DJBSEC's CyberNews 2026-03-11
1. Zero-Click Microsoft Information Disclosure Bug Discovered
Researchers have identified a zero-click information disclosure vulnerability affecting Microsoft systems that could allow attackers to access sensitive data without user interaction. The flaw reportedly exposes internal system information that could aid attackers in further exploitation. Because the vulnerability requires no user action, it poses a significant risk in targeted attacks. Microsoft has acknowledged the issue and is working on mitigation and security updates. Security teams are advised to monitor systems closely for suspicious activity until patches are fully deployed.
2. ShinyHunters Threatens to Leak Stolen Salesforce Data
The cybercrime group ShinyHunters is threatening to release data allegedly stolen from Salesforce environments. According to reports, the attackers claim to have accessed large amounts of customer and business data through compromised systems. Security researchers believe the attack may have involved misconfigured services or stolen credentials. If the data leak occurs, it could affect organizations that rely heavily on Salesforce platforms. Investigations are ongoing as companies assess potential exposure.
3. FortiGate Devices Exploited in New Cyber Intrusions
Security analysts have discovered active exploitation of FortiGate firewall devices in recent cyber intrusion campaigns. Attackers are leveraging known vulnerabilities to gain initial access to enterprise networks. Once inside, they deploy additional malware and attempt lateral movement across the environment. The attacks highlight the importance of keeping network appliances fully patched. Organizations are urged to review logs and update affected devices immediately.
4. Cloudflare Pingora Vulnerabilities Identified
Researchers have uncovered vulnerabilities in Cloudflare’s Pingora proxy infrastructure, which is widely used to handle web traffic. The flaws could potentially allow attackers to bypass certain security protections or disrupt traffic routing. Cloudflare has already implemented fixes and confirmed that no customer data was compromised. The issue demonstrates how even modern, high-performance infrastructure can contain security weaknesses. Companies using web proxies should stay alert to updates and patch advisories.
5. Ivanti Desktop and Server Management Vulnerability Disclosed
A newly disclosed vulnerability in Ivanti Desktop and Server Management systems could allow attackers to gain unauthorized access or execute malicious commands. Because the software is widely used in enterprise environments, the flaw may expose large numbers of systems. Security researchers warn that attackers often target IT management tools because they provide broad administrative access. Ivanti has released patches and recommended immediate updates. Organizations should review access controls and apply the latest fixes.
6. Kali Linux Introduces AI-Driven Penetration Testing Features
The popular cybersecurity platform Kali Linux is integrating AI-driven capabilities to assist with penetration testing and vulnerability discovery. These features can automate tasks such as reconnaissance, exploit identification, and security analysis. Developers say the goal is to make security testing faster and more efficient. However, experts warn that attackers could potentially leverage similar tools. The move highlights how artificial intelligence is transforming both offensive and defensive cybersecurity strategies.
7. Microsoft Reveals Details of Tycoon2FA Phishing Infrastructure
Microsoft has released new insights into the Tycoon2FA phishing-as-a-service platform, which enabled attackers to bypass multifactor authentication protections. The service operated at large scale, targeting organizations with advanced adversary-in-the-middle techniques. Tycoon2FA intercepted login sessions and stole authentication tokens from victims. Microsoft worked with partners to disrupt infrastructure linked to the phishing operation. The takedown highlights the growing threat posed by phishing kits designed to defeat MFA.
8. Malware Campaign Targets Human Resources Departments
Researchers have identified a malware campaign specifically targeting human resources departments within organizations. The attackers send phishing emails disguised as job applications or resumes containing malicious attachments. Once opened, the malware installs backdoors and steals sensitive data. HR teams are often targeted because they regularly receive external documents from unknown senders. Security experts recommend stronger email filtering and employee awareness training.
9. Microsoft to Enable Hotpatch Security Updates by Default
Microsoft announced plans to enable Hotpatch security updates by default beginning in May. Hotpatching allows security updates to be applied without requiring a system reboot. This capability helps organizations maintain uptime while quickly addressing vulnerabilities. The feature will initially be available for certain enterprise Windows environments. Microsoft believes the change will significantly improve patch adoption and system security.
10. OpenAI Acquires Promptfoo to Improve AI Security Testing
OpenAI has announced plans to acquire Promptfoo, a platform designed to test and evaluate AI model security. The acquisition aims to strengthen tools used to identify vulnerabilities in AI agents and prompts. Promptfoo helps developers detect issues such as prompt injection and unsafe model behavior. OpenAI says the integration will enhance AI security testing for developers and organizations. The move reflects growing industry focus on securing AI systems.
11. Microsoft Entra Adds Phishing-Resistant Sign-In to Windows
Microsoft has introduced phishing-resistant sign-in capabilities through Microsoft Entra integration with Windows systems. The feature uses stronger authentication methods such as passkeys and hardware-backed credentials. This approach reduces the effectiveness of traditional phishing attacks that rely on stolen passwords. Microsoft says the update is part of its broader push toward passwordless security. Organizations adopting the feature can significantly improve identity protection.
Enjoy Reading This Article?
Here are some more articles you might like to read next: