👉 What's happening in cybersecurity today

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Tech Support Spam Spreads Wide Havoc C2.

Cybersecurity researchers have uncovered a sophisticated campaign where attackers pose as IT support staff to deploy the Havoc command-and-control framework. These actors use overwhelming email spam to create a fake technical issue, then call the victim to offer a fraudulent solution that leads to total system compromise.

2. Starkiller Phishing Bypasses MFA

Cybersecurity researchers have identified a new phishing platform called Starkiller that uses a reverse proxy to bypass multi-factor authentication by streaming live content from legitimate websites. This tool, along with the evolving 1Phish kit, represents a shift toward phishing-as-a-service models that allow low-skill attackers to execute sophisticated account takeovers at scale.

3. CyberStrikeAI Targets FortiGate Globally

Recent investigations have revealed that the mass compromise of over 600 Fortinet FortiGate appliances was facilitated by an open-source, AI-native offensive security platform known as CyberStrikeAI. Developed by a Chinese programmer with suspected ties to state-sponsored operations, the tool allowed Russian-speaking threat actors to automate vulnerability scanning and exploitation across dozens of countries.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. AkzoNobel Confirms U.S. Cyberattack

AkzoNobel recently confirmed a targeted cyberattack on one of its facilities in the United States following claims of a data breach by the Anubis ransomware group. The company reported that the intrusion was quickly isolated to a single site and that the overall impact remains limited.

5. Facebook Hit By Global Service Outage

Users across the globe were unable to access their Facebook accounts following a significant technical disruption that began in the late afternoon. The issue lasted for several hours before being resolved, though the company has not yet disclosed the specific cause of the failure.

6. LexisNexis Confirms Data Breach

LexisNexis Legal and Professional recently confirmed a data breach after a threat actor known as FulcrumSec leaked approximately 2GB of stolen files onto underground forums. The company reported that while unauthorized access to its AWS infrastructure occurred, the compromised data was largely legacy information from before 2020.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Mobile Man Pleads Guilty To Cyber Crimes

A 22-year-old man from Mobile recently pleaded guilty to federal charges involving computer fraud, extortion, and cyberstalking. For three years, he hijacked the social media accounts of hundreds of young victims to steal private images and use them as leverage for further exploitation.

8. Iranian Strikes Expose Cloud Vulnerability

Recent drone attacks targeting Amazon Web Services facilities in the United Arab Emirates and Bahrain have caused physical infrastructure damage and localized service interruptions. This incident underscores the growing presence of cloud infrastructure in the Middle East while highlighting the physical risks these critical hubs face during regional conflicts.

9. UK NCSC Warns of Iranian Cyber Threats

The National Cyber Security Centre in the United Kingdom has issued a warning regarding a heightened risk of Iranian cyber activity linked to growing instability in the Middle East. While the direct threat level to the British mainland remains stable for now, officials caution that the geopolitical landscape is shifting quickly and could impact domestic security.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Wednesday, 4 March 2026 traded with continued volatility as rotation in technology equities persisted, influenced by investor reactions to recent earnings, AI-driven competitive narratives, and broader profit-taking in high-beta software sectors.

• CrowdStrike Holdings Inc finished around ~372-395 dollars and trended softer, as profit-taking in cloud-native endpoint and identity protection stocks persisted amid broader tech weakness.

• Okta Inc was near ~72-75 dollars and edged lower, with identity and access management equities tracking mixed sector flows.

• Zscaler Inc closed around ~146-150 dollars and moved lower, reacting to broader software volatility despite solid fundamentals reported recently.

• Fortinet Inc finished near ~79-81 dollars and was modestly down, with network security names pressured alongside broader tech contracts.

• SentinelOne Inc traded near ~13-14 dollars and was softer, as smaller AI-enabled endpoint security names saw risk-off flows.

💡 Cyber Tip

💽 The “Help Desk” Trap: Defending Against Socially Engineered Havoc

Cybersecurity researchers have identified a dangerous new campaign where attackers flood an employee’s inbox with spam to simulate a technical crisis. Once the victim is overwhelmed, the attackers call posing as IT support to “fix” the problem, ultimately deploying the Havoc command-and-control framework to seize the entire network.

🛠️ What You Should Do

• Verify the Caller: Never trust an unsolicited call from “IT Support.” Hang up and call your organization’s official help desk line directly to verify the issue.

• Audit Remote Access: Restrict the use of remote desktop tools like Quick Assist, AnyDesk, or TeamViewer to authorized personnel only via Group Policy.

• Scrutinize “Update” Prompts: Be wary of websites asking you to “update spam filters” or “sync passwords” via a button click, as these often execute malicious scripts.

• Report “Email Bombing”: If you receive a sudden deluge of hundreds of spam emails, do not interact with them; report the incident to your security team immediately as it may be the precursor to a targeted phone call.

• Implement MFA: Ensure Multi-Factor Authentication is enforced across all systems to prevent attackers from using harvested credentials to move laterally.

⚠️ Why This Matters
This tactic bypasses traditional firewalls by exploiting human trust and the urgency of a perceived technical failure. Because attackers can move from a single phone call to compromising multiple endpoints in under 12 hours, rapid employee awareness is the only way to stop the breach before it turns into a full-scale ransomware event.

Visit BookClub

📚 Cyber Book

Roblox Safety Made Easy by Eliza Trenholm

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium