👉 What's happening in cybersecurity today

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. APT37 Hacks Breach Air-Gapped Nets

North Korean hackers have deployed a sophisticated toolkit designed to bridge the gap between internet-connected and physically isolated systems via removable drives. Attributed to the state-backed group APT37, this campaign uses a series of specialized Ruby-based tools to conduct covert surveillance and move data across air-gapped environments.

2. North Korean Hackers Hide RAT In npm

Cybersecurity researchers have uncovered a new North Korean campaign called StegaBin that uses 26 malicious npm packages to target developers with credential stealers and remote access trojans. Attributed to the Famous Chollima group, the operation employs steganography to hide command-and-control addresses within seemingly innocent Pastebin essays.

3. Malicious Go Module Drops Rekoobe

Researchers have identified a deceptive Go module that mimics a legitimate library to steal passwords and establish permanent access on Linux systems. By disguising itself as a standard encryption dependency, the malware captures terminal inputs and installs a backdoor known as Rekoobe to facilitate remote control.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. MSG Entertainment Hit In Oracle Breach

The MSG Entertainment data breach involved the unauthorized access of sensitive information for 131,070 individuals after the Clop ransomware group exploited a zero-day vulnerability in a vendor-hosted Oracle eBusiness Suite. Between August and October 2025, attackers exfiltrated full names, physical addresses, and Social Security numbers, leading to formal notifications and a medium-severity classification due to the high risk of identity theft.

5. Denmark Schools Face Weeklong Outage

The Denmark School District in Wisconsin recently navigated a five-day internet outage caused by a cyber incident that began in late January. Without digital connectivity, the local school community was forced to utilize paper-based methods to continue daily instruction and administrative operations.

6. Cloud Imperium Confirms Data Breach

Cloud Imperium Games is facing significant backlash from its community after quietly revealing a data breach that occurred over a month ago. Players are frustrated by the studio’s decision to use a discreet service alert rather than a direct announcement to disclose that personal information, including names and contact details, was accessed by attackers.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. AWS Expands Security Hub Platform

The new AWS Security Hub Extended significantly reduces the operational burden of managing cross-domain security by offering a unified management console. This update allows organizations to correlate third-party security data and consolidate multiple vendor invoices into a single AWS bill.

8. Google Preps Quantum-Safe Chrome Certs

Google is updating Chrome’s security by transitioning to Merkle Tree Certificates to protect HTTPS connections against future quantum computing threats. This new approach replaces traditional certificate chains with lightweight proofs, ensuring that the shift to post-quantum cryptography does not compromise browser speed or performance.

9. Chilean Carding Operator Extradited

A 24-year-old Chilean citizen has been extradited to the United States to face federal charges for allegedly operating a sophisticated cybercrime network that trafficked stolen payment card data. The suspect is accused of using various online platforms and messaging channels to sell compromised financial information belonging to thousands of victims.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Tuesday, 3rd March 2026 traded with continued mixed momentum amid broader tech sector rotation and headline-driven volatility.

• Zscaler closed near 146 dollars and was softer, reflecting cloud zero-trust security stock sensitivity to broader software market volatility.

• Fortinet finished about 79 dollars and was relatively steady, with network security demand keeping the stock anchored amid mixed flows.

• Check Point Software Technologies closed near 152 dollars and was slightly lower, with defensive firewall and threat prevention demand holding up better than some peers.

• SentinelOne was around 13 dollars and traded modestly lower, as smaller AI-enabled endpoint names faced near-term selling pressure.

• Rapid7 traded at approximately 6 to 7 dollars and was moderately softer, with vulnerability management and SIEM exposures following broader mid-cap tech trends.

💡 Cyber Tip

💽 APT37 Hacks Breach Air-Gapped Networks

North Korean group APT37 has deployed a toolkit designed to compromise air-gapped systems using infected removable drives. The campaign installs a hidden Ruby-based framework that stages commands and exfiltrates data through USB devices, effectively bridging isolated and internet-connected environments without direct network access.

🛠️ What You Should Do

• Restrict and monitor the use of removable media in sensitive environments

• Disable automatic execution of shortcut files and PowerShell scripts

• Scan all USB devices before connecting them to secure systems

• Monitor for unauthorized scheduled tasks and unexpected Ruby installations

• Segment critical systems and enforce strict media handling policies

⚠️ Why This Matters
Air gaps are not absolute protection. By weaponizing USB drives as data bridges, attackers can bypass physical isolation controls and extract sensitive information from highly secured military and critical infrastructure networks.

Visit BookClub

📚 Cyber Book

AI Snake Oil by Arvind Narayanan & Sayash Kapoor

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium