Mert SARICA

Cisco has confirmed active exploitation targeting two vulnerabilities in Cisco Catalyst SD-WAN Manager (formerly vManage), tracked as CVE-2026-20122 and CVE-2026-20128.

socradar.io/blog/cisco-c...

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle East conflict.

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor thehackernews.com/2026/03/iran...

FBI Seizes LeakBase Cybercrime Forum, Data of 142,000 Members So, LeakBase. Here’s what most miss in the threat landscape: this wasn’t just another Dark Web forum takedown. Federal authorities executed a precision strike

FBI Seizes LeakBase Cybercrime Forum, Data of 142,000 Members socradar.io/blog/fbi-sei...

Authorities Shut Down Tycoon 2FA Phishing Platform Used to Bypass MFA Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Authorities Shut Down Tycoon 2FA Phishing Platform Used to Bypass MFA hackread.com/tycoon-2fa-p...

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities.

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild www.securityweek.com/cisco-warns-...

Meta smart glasses face UK privacy probe : Contractors tasked with improving AI reportedly had access to intimate footage captured through wearables

Meta smart glasses face UK privacy probe www.theregister.com/2026/03/05/i...

LLMs in malware analysis: Doing things right is difficult Using AI based systems to fight malware sounds like a no-brainer. But things are not as straightforward as they seem. Chances are, you're doing it wrong.

LLMs in malware analysis: Doing things right is difficult blog.gdatasoftware.com/2026/03/3838...

Cyber Reflections of the U.S. & Israel-Iran War On February 28, 2026, the United States and Israel launched Operation Epic Fury, a coordinated strike campaign targeting Iran’s military command, missile

Cyber Reflections of the U.S. & Israel-Iran War socradar.io/blog/cyber-r...

There Is A Threat Actor Out There | Hack 4 Career Introduction In recent years, as a cybersecurity researcher who frequently engages in conversations with threat actors who lack knowledge or concern about Operations Security (OPSEC) (Examples: Chasing...

Sometimes a threat actor exposes themselves without realizing it.

One small clue. The right questions. OSINT revealing the full story.

In my new post, I break down a real case where a tiny OPSEC mistake turned into a complete intelligence trail.

🔎 www.hack4career.com/there-is-a-t...

#OSINT

Dark Web Profile: Andariel

The First Exploit - Pwn2Own Documentary (Part 2) Learn hacking (ad): https://www.hextree.ioWhat happens in the Pwn2Own disclosure room? Let's find out in part 2 of my short documentary about how Mozilla fix...

The First Exploit - Pwn2Own Documentary (Part 2)

What happens in the Pwn2Own disclosure room?

Apple iPhone and iPad Cleared for Classified NATO Use The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).

Apple iPhone and iPad Cleared for Classified NATO Use

New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises That guest network you set up for your neighbors may not be as secure as you think.

New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises

Five Eyes urge action as Cisco zero-day attacks uncovered : A rare joint alert from all five spy agencies means serious business

Five Eyes urge action as Cisco zero-day attacks uncovered

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware Fake Next.js repos abuse VS Code and npm to run in-memory JavaScript C2; GitLab banned 131 accounts.

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

Critical Elasticsearch Exposure: 544M Plain-Text Credentials Found Publicly Accessible SOCRadar’s AI-powered Monitoring identified a publicly accessible and misconfigured Elasticsearch instance containing...

Critical Elasticsearch Exposure: 544M Plain-Text Credentials Found Publicly Accessible socradar.io/blog/elastic...

Detecting and preventing distillation attacks Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems.

Detecting and preventing distillation attacks

www.anthropic.com/news/detecti...

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog.

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

Dark Web Profile: Lotus Blossom Lotus Blossom is a long-running cyber espionage Advanced Persistent Threat (APT) group active since at least 2009 and widely attributed to the People’s

Dark Web Profile: Lotus Blossom

Romanian Hacker Pleads Guilty to Selling Access to US State Network Catalin Dragomir admitted in a US court to selling access to an Oregon state government office’s network.

Romanian Hacker Pleads Guilty to Selling Access to US State Network

AWS says 600+ FortiGate firewalls hit in AI-augmented attack : Off-the-shelf tools helped Russian-speaking cybercrime group run riot

AWS says 600+ FortiGate firewalls hit in AI-augmented attack

Data breach at French bank registry impacts 1.2 million accounts The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts.

Data breach at French bank registry impacts 1.2 million accounts

Hotel hacker paid 1 cent for luxury rooms, Spanish cops say : 'First time we have detected a crime using this method,' cops say

Hotel hacker paid 1 cent for luxury rooms, Spanish cops say www.theregister.com/2026/02/18/f...

Ex-Google engineers charged with orchestrating high-tech secrets extraction - Help Net Security A federal grand jury has indicted three Silicon Valley engineers on charges in a scheme to steal trade secrets from Google.

Ex-Google engineers charged with orchestrating high-tech secrets extraction

Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025

What U.S. CISOs Should Track in Early 2026? Midway through the first quarter of 2026, it’s observed that U.S. CISOs face a cyber landscape defined by unprecedented technological acceleration..,

What U.S. CISOs Should Track in Early 2026? socradar.io/blog/what-us...

PromptSpy: First Android malware to use generative AI in its execution flow - Help Net Security PromptSpy is the first known Android malware to abuse generative AI as part of its execution flow in order to achieve persistence.

PromptSpy: First Android malware to use generative AI in its execution flow www.helpnetsecurity.com/2026/02/19/p...

Hackers target Microsoft Entra accounts in device code vishing attacks Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device…

Hackers target Microsoft Entra accounts in device code vishing attacks www.bleepingcomputer.com/news/securit...

Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024.

Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group

www.securityweek.com/dell-recover...

Public Elasticsearch Instances Expose 43M+ Records Including Credentials, Credit Cards, and Customer Data

socradar.io/blog/elastic...