IT Security News

A threat campaign known as SmartApeSG — also tracked under the names ZPHP and HANEYMANEY — has been observed pushing multiple strains of malware through a social engineering technique called ClickFix. The campaign, active as recently as March 24, 2026,… Read more → The post SmartApeSG ClickFix Campaign Delivers Remcos, NetSupport RAT, StealC and Sectop RAT appeared first on IT Security News.

macOS has become a standard part of modern business environments, especially across engineering, product, and leadership teams. That makes it a growing security concern: when a Mac used by a high-access employee is compromised, it can lead to stolen credentials,… Read more → The post macOS Threats Are the Biggest Security Gap in 2026: How SOC Teams Close It appeared first on IT Security News.

The digital trust ecosystem is undergoing its fastest shift in decades, and for Managed Service Providers (MSPs), this change creates a major market opportunity. As of March 15, 2026, the lifespan of newly issued SSL/TLS certificates has been cut from… Read more → The post Helping MSPs Take Control of Certificate Management: Introducing Sectigo Partner Platform appeared first on IT Security News.

Cloudflare recently published data that offers clear insight into where the DDoS threat environment is heading. DDoS attacks are becoming larger, more frequent, and more sophisticated, with botnets reaching unprecedented scale. But beyond the headline numbers, the report also points… Read more → The post The Dark Side of DDoS: Why DDoS Downtime is Harder to Prevent appeared first on IT Security News.

Read the latest Microsoft Secure Access report for insights into why a unified identity and access strategy offers strong modern protection. The post Identity security is the new pressure point for modern cyberattacks appeared first on Microsoft Security Blog. This… Read more → The post Identity security is the new pressure point for modern cyberattacks appeared first on IT Security News.

Russian state-owned media reported that police in Russia arrested the administrator of LeakBase, a large hacking forum. This article has been indexed from Security News | TechCrunch Read the original article: Russia arrests alleged owner of cybercrime forum LeakBase, report… Read more → The post Russia arrests alleged owner of cybercrime forum LeakBase, report says appeared first on IT Security News.

  A fresh wave of digital deception, driven by machine learning tools, shifts how hackers grab personal information — no longer relying on password theft but diving into deeper system controls. Spotted by analysts at Cyble Research & Intelligence Labs… Read more → The post AI-Driven Phishing Campaign Exploits Device Permissions to Steal Biometric and Personal Data appeared first on IT Security News.

15 posts were published in the last hour 16:34 : Hackers claim to have accessed data tied to millions of crime tipsters 16:34 : Novee Brings Autonomous Red Teaming to LLM Applications, Built From Its Own Vulnerability Research 16:34 :… Read more → The post IT Security News Hourly Summary 2026-03-25 18h : 15 posts appeared first on IT Security News.

A hacktivist group claims to have obtained sensitive data on crime tipsters and the people they reported, dating back to 1987. This article has been indexed from Malwarebytes Read the original article: Hackers claim to have accessed data tied to… Read more → The post Hackers claim to have accessed data tied to millions of crime tipsters appeared first on IT Security News.

Novee has introduced AI Red Teaming for LLM Applications, an autonomous security testing capability built into its AI penetration testing platform. The product is designed to find vulnerabilities in AI-powered applications before attackers do, addressing a category of risk that… Read more → The post Novee Brings Autonomous Red Teaming to LLM Applications, Built From Its Own Vulnerability Research appeared first on IT Security News.

Skyhawk Security has added Threat Actor Context to its cloud security platform, giving security teams a way to understand simulated attack scenarios through the lens of known adversary behavior. The enhancement connects Skyhawk’s AI Red Team attack simulations to real-world… Read more → The post Skyhawk Security Adds Threat Actor Context to Cloud Attack Scenarios, Mapping Simulations to Known Adversaries appeared first on IT Security News.

Miggo Security is significantly expanding its Runtime Defense Platform at RSA Conference 2026, adding an AI Bill of Materials, runtime guardrails, and Agentic Detection and Response capabilities. The release is aimed at organizations running AI agents, Model Context Protocol toolchains,… Read more → The post Miggo Security Expands Runtime Defense Platform With AI-BOM, Agentic Detection, and MCP Monitoring appeared first on IT Security News.

Entro Security has announced Agentic Governance & Administration (AGA), a new pillar of its platform designed to help security and identity teams govern AI agents and AI access paths across enterprise systems. The company is showcasing AGA at RSA Conference… Read more → The post Entro Security Launches AGA to Govern AI Agents and Non-Human Identities Across the Enterprise appeared first on IT Security News.

Vicarius has announced vIntelligence, a second flagship product that adds continuous agentic validation to the company’s security portfolio. The launch marks a shift for Vicarius from a single-product company to a two-product operation, with vIntelligence complementing its existing vRx remediation… Read more → The post Vicarius Launches vIntelligence, a Second Flagship Product for Continuous Agentic Validation appeared first on IT Security News.

Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloud Phones Linked to Rising Financial Fraud Threat Read more → The post Cloud Phones Linked to Rising Financial Fraud Threat appeared first on IT Security News.

AI-assisted development is accelerating software delivery — but it also amplifies a question many teams still ignore: what happens to your sensitive data when you use AI tools? API keys, customer PII, internal business logic, production logs — once shared… Read more → The post Privacy-Conscious AI Development: How to Ship Faster Without Leaking Your Crown Jewels appeared first on IT Security News.

TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware. TP-Link issued security updates for its Archer NX router series to fix multiple vulnerabilities, including CVE-2025-15517 (CVSS score of… Read more → The post Patch now: TP-Link Archer NX routers vulnerable to firmware takeover appeared first on IT Security News.

Posted by Eric Lynch, Product Manager, Android and Dom Elliot, Group Product Manager, Google Play Modern digital security is at a turning point. We are on the threshold of using quantum computers to solve “impossible” problems in drug discovery, materials… Read more → The post Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android appeared first on IT Security News.

The Node.js project released a critical security update on March 24, 2026, for the Long-Term Support (LTS) branch, designating version 20.20.2 ‘Iron’ as a security release. The update resolves seven tracked vulnerabilities spanning TLS error handling, HTTP/2 flow control, cryptographic… Read more → The post Node.js Patches Multiple Vulnerabilities That Enable DoS Attacks and Process Crashes appeared first on IT Security News.

Mozilla has officially rolled out Firefox 149.0 to the Release channel on March 24, 2026, delivering a massive update focused heavily on user privacy and security hardening. The standout addition in this release is a free built-in VPN offering 50 GB of protected… Read more → The post Firefox 149.0 Released With Free Built-in VPN With 50 GB Monthly Data Limit appeared first on IT Security News.