Recon

Infosecurity211IN STACK · 2026-03-23 15:05

Trivy Supply Chain Attack Expands With New Compromised Docker Images

New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans

Infosecurity105 · 2026-03-23 10:30

CISA Orders US Government to Patch Maximum Severity Cisco Flaw

CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns

Huntress Blog48 · 2026-03-23 21:00

Threat Actors Abuse Railway.com PaaS as Microsoft 365 Token Attack Infrastructure

Railway PaaS is being weaponized as a clean token replay engine in an active AiTM and device code phishing campaign impacting 268+ M365 organizations and 100+ MSPs.

Palo Alto Unit 4243 · 2026-03-23 22:00

Google Cloud Authenticator: The Hidden Mechanisms of Passwordless Authentication

Explore Google’s synced passkey architecture. Unit 42 details its mechanisms, key management, and secure communication in passwordless systems." The post Google Cloud Authenticator: The Hidden Mechanisms of Passwordless Authentication appeared first on Unit 42 .

Huntress Blog37 · 2026-03-23 15:00

A _declassified Look Inside the Dark Economy of Cybercrime

Uncover the dark economy of cybercrime, from organized scam centers and the criminal customer journey to the use of generative AI in scaling attacks.

Krebs on Security35 · 2026-03-23 15:43

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

Huntress Blog34 · 2026-03-23 13:00

7 Key Manufacturing Cybersecurity Trends for 2026 | Huntress

Explore the latest manufacturing cybersecurity trends, from ransomware to OT takeovers, and real-world risks to production. Learn how to secure your plant.

SitePoint27 · 2026-03-23 13:56

Instructions vs. Skills in AI Agents

Learn the difference between AI agent instructions and skills — how instructions govern behavior and constraints while skills enable action, with real-world examples from support, research, and DevOps agents. Continue reading Instructions vs. Skills in AI Agents on SitePoint .

Infosecurity17 · 2026-03-23 15:35

High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports

High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024

[DRAGNET]17 · 2026-03-23 07:00

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started Microsoft

paper - Last paper15 · 2026-03-23 00:31

增强网络入侵检测系统：一种抵御对抗攻击的多层集成方法

作者：Nasim Soltani, Shayan Nejadshamsi等译者：知道创宇404实验室翻译组原文链接：https://arxiv.org/html/2603.10413v1/https://arxiv.org/html/2603.10413v1 摘要对抗样本会对机器学习（ML）算法构成严重威胁。若被用于操控基于机器学习的网络入侵检测系统（NIDS）行为，将危及网络安全。本研究旨...

Evil Martians15 · 2026-03-23 00:00

Product-market fit methodology for early-stage devtool companies

How do you measure product-market fit for a developer tool? A PMF scoring model from Evil Martians—a product development consultancy for developer tools startups—built on data from 37 devtools companies across AI, infrastructure, and cybersecurity. Five metrics, real benchmarks, and a dual score that tells you whether to invest in product or go-to-market.

Robin Wilson10 · 2026-03-23 16:23

How to bypass SSL for PROJ reprojection

A friend was using GDAL’s ogr2ogr command to import some data to PostGIS recently, and as part of the import they were doing a reprojection of the data. They got the following error: PROJ: Cannot open https://cdn.proj.org/uk_os_OSTN15_NTv2_OSGBtoETRS.tif: schannel: the certificate or certificate chain is based on an untrusted root They’ve had various SSL errors on […]

[DRAGNET]5 · 2026-03-23 07:00

Lockheed Martin targeted in alleged breach by pro-Iran hacktivist

Lockheed Martin targeted in alleged breach by pro-Iran hacktivist Cybersecurity Dive