X-Industry

The International Maritime Organization (IMO) has approved a global strategy on maritime digitalization, alongside mandatory cybersecurity measures for maritime single windows, aimed at improving safety, efficiency, and operational resilience.  The strategy, endorsed by the IMO Facilitation Committee (FAL) during its 50th session in London (23–27 March 2026), sets digitalization as an overarching IMO policy.[1]

The International Maritime Organization (IMO) is a specialized agency of the United N

1. Preparing the cyber workforce for autonomous security
As security becomes automated, agents are taking on more intelligence-driven tasks, in the security operations center (SOC), as well as compliance and risk management, and identity management. Autonomous security is set to play a critical role in identifying and monitoring non-human identity activity.
2. Navigating geopolitics, building resilience and compliance
Both digital defenses and physical assets are threatened by potential attacks fr

Cyber attackers have set their sights on French-speaking professionals, luring victims with fake résumé attachments in an active phishing campaign designed to deploy credential stealers and cryptocurrency miners.  The activity, now tracked as FAUX#ELEVATE, relies on heavily obfuscated VBScript files disguised as CV documents, which execute silently while displaying fake error messages.  The malware uses sandbox evasion, persistence techniques, and a domain-check mechanism to ensure only enterpri

Google has warned that ransomware gangs are reinventing their business models as traditional encryption-based attacks become less profitable and data-theft extortion surges.   According to new analysis, better cybersecurity controls, improved backup strategies, and stronger recovery capabilities mean more victims can restore their systems without paying, directly eroding criminal revenue. However, threat actors are not retreating; they are adapting their methods to make operations harder to disr

Across boardrooms and IT departments, a dangerous assumption continues to grow because data resides in Microsoft 365 and Azure it is automatically secure.  This belief is fundamentally flawed and creates a false sense of protection that masks real exposure, turning what should be a strategic cloud advantage into a ticking time bomb quietly building risk inside the organization’s own environment.[1]

Microsoft builds the platform; it does not defend your specific environment.  What you monitor, ho

Since US and Israeli strikes began against Iranian military and nuclear infrastructure in late February, two wars have been running simultaneously. One is kinetic.  The other involves something the world has not fully reckoned with: the systematic use of artificial intelligence to manufacture reality, at scale, in real time, during active armed conflict.[1]

Within days of the opening strikes, AI-generated video of missile impacts on the USS Abraham Lincoln was spreading across TikTok.  Fabricate

Cybersecurity researchers have spotted a sneaky new trick used by hackers to compromise developers’ computers.  This latest threat, which first appeared at the beginning of February 2026, involves malicious code hidden inside npm packages, which programmers use to create apps.  According to researchers at ReversingLabs, this specific attack, dubbed the Ghost campaign, tricks users into thinking they are installing a helpful tool.  The software is busy stealing private data in the background.[1]

On 24 March 2026, two versions of the litellm Python package on PyPI were found to contain malicious code.  The packages (versions 1.82.7 and 1.82.8) were published by a threat actor known as TeamPCP after they obtained the maintainer's PyPI credentials through a prior compromise of Trivy, an open source security scanner used in litellm's CI/CD pipeline.

The malicious versions were available for approximately three hours before PyPI quarantined the package. litellm is downloaded roughly 3.4 mill

A US federal jury in Los Angeles on 25 March 2026 found Meta and Google liable in a closely watched trial accusing social media platforms of designing their products to get young users addicted, awarding the plaintiff $3 million in damages.  Meta was ordered to pay 70% of the awarded compensatory damages, while Google is responsible for the rest.  The verdict came after nine days, roughly 43 hours, of deliberations.  The jury is expected to decide on punitive damages.  "For years, social media c

A cyber-criminal is attempting to sell a zero-day exploit targeting a Windows Remote Desktop Services (RDS) privilege escalation vulnerability for US$220,000 on a cybercrime forum.  The listing, identified by threat intelligence analysts, highlights the rapid commercialization of critical vulnerabilities within the criminal underground.  The sale was posted by a user registered under the name 'Kamirmassabi' in the "Malware, Exploits, Bundles, AZ, Crypt" section of a prominent dark web forum.  Th

A new iOS exploit chain and payload called ‘DarkSword’ is stealing sensitive personal information from iPhones running iOS 18.4 to 18.7.  The toolkit is linked to multiple threat actors, including Russian-aligned UNC6353, who previously leveraged a similar exploit chain called Coruna. DarkSword was subsequently uncovered while various researchers analyzed Coruna’s infrastructure.

In early November 2025, NC6748 used DarkSword against Saudi Arabian users via a Snapchat-themed website.  Subsequentl

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.

Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively new cybercrime group known as TeamPCP. In December 2025, the group began compromising corporate cloud environments using

In an increasingly interconnected, digital world, it's essential to make the right choices for your security on the Internet. There are good habits to get into to improve online safety, and you should keep your ear to the ground to know when a new threat has emerged or become more prevalent. For example, the Federal Bureau of Investigation recently warned that something as seemingly safe and secure as a home or small business Wi-Fi network could be in danger. This increasingly common criminal th

The Federal Bureau of Investigation (FBI) has officially confirmed that a limited number of its servers have been compromised in a cybersecurity incident.  The breach affected surveillance systems used by the FBI for lawful foreign intelligence interception operations, with investigators suspecting state-backed Chinese hackers based on suspicious activity patterns.  The security breach occurred during the second week of February 2026 and was detected on 17 February 2026.  The incident has raised

Hewlett Packard Enterprise (HPE) has released its inaugural cyber threat report, titled 'In the Wild', revealing a significant shift in the operational strategies of modern cyber adversaries.  Released on 17 March 2026, the research indicates that cybercrime groups are increasingly mirroring legitimate enterprise business models to maximize financial gain.  The report, based on an analysis of 1,186 active threat campaigns observed globally throughout 2025, suggests that the threat landscape has

You probably associate information security with desktops and laptops, business computers, and servers in datacenters.  Too often, we assume that our mobile devices are inherently more secure, probably because of how we interact with them.  But last week’s security news includes warnings for iPhone and Android users.  Just a reminder that no one is safe.

First, if you haven’t updated iOS, it’s time to do so.  Last week, it was reported that iPhone users running iOS 18.4 to 18.7 are vulnerable to

Cyfirma cybersecurity researchers have unveiled a detailed analysis of a new threat: TaxiSpy RAT, a sophisticated Android banking trojan with remote access capabilities.  This malware primarily targets Russian users and financial institutions, compromising apps related to banking, cryptocurrency, government services, and online marketplaces.  The report highlights how this threat exploits vulnerabilities to facilitate financial fraud, posing significant risks to individuals and organizations ali

Dutch intelligence agencies have revealed an extensive cyber campaign by Russian state-backed hackers aimed at infiltrating Signal and WhatsApp accounts of high-profile individuals worldwide.   The Military Intelligence and Security Service (MIVD) and General Intelligence and Security Service (AIVD) describe the effort as large-scale and ongoing, exploiting user vulnerabilities rather than app flaws.   The operation focuses on government officials, military personnel, and civil servants, with Du

Every time you check your bank balance online, send an email, or make a purchase with a credit card, your information is encrypted, a mathematical shield that keeps your data protected from prying eyes.  This encryption has worked extremely well for decades.  The algorithms safeguarding your most sensitive data would take today’s most powerful traditional computers millions of years to crack.  However, a new type of machine is emerging that could change everything.  That machine is the quantum c

In the ongoing conflict between the United States and Iran, cyber operations have emerged as a significant component alongside conventional military actions.  Operation Epic Fury, initiated on 28 February 2026, involved coordinated strikes that targeted key Iranian leadership and infrastructure, with digital disruptions playing a crucial role in limiting the adversary's response capabilities.  Iranian connectivity fell by at least 46% during the strikes, signaling intense cyber involvement.[1]

T