multiple projects to distribute malware to developers. The campaign uses social engineering to trick developers into downloading malicious files disguised as legitimate VS Code security updates.
-
8The Hacker News generalApple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
Apple began sending Lock Screen notifications to iPhones and iPads running outdated iOS versions, warning of active web-based exploits targeting older software. The alerts urge immediate installation of critical security updates to protect against ongoing attacks exploiting unpatched vulnerabilities.
-
9Dark Reading generalChina Upgrades the Backdoor It Uses to Spy on Telcos Globally
Chinese APT group Red Menshen upgraded their BPFdoor malware to target telecommunications companies globally with enhanced stealth capabilities. The advanced backdoor defeats traditional cybersecurity protections, requiring active threat hunting to detect compromises in telecom infrastructure.
-
10The Hacker News generalLangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Three security vulnerabilities in LangChain and LangGraph AI frameworks could expose filesystem data, environment secrets, and conversation history to attackers. The flaws affect widely-used open-source tools for building Large Language Model applications, potentially compromising sensitive AI deployment data.