👉 What’s trending in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Ubuntu CVE-2026-3888 Root Exploit

A high-severity vulnerability in default Ubuntu Desktop installations starting from version 24.04 allows local users to gain full root access by exploiting a flaw in how system components interact. By manipulating the timing of temporary file cleanup processes, an attacker can bypass security sandboxes to execute malicious code with administrative privileges.

2. Apple Fixes WebKit Security Flaw

Apple has launched its initial set of Background Security Improvements to resolve a critical cross-origin vulnerability within the WebKit engine across its major operating systems. These lightweight patches specifically target a flaw discovered by researcher Thomas Espach that could allow malicious web content to bypass standard security boundaries.

3. LeakNet Ransomware Uses ClickFix Tactic

The ransomware group LeakNet is now using the ClickFix social engineering technique to gain initial access by tricking users on compromised websites into executing malicious commands. This shift toward self-managed access methods reduces their reliance on external brokers and uses a JavaScript-based loader to run payloads directly in memory.

For more alerts click here!

Click Here to RSVP

💥 Cyber Incidents

4. Intuitive Reports Data Breach

Intuitive, a leader in robotic surgical systems, recently experienced a data breach after a targeted phishing attack compromised an employee account. While internal business and employee data were accessed, the company confirmed that its surgical platforms and hospital networks remained secure and unaffected due to strict network segmentation.

5. China-Linked Group Steals $7M Crypto

A Chinese hacker group operating under the guise of a legitimate cybersecurity firm allegedly stole 7 million dollars through wallet supply chain attacks targeting platforms like Trust Wallet. The operation was exposed after an internal dispute over profit sharing prompted a whistleblower to leak details of the group’s illicit activities and technical methods.

6. Medusa Ransomware Claims New Victims

A notorious cybercriminal organization has claimed responsibility for major ransomware attacks targeting the primary medical center in Mississippi and a high-population county in New Jersey. These incidents forced critical infrastructure to go offline, disrupting essential healthcare services and government operations while the attackers demanded substantial ransom payments.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Apple Releases Security Update.

Apple has launched a new Background Security Improvements update to resolve a WebKit vulnerability known as CVE-2026-20643 across iPhone, iPad, and Mac devices. This delivery method allows the company to patch critical flaws in system libraries and browser components without requiring users to perform a full operating system upgrade or restart.

8. Feds Charge DigitalMint Negotiator

Angelo John Martino III, a 41-year-old former negotiator at DigitalMint, faces federal charges for allegedly orchestrating at least 10 ransomware attacks that netted $75.25 million in payments. Prosecutors claim he played both sides by negotiating on behalf of victims he had personally targeted through his secret affiliation with the ALPHV ransomware group.

9. Convicted Scammer Runs New Scam From Prison

A 34-year-old Georgia man allegedly defrauded professional athletes and an OnlyFans model by impersonating an adult film star to steal financial data and engage in sex trafficking. Kwamaine Jerell Ford is accused of running this extensive social-engineering scheme for nearly four years, beginning while he was still serving a federal prison sentence for a similar phishing scam.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks traded with a cautious tone on Wednesday, 18 March 2026, as broader technology markets remained volatile following recent earnings reactions and valuation resets.

• CrowdStrike ended near ~408–412 dollars and was lower, as high-growth endpoint security names continued to see mild profit-taking.

• Okta closed at 84.91 dollars and declined, with identity security stocks remaining sensitive to broader SaaS multiple compression.

• Zscaler traded near ~180–185 dollars and was lower, reflecting continued pressure on premium cloud security valuations during tech rotation.

• Fortinet closed at 84.26 dollars and declined, tracking broader weakness across network security and enterprise IT spending sentiment.

• Check Point Software Technologies closed at 164.47 dollars and declined, showing relatively defensive but still negative movement in line with sector trends.

💡 Cyber Tip

🚨 Ransomware Uses Fake “Fix” Trick to Hack Users

The LeakNet ransomware group is using a ClickFix tactic that tricks users into running malicious commands through fake error messages or CAPTCHA prompts on compromised websites. By making the action look like a normal system fix, attackers can gain access without exploiting software vulnerabilities.

🛠️ What You Should Do

• Never run commands from pop-ups, websites, or unknown instructions

• Close suspicious pages that ask you to “fix” errors manually

• Train users to recognize social engineering tactics like fake CAPTCHA or alerts

• Use endpoint protection that detects unusual command execution

⚠️ Why This Matters
This tactic bypasses traditional security by targeting human behavior instead of software flaws. Once access is gained, attackers can move through systems and deploy ransomware, leading to data loss and operational disruption.

Visit BookClub

📚 Cyber Book

Digital Security for Celebrities by Martín Obiols Herrera

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium