Mastodawn

Just discovered a new tech gadget—game changer! 🚀 #techtwitter

Three China-linked threat clusters target Southeast Asian government orgs in a sophisticated operation deploying malware like HIUPAN, PUBLOAD, EggStremeFuel, Gorem RAT, and MASOL. https://thehackernews.com/2026/03/three-china-linked-clusters-target.html

Three China-linked clusters targeted a Southeast Asian government in 2025, deploying multiple malware families to secure persistent access.

The Hacker News

Secrets sprawl hit a new high in 2025, with 29M hardcoded secrets—a 34% jump. AI is emerging as both a threat and a tool in this growing landscape. #Security #SecretsSprawl https://thehackernews.com/2026/03/the-state-of-secrets-sprawl-2026-9.html

29M secrets leaked in 2025, up 34% YoY, driven by AI growth and poor remediation, expanding enterprise attack surfaces.

The Hacker News

Cybersecurity alert: A Russian-linked remote access toolkit, CTRL, spreads via malicious Windows LNK files disguised as private key folders. It enables phishing, keylogging, RDP hijacking, and tunneling. https://thehackernews.com/2026/03/russian-ctrl-toolkit-delivered-via.html

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.

The Hacker News

Is the threat slowing Tier 1 down, or the process? Fragmented workflows and manual steps delay response. Fixing these gaps boosts speed, reduces escalations, and improves SOC action. https://thehackernews.com/2026/03/3-soc-process-fixes-that-unlock-tier-1.html

Behavior-first triage with unified cross-platform analysis cuts workload 20% and MTTR by 21 minutes, accelerating SOC response.

The Hacker News

Some weeks are quiet but not in a good way. Long operations hit courts, old attack methods reappear, and research resumes just as defenders lose focus. A mix of persistence, wins, and influence ops. https://thehackernews.com/2026/03/weekly-recap-telecom-sleeper-cells-llm.html

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.

The Hacker News

A new campaign uses ClickFix social engineering to spread DeepLoad, a stealthy malware loader that evades scans, steals credentials instantly, and bypasses blockers.—ReliaQuest https://thehackernews.com/2026/03/deepload-malware-uses-clickfix-and-wmi.html

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

The Hacker News

A new vulnerability in OpenAI ChatGPT lets malicious prompts secretly exfiltrate user data, including messages and files, without consent, warns Check Point. https://thehackernews.com/2026/03/openai-patches-chatgpt-data.html

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.

The Hacker News

Axios versions 1.14.1 & 0.30.4 were compromised, injecting malicious plain-crypto-js v4.2.1. The trojan targets Windows, macOS, & Linux—stay alert! #cybersecurity #opensource https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying cross-platform RAT malware.

The Hacker News

A campaign targeting Chinese users using typosquatted domains to deliver AtlasCross RAT, impersonating VPNs, messengers, video tools, crypto apps, and e-commerce sites. https://thehackernews.com/2026/03/silver-fox-expands-asia-cyber-campaign.html

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.

The Hacker News