Microsoft says bug causes Copilot to summarize confidential emails - Sergiu Gatlan bleepingcomputer.com/news/microsoft… bleepingcomputer.com/news/microsoft…

The FBI warns ATM “jackpotting” caused over $20M in losses in 2025. Since 2020, 1,900 incidents have been reported, including 700 last year. Attackers use #malware like Ploutus to bypass bank authorization via the XFS layer & trigger rapid cash-outs. 🔗 Read →

PayPal discloses data breach that exposed user info for 6 months - Sergiu Gatlan bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

⚠️ Anthropic says it blocked 16 million+ exchanges tied to model distillation campaigns targeting Claude. The activity used 24,000 fake accounts and proxy networks to extract coding, reasoning, and tool-use capabilities. Three China-based AI labs were attributed. Anthropic

Attackers are stealing encrypted data under a “Harvest Now, Decrypt Later” strategy. Store it now. Decrypt it when quantum machines mature, possibly between 2030 and 2035. Security Navigator 2026 outlines a five-step PQC migration plan and breach data. 🔗 Read →

🛑 New botnet loader Aeternum uses Polygon smart contracts as its C2 channel. Commands go straight to the public blockchain—infected devices pull & execute them. No servers. No domains. No easy takedown. (Also: US investigators linked a 300-device proxy net to a Belarus

⚠️ Microsoft warns of trojanized gaming tools spreading a Java-based RAT. Attackers use PowerShell and built-in tools like cmstp.exe for stealth, add Defender exclusions and scheduled tasks for persistence, then connect to a C2 server to steal data and deploy more payloads. 🔗

🎉 What an incredible night at Bits & Bytes during #GAC2026. Huge thanks to our cohosts Pure IT, Kinectiv, NCU-ISAO, DefenseStorm, and , and to everyone who joined us for great conversations and connections shaping the future of Credit Union tech. 💙

🛡️ Claude AI Uncovers 22 Firefox Vulnerabilities in Two Weeks Source: cybersecuritynews.com/claude-ai-22-f… Anthropic’s Claude Opus 4.6 demonstrated this by uncovering over 500 zero-day vulnerabilities in heavily scrutinized open-source projects. During a two-week collaborative engagement

Microsoft: Hackers abusing AI at every stage of cyberattacks bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🛑 Two Chrome extensions turned malicious after an ownership transfer. Researchers say QuickLens (7,000 users) now strips security headers and pulls remote code every 5 minutes. The payload executes via hidden elements, leaving no malicious code in the extension source. 🔗 Read

Security updates for March 2026 are now available. Details are here: msft.it/6018SZEg0 #PatchTuesday

HPE warns of critical AOS-CX flaw allowing admin password resets bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

People upgraded years ago. Most institutions didn’t notice. Tap and QR are signals, not the story. The real shift is intent-based payments, policy, and orchestration at checkout. Read more: news.banksocial.io/payments-orche…

The cybercriminal threat actor tracked by Microsoft Threat Intelligence as Storm-2561 is running an SEO-poisoning campaign that redirects people searching for enterprise VPN software to spoofed sites and malicious ZIP downloads leading to credential theft. msft.it/6019Qlydd

⚠️ Veeam fixed multiple flaws in Backup & Replication, including 9.9-severity RCE bugs that let authenticated domain users run code on backup servers. Affected: all v12 builds before 12.3.2.4465. 🔗 CVEs and patch details → thehackernews.com/2026/03/veeam-…

🚨 Rapid7 MDR is monitoring an increase in phishing campaigns via #MicrosoftTeams, wherein threat actors are impersonating internal IT departments then persuading users to grant remote access. Find our guidance in a new blog: r-7.co/46Y0grO

🛡️ We added Synacor Zimbra Collaboration Suite (ZCS) cross-site scripting vulnerability CVE-2025-66376 to our KEV Catalog. Visit go.dhs.gov/Z3Q for more information. #Cybersecurity #InfoSec

🛡️ We added Microsoft SharePoint deserialization of untrusted data vulnerability CVE-2026-20963 to our KEV Catalog. Visit go.dhs.gov/Z3Q for more information. #Cybersecurity #InfoSec

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks securityweek.com/cisco-firewall…