NewsNukem
$ BREAKING

Tracking Pixels Exposed: How Meta and TikTok Harvest User Data Beyond Their Platforms

Meta and TikTok use tracking pixels to harvest sensitive user data including credit card info and locations from external websites, extending surveillance beyond social platforms.

privacy6 min read · Mar 19, 2026Read More →
Security Tools & GuidesNation-State & APTData Breaches & LeaksIndustry & RegulationCloud SecurityIoT & Hardware SecurityRansomwareAI Security & ThreatsVulnerabilities & ExploitsMalware & RansomwarePrivacy & Surveillance
'InstallFix' Campaign Exploits AI Coding Tools to Spread Malware via Fake Claude Sites
malware
brief

'InstallFix' Campaign Exploits AI Coding Tools to Spread Malware via Fake Claude Sites

New 'InstallFix' campaign uses fake Claude AI sites and malvertising to trick developers into executing malicious code, exploiting trust in AI coding tools.

2 min readMar 19
Xygeni GitHub Action Compromised Via Tag Poison Attack: Critical Supply Chain Breach Exposes Enterprise Security Risks
vulnerabilities
analysis

Xygeni GitHub Action Compromised Via Tag Poison Attack: Critical Supply Chain Breach Exposes Enterprise Security Risks

Xygeni's GitHub Action fell victim to tag poisoning attack, allowing C2 implant to operate for a week, highlighting critical supply chain vulnerabilities.

5 min readMar 19
Unmasking 'Dort': The Elusive Mastermind Behind the Kimwolf Botnet Empire
vulnerabilities
analysis

Unmasking 'Dort': The Elusive Mastermind Behind the Kimwolf Botnet Empire

The mysterious 'Dort' controls the world's largest botnet, escalating from DDoS attacks to real-world swatting incidents against security researchers.

5 min readMar 19
How Ceros Gives Security Teams Visibility and Control Over Claude Code AI Agents
ai security
analysis

How Ceros Gives Security Teams Visibility and Control Over Claude Code AI Agents

Ceros provides critical visibility and control over AI coding agents like Claude Code, addressing security gaps as these autonomous tools proliferate in enterprises

5 min readMar 19
AI Browser Vulnerability Exposed: Perplexity's Comet Tricked Into Phishing Scam in Under Four Minutes
ai security
analysis

AI Browser Vulnerability Exposed: Perplexity's Comet Tricked Into Phishing Scam in Under Four Minutes

Security researchers successfully manipulated Perplexity's Comet AI browser into falling for phishing scams in under four minutes, exposing critical vulnerabilities.

5 min readMar 19
Interlock Ransomware Exploits Critical Cisco FMC Zero-Day CVE-2026-20131 for Root Access
ransomware
analysis

Interlock Ransomware Exploits Critical Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Amazon warns of active Interlock ransomware exploiting critical Cisco FMC zero-day CVE-2026-20131 (CVSS 10.0) for unauthenticated root access via insecure deserialization.

5 min readMar 19
ransomware
analysis

Marquis Ransomware Attack Exposes 672,000 Records, Disrupts 74 US Banks

Texas financial services provider Marquis reveals ransomware attack exposed 672,000 records and disrupted operations at 74 US banks, highlighting supply chain risks.

4 min readMar 19
ransomware
analysis

Please Don't Feed the Scattered Lapsus ShinyHunters: The Rise of a Ruthless Ransomware Gang

Scattered Lapsus ShinyHunters represents a dangerous evolution in ransomware tactics, combining traditional cyberattacks with real-world harassment and swatting

5 min readMar 19
iot security
analysis

Kimwolf Botnet Infiltrates 2 Million IoT Devices in Critical Infrastructure Networks

Kimwolf botnet compromises 2M+ IoT devices in govt/corporate networks, enabling DDoS attacks & malicious traffic relay through sophisticated lateral movement.

6 min readMar 19
iot security
analysis

International Law Enforcement Dismantles SocksEscort Botnet: 369,000 Compromised IPs Used for Global Cybercrime

International law enforcement dismantles SocksEscort botnet that compromised 369,000 IPs across 163 countries, enabling large-scale fraud through infected routers.

4 min readMar 19
iot security
analysis

Unmasking Badbox 2.0: How Kimwolf Gang's Bragging Revealed the Android TV Botnet Operators

Kimwolf botnet operators accidentally exposed Badbox 2.0's Android TV streaming device botnet through bragging screenshots, giving FBI and Google new leads.

6 min readMar 19
cloud security
analysis

AI-Powered Attackers Outpace Patching: Bug Exploitation Now Top Google Cloud Attack Vector

AI empowers attackers to exploit cloud vulnerabilities faster than patching cycles, making bug exploitation the top Google Cloud attack vector, surpassing credential theft.

6 min readMar 19