FLASH NEWS 2026

DATE

NAME

INFO

CATEGORY

WEB

3.4.26 TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments     SANS
3.4.26 Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208)     SANS
1.4.26 TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows     SANS
1.4.26 Malicious Script That Gets Rid of ADS     SANS
31.3.26 Application Control Bypass for Data Exfiltration     SANS
31.3.26 TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released     SANS
29.3.26 TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours     SANS
28.3.26 TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim     SANS
28.3.26 TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available     SANS
26.3.26 Apple Patches (almost) everything again. March 2026 edition.     SANS

25.3.26

SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2)     SANS

25.3.26

Detecting IP KVMs     SANS

25.3.26

Tool updates: lots of security and logic fixes     SANS
20.3.26 GSocket Backdoor Delivered Through Bash Script     SANS
20.3.26 Interesting Message Stored in Cowrie Logs     SANS
19.3.26 Scans for "adminer"     SANS
19.3.26 IPv4 Mapped IPv6 Addresses     SANS
19.3.26 /proxy/ URL scans with IP addresses     SANS
14.3.26 SmartApeSG campaign uses ClickFix page to push Remcos RAT     SANS
14.3.26 A React-based phishing page with credential exfiltration via EmailJS     SANS
14.3.26 When your IoT Device Logs in as Admin, It?s too Late! [Guest Diary]     SANS
11.3.26 Microsoft Patch Tuesday March 2026     SANS
11.3.26 Analyzing "Zombie Zip" Files (CVE-2026-0866)     SANS
10.3.26 Encrypted Client Hello: Ready for Prime Time?     SANS
9.3.26 YARA-X's 1.14.0     UPDATE
5.3.26 Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary]     SANS
4.3.26 Want More XWorm?     SANS
3.3.26 Bruteforce Scans for CrushFTP     SANS
3.3.26 Wireshark 4.6.4 Released     UPDATE
3.3.26 Quick Howto: ZIP Files Inside RTF     SANS
27.2.26 Fake Fedex Email Delivers Donuts!     SANS
27.2.26 The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary]     SANS
27.2.26 Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary]     SANS
27.2.26 Open Redirects: A Forgotten Vulnerability?     SANS
27.2.26 Another day, another malicious JPEG     SANS
27.2.26 Japanese-Language Phishing Emails     SANS
13.2.26 AI-Powered Knowledge Graph Generator & APTs     SANS
12.2.26 Apple Patches Everything: February 2026    

OS PATCH

11.2.26 Microsoft Patch Tuesday - February 2026

OS PATCH

10.2.26

Quick Howto: Extract URLs from RTF files

SANS

10.2.26

YARA-X's 1.13.0 

UPDATE

4.2.26

CSNOG 2026

CONFERENCE

17.1.26

Wireshark 4.6.3 Released

UPDATE

17.1.26

January 2026 Microsoft Patch Tuesday Summary

OS PATCH

15.1.25

Ransowmare incident

RANSOMWARE

17.12.25

Microsoft December 2025 Patch

OS PATCH