Tootfinder

Red Canary’s March Intelligence Insights report is out. They provide detection opportunities for common Windows and MacOS exploits #cybersecurity
https://redcanary.com/blog/threat-inte…

Intelligence Insights: March 2026 | Red Canary
ScreenConnect stays the course, Mac infostealers surge, and Vidar resurfaces in this month’s edition of Intelligence Insights

"Pass the key, passwords have passed their sell-by date"
#cybersecurity

Pass the key, passwords have passed their sell-by date
: NCSC passes judgment: passkeys pass muster, passwords fail

One of the best detailed descriptions of cybersecurity program essentials I’ve seen. From JP Morgan’s #cybersecurity team
https://www.j…

Fortifying the enterprise: 10 actions to take now for AI-ready cyber resilience
By the JPMorganChase Global Technology Leadership Team

gcve-eu-kev updated — a CISA KEV and ENISA CNW/EUVD to GCVE BCP-07 converter.
It now also includes a generic RSS/Atom exporter for any GCVE KEV BCP-07 feed.
@…
#cybersecurity

GitHub - gcve-eu/gcve-eu-kev: CISA/ENISA KEV to GCVE BCP-07 Converter.
CISA/ENISA KEV to GCVE BCP-07 Converter. Contribute to gcve-eu/gcve-eu-kev development by creating an account on GitHub.

Geoshitties for the win! If you use @… ‘s blocklists you’d have already blocked *.vercel.app which is a key link in the kill chain for this attack described by Microsoft. My advice: block Vercel for everyone in your org except for those that have a business need. #cybersecurity

Developer-targeting campaign using malicious Next.js repositories | Microsoft Security Blog
A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard build workflows. The activity demonstrates how staged command-and-control can hide inside routine development tasks.

Security: Learning the Language of Privacy by Matthew Plascencia
Watch now: https://youtu.be/qV5KVKQdCmI?si=imAhOc_xz9p-MfAn
🔒 Dive into the essentials of privacy and security in the open source world!

Life is full of paradoxes. We spend countless time discussing threat actors using AI and in 2026 some are still relying on PlugX.
#plugx #cybersecurity #threatintel

RE: #cybersecurity

We need id for vulnerabilities on online services. Documenting is critical.
#cybersecurity #vulnerability

Microsoft says bug causes Copilot to summarize confidential emails
Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information.

You have a verified LinkedIn account, read this. #microsoft #linkedin #privacy #cybersecurity

Ich teile mal hier diese interessante Diskussion auf administrator.de #administrator #cybersecurity #depol

For those in the Microsoft Defender ecosystem
#cybersecurity

What's new in Microsoft Defender XDR - Microsoft Defender XDR
Lists the new features and functionality in Microsoft Defender XDR

"President Trump’s CYBER STRATEGY for America"
The strategy does not explicitly mention Coordinated Vulnerability Disclosure (CVD) or vulnerability disclosure programs.
Basically it's more about offensive posture, infrastructure protection, and technology dominance.
Cybersecurity independence for Europe is no longer optional, it has become a strategic necessity.
#cybersecurity

Another cut in CISA budget for 2027, 707 million less.
#cisa #us #cybersecurity
🔗

I’ve been very happy with uBlock Origin Lite since being forced to switch from the original. I appreciate the ad blocker devs putting in the work to make this happen. #cybersecurity

This NSE Checks for Ivanti EPMM MDM by requesting a known API endpoint.
#ivanti #nmap #cybersecurity
🔗

Reliaquest has a post on attacker’s use of .SCR files to install remote access software. SCR (screensaver) files _are_ executable files. If you don’t already, please block .scr files from being emailed to your end users. #cybersecurity

🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec

Deep research on a recent ClickFix campaign from Kirk at Derp.ca. He offered much more analysis of this campaign but I want to highlight two aspects of the identified kill chain: duckdns.org and trycloudflare.com. Blocking those two domains would have stopped this attack. #cybersecurity

SERPENTINE#CLOUD returns: ClickFix lure drops five RATs
Same operator, new delivery chain. ClickFix through Cloudflare tunnels drops five RAT families simultaneously - including Brute Ratel C4 wrapping PureHVNC.

RE: #ioc

RE: https://infosec.exchange/@ScumBots/116195646833821026
Come ‘on now?!? Who still doesn’t have *.ngrok.io blocked? Ngrok themselves don’t even recommend using this domain any longer.