👉 What’s happening in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Threat Actors Scan Salesforce AuraInspector

Salesforce has reported that hackers are using a modified version of the open-source tool AuraInspector to scan for and exploit misconfigured Experience Cloud sites. By targeting overly permissive guest user settings, these attackers can bypass standard restrictions to scrape sensitive data from public-facing profiles.

2. CISA Flags Actively Exploited Vulns

The U.S. Cybersecurity and Infrastructure Security Agency has expanded its list of actively exploited vulnerabilities by adding three specific flaws affecting Omnissa, SolarWinds, and Ivanti products. Federal agencies are now required to patch these security gaps within the month to mitigate the risk of data breaches and ransomware attacks.

3. UNC4899 Hits Crypto Firm via Trojan

A state-sponsored North Korean threat actor known as UNC4899 recently executed a sophisticated cloud compromise against a cryptocurrency firm to facilitate a multi-million dollar theft. The operation was characterized by a complex progression from social engineering a single developer to manipulating core cloud databases through advanced technical pivots.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. Beaver County College Hit by Ransomware

The Community College of Beaver County is currently paralyzed by a ransomware attack that has encrypted its entire data system and resulted in a ransom demand from unidentified hackers. College officials have shut down the campus and restricted all network access while working with insurance investigators to recover vital records including grades, transcripts, and financial information.

5. Cyberattack Costs Laurens County $1.5M

Laurens County has filed a legal claim against unidentified cyber criminals after falling victim to a fraudulent scheme that resulted in the loss of over 1.5 million dollars. The county is seeking to recover the stolen funds through emergency legal action while pursuing damages and investigative costs.

6. Ericsson US Confirms Third-Party Breach

Ericsson’s U.S. subsidiary recently disclosed a data breach resulting from a cyberattack on one of its external service providers. The incident led to the unauthorized access of personal data belonging to an undisclosed number of employees and customers.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Tycoon 2FA Phishing Platform Disrupted

A major law enforcement and industry collaboration spearheaded by Microsoft and Europol has successfully dismantled Tycoon 2FA, a massive phishing-as-a-service operation targeting over 500,000 organizations. By taking down this infrastructure, authorities have neutralized a platform that was responsible for tens of millions of fraudulent emails and tens of thousands of compromised accounts worldwide.

8. Microsoft Enables Windows Hotpatches

Starting in May 2026, Microsoft will enable hotpatch security updates by default for eligible Windows devices managed via Microsoft Intune and the Microsoft Graph API. This transition utilizes Windows Autopatch to deliver updates that eliminate the need for immediate system restarts, significantly accelerating the patch compliance process for organizations.

9. Teams to Tag Third-Party Bots

Microsoft is preparing to launch a security update for Teams that identifies and labels third-party bots waiting in meeting lobbies. This enhancement gives organizers the power to vet automated accounts separately from human participants to prevent unauthorized access.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Tuesday, 10 March 2026 traded with mixed performance amid ongoing technology rotation and selective sector optimism.

• Okta closed at 73.85 dollars and edged lower, as identity and access management stocks tracked broader tech sentiment.

• Zscaler closed at 149.22 dollars and was slightly higher, with zero-trust and secure access demand providing underlying support.

• Fortinet closed at 83.94 dollars and moved higher, benefiting from steady network security demand and defensive positioning.

• Check Point Software Technologies closed at 153.60 dollars and was modestly higher, supported by its firewall and threat prevention portfolio.

• SentinelOne closed at 13.28 dollars and moved higher, as selective buying returned to AI-driven endpoint security names.

• Rapid7 closed at 6.41 dollars and was slightly lower, reflecting continued volatility in mid-cap vulnerability management stocks.

💡 Cyber Tip

☁️ Threat Actors Scan Salesforce AuraInspector

Salesforce warns that attackers are using a modified version of AuraInspector to scan Experience Cloud sites for misconfigured guest access. If guest user permissions are too broad, attackers can scrape sensitive CRM data such as employee details and internal records.

🛠️ What You Should Do

• Audit Experience Cloud guest user permissions immediately

• Set default external access for CRM objects to private

• Disable guest access to public APIs where possible

• Monitor logs for high-volume or unusual queries

• Apply least-privilege policies to all external user profiles

⚠️ Why This Matters
This attack does not exploit a software bug but misconfigurations. Exposed guest permissions can allow attackers to harvest internal data and use it for phishing, vishing, or deeper intrusion attempts.

Visit BookClub

📚 Cyber Book

Protecting Your Digital Footprint by Nicholas Lucia

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium