EPISODE · Mar 24, 2026 · 3 MIN
Mar 24, 2026 · #5
from Security Brief Daily · host Security Brief Daily
Episode 5 — 24 Mar 2026 1. Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Source: The Hacker News Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) -... 2. Tycoon2FA phishing platform returns after recent police disruption Source: Bleeping Computer The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. Microsoft led the technical disruption, which involved seizing 330 domains part of Tycoon2FA’s backbone... 3. 3.1 Million Impacted by QualDerm Data Breach Source: Security Week Hackers stole personal, medical, and health insurance information from the company’s internal systems. The post 3.1 Million Impacted by QualDerm Data Breach 4. U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage Source: The Hacker News A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.... 5. ‘CanisterWorm’ Springs Wiper Attack Targeting Iran Source: Krebs on Security A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default... 6. Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials Source: The Hacker News Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user... 7. Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware Source: Security Week The semiconductor company says hackers deployed file-encrypting ransomware on the network of a subsidiary in Singapore. The post Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware 8. CISA orders feds to patch DarkSword iOS flaws exploited attacks Source: Bleeping Computer CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. [...]
What this episode covers
Episode 5 — 24 Mar 2026 1. Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Source: The Hacker News Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) -... 2. Tycoon2FA phishing platform returns after recent police disruption Source: Bleeping Computer The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. Microsoft led the technical disruption, which involved seizing 330 domains part of Tycoon2FA’s backbone... 3. 3.1 Million Impacted by QualDerm Data Breach Source: Security Week Hackers stole personal, medical, and health insurance information from the company’s internal systems. The post 3.1 Million Impacted by QualDerm Data Breach 4. U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage Source: The Hacker News A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.... 5. ‘CanisterWorm’ Springs Wiper Attack Targeting Iran Source: Krebs on Security A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default... 6. Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials Source: The Hacker News Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user... 7. Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware Source: Security Week The semiconductor company says hackers deployed file-encrypting ransomware on the network of a subsidiary in Singapore. The post Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware 8. CISA orders feds to patch DarkSword iOS flaws exploited attacks Source: Bleeping Computer CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. [...]
NOW PLAYING
Mar 24, 2026 · #5
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.