👉 What’s happening in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Chrome Extension Goes Rogue After Sale

Two Chrome extensions, QuickLens and ShotBird, recently transitioned to new ownership and were subsequently updated with malicious code. These compromised tools now allow attackers to bypass security headers, inject unauthorized scripts, and extract private data from nearly 8,000 users.

2. Web Exploits, Mimikatz Hit Asian Infra

A Chinese threat actor known as CL-UNK-1068 has spent years conducting a cyber espionage campaign against high-value organizations across South, Southeast, and East Asia. By targeting critical sectors like aviation, energy, and government using a mix of custom malware and open-source tools, the group maintains persistent access to steal sensitive data and credentials.

3. GitHub Malware Campaign Spreads BoryptGrab

Trend Micro discovered a campaign utilizing more than 100 GitHub repositories to distribute the BoryptGrab information stealer. This malware targets a wide range of sensitive data, including browser credentials, cryptocurrency wallets, system information, and personal files, often deploying a reverse SSH tunnel for persistent attacker access.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. TriZetto Breach Hits 3.4M Patients

A massive data breach at Cognizant’s TriZetto Provider Solutions has resulted in the exposure of sensitive medical and personal records for over 3.4 million individuals. Although the source of the intrusion remains unknown and no ransomware groups have claimed credit, the company has begun notifying the public of the security failure.

5. Children’s Council SF Breach Probe

The Children’s Council of San Francisco recently experienced a significant cyberattack where unauthorized users infiltrated their network and accessed sensitive personal information. This breach impacted clients and staff, potentially exposing data such as Social Security numbers and financial details, leading to ongoing investigations into legal claims for those affected.

6. HungerRush Breach Exposes 28M Users

HungerRush, a cloud-based point-of-sale platform catering to pizza and fast-casual chains, is reportedly the victim of a significant data breach. A threat actor on a cybercrime forum is currently advertising a database for sale that claims to hold sensitive records for more than 28 million customers and restaurant entities.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Russian Hackers Target Dutch Messaging

Dutch intelligence agencies warned on Monday that Russian state hackers are targeting Signal and WhatsApp accounts belonging to government officials, military staff, and journalists to bypass secure communications. Officials clarified that the hackers are not exploiting software vulnerabilities but are instead using social engineering tactics, such as impersonating support bots, to hijack individual user sessions and monitor private group chats.

8. Claude AI Finds 22 Firefox Bugs

Anthropic utilized the Claude Opus 4.6 AI model to identify 22 security vulnerabilities within the Firefox browser, many of which were categorized as high severity. Mozilla successfully resolved all of these discovered flaws with the release of Firefox 148 in January 2026.

9. Banks Must Refund Phishing Victims

Athanasios Rantos, the Advocate General of the Court of Justice of the EU, has issued a legal opinion stating that banks should immediately refund victims of unauthorized transactions even if the customer’s negligence is suspected. This preliminary guidance suggests that the burden of proof rests with the financial institution, which must first restore the funds before pursuing legal action to prove a customer’s gross negligence.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Monday, 9 March 2026 traded with mixed momentum as broader technology rotation continued. Ongoing geopolitical tensions and documented warnings about elevated state-linked cyber activity reinforced long-term enterprise and government security spending expectations, even as near-term investor sentiment remained cautious.

• Palo Alto Networks closed at 148.92 dollars and was modestly lower, as platform and integrated cloud security names remained sensitive to software sector volatility despite sustained enterprise demand.

• CrowdStrike closed at 371.98 dollars and moved lower, reflecting short-term pressure in high-growth endpoint and identity protection stocks amid broader tech rotation.

• Okta closed at 72.50 dollars and was softer, with identity and access management equities tracking overall market sentiment.

• Zscaler closed at 146.99 dollars and was lower, as zero-trust and secure access service edge names saw continued profit-taking.

• Fortinet closed at 79.03 dollars and edged down, with network security demand stable but shares pressured alongside broader tech names.

💡 Cyber Tip

🧩 Chrome Extensions Turn Malicious After Ownership Change

Two Chrome extensions, QuickLens and ShotBird, became malicious after being transferred to new owners. The updated versions inject scripts, bypass browser security protections, and collect sensitive browsing data from thousands of users.

🛠️ What You Should Do

• Remove QuickLens and ShotBird extensions immediately

• Audit all installed browser extensions for recent ownership changes

• Limit extensions to trusted developers and essential tools only

• Review extension permissions that allow access to all websites

• Monitor accounts for suspicious activity if the extensions were used

⚠️ Why This Matters
Extension ownership transfers can quietly turn legitimate tools into malware. Once compromised, these extensions can inject scripts into websites, steal session data, and track users across every page they visit.

Visit BookClub

📚 Cyber Book

Keep Your Kids Safe on Roblox by Fiona Stephens

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium