DJBSEC's CyberNews 2026-03-26

Created in March 26, 2026

2026   ·   Daily News   ·   News

Device Code Phishing Campaign Hits 340 Microsoft Tenants

A large-scale device code phishing campaign has reportedly targeted over 340 Microsoft 365 tenants, exploiting legitimate authentication workflows. Attackers trick users into entering authentication codes on trusted Microsoft login pages, effectively bypassing traditional phishing detection. Because the method leverages legitimate OAuth flows, it is difficult to detect and does not require credential theft in the traditional sense. Once access is granted, attackers can maintain persistence and access sensitive corporate data. Organizations are urged to restrict device code flows, enforce conditional access, and monitor authentication anomalies.
Read More

Phishers Impersonate Palo Alto Recruiters in Job Scam

Threat actors are posing as recruiters from Palo Alto Networks in a phishing campaign targeting job seekers. Victims are lured with fake job offers and asked to provide personal information or download malicious files during the hiring process. The campaign exploits trust in well-known cybersecurity brands to increase credibility. In some cases, attackers may use the collected data for identity theft or further attacks. Job seekers are advised to verify recruiter communications and avoid downloading unsolicited attachments.
Read More

Pay2Key Linux Ransomware Targets Enterprise Servers

The Pay2Key ransomware group is actively targeting Linux-based enterprise servers in a new wave of attacks. The malware encrypts critical systems and demands payment in exchange for decryption keys, disrupting business operations. Linux environments are increasingly being targeted as organizations rely more heavily on them for servers and cloud workloads. Attackers often gain initial access through exposed services or weak credentials. Security teams are urged to harden server configurations and maintain reliable backups.
Read More

Cisco Catalyst Switch Vulnerabilities Could Trigger DoS

Researchers have identified chained vulnerabilities in Cisco Catalyst switches that could be exploited to cause denial-of-service conditions. By combining multiple flaws, attackers may disrupt network operations and impact availability. These switches are widely used in enterprise environments, increasing the potential impact of exploitation. Cisco has released patches and recommends immediate updates to affected devices. Organizations should prioritize remediation to maintain network stability and security.
Read More

China-Linked Hackers Breach Southeast Asian Military Systems

A China-linked threat group has reportedly breached military systems in Southeast Asia, raising concerns about cyber espionage activities. The attackers are believed to have accessed sensitive data related to defense operations and communications. Such intrusions highlight the growing role of cyber operations in geopolitical conflicts. Governments and defense organizations are increasingly targeted by advanced persistent threat groups. Enhanced monitoring and threat intelligence sharing are critical to defending against these attacks.
Read More

Mirai Variants Fuel Continued Botnet Growth

New variants of the Mirai malware are contributing to the continued expansion of botnet activity worldwide. These variants target vulnerable IoT devices, recruiting them into botnets used for distributed denial-of-service attacks. Despite being years old, Mirai remains effective due to widespread insecure device configurations. Attackers continue to evolve the malware with new capabilities to evade detection. Organizations and consumers alike are urged to secure IoT devices and change default credentials.
Read More

AI Agent Supply Chain Attacks Raise New Concerns

Researchers are warning about emerging risks tied to AI agent supply chain attacks, where malicious components are introduced into AI workflows. These attacks could manipulate outputs, leak sensitive data, or introduce hidden backdoors. As organizations increasingly rely on AI agents for automation, the attack surface continues to grow. The lack of standardized security practices for AI ecosystems adds to the challenge. Experts recommend implementing governance and validation controls for AI systems.
Read More

Google Moves Post-Quantum Encryption Timeline to 2029

Google has accelerated its timeline for adopting post-quantum encryption, now aiming for broader implementation by 2029. The move reflects growing concerns that future quantum computers could break current encryption standards. Organizations are being encouraged to begin preparing for the transition to quantum-resistant algorithms. While the threat is not immediate, early adoption is key to long-term data protection. This shift signals increasing urgency across the industry to address quantum risks.
Read More

Alleged RedLine Infostealer Operator Extradited to U.S.

An individual accused of operating the RedLine infostealer malware has been extradited to the United States to face charges. RedLine has been widely used to steal credentials, financial data, and sensitive information from infected systems. The extradition marks a significant step in international cooperation against cybercrime. Authorities hope the case will disrupt operations tied to the malware. It also serves as a warning to cybercriminals operating across borders.
Read More

GitHub Expands Security Coverage With AI Bug Detection

GitHub has introduced AI-powered bug detection features to enhance its security capabilities. The new tools aim to identify vulnerabilities in code more efficiently and provide developers with actionable insights. By leveraging AI, GitHub hopes to improve early detection of security flaws during development. This approach aligns with the growing trend of integrating security into the software development lifecycle. Developers are encouraged to adopt these tools to strengthen application security.
Read More

New Critical Citrix NetScaler Vulnerability Discovered

A newly identified critical vulnerability in Citrix NetScaler is being compared in severity to the previously exploited CitrixBleed flaw. The issue could allow attackers to access sensitive data or compromise affected systems. Given the history of widespread exploitation of similar vulnerabilities, experts warn of potential rapid attacks. Organizations using NetScaler appliances are urged to apply patches immediately. Proactive monitoring and mitigation are essential to reduce risk.
Read More



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2026-04-16
  • DJBSEC's CyberNews 2026-04-15
  • DJBSEC's CyberNews 2026-04-14
  • DJBSEC's CyberNews 2026-04-13
  • DJBSEC's CyberNews 2026-04-10