👉 What’s going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Teampcp Hacks Checkmarx via Stolen CI

Two GitHub Actions workflows maintained by Checkmarx have been compromised by a credential-stealing malware campaign orchestrated by the threat actor TeamPCP. This attack follows a similar breach of the Trivy vulnerability scanner and utilizes sophisticated exfiltration methods, including the use of typosquatted domains, to harvest a wide array of cloud and development secrets.

2. Citrix Warns of NetScaler Data Leak Flaw

Citrix has issued urgent security patches for two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that allows unauthenticated attackers to steal sensitive data from device memory. Because these devices are frequent targets for enterprise breaches, administrators are advised to verify their configurations and update to the latest firmware versions immediately.

3. NK Hackers Use VS Code Auto-Run Malware

North Korean threat actors known as WaterPlum are using malicious Microsoft Visual Studio Code projects to distribute a malware family called StoatWaffle. These attacks leverage a specific configuration file to automatically execute malicious code and download payloads whenever a developer opens the infected project folder.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. Verizon Customer Data Allegedly for Sale

A major data breach has allegedly hit Russell Cellular, one of the largest Verizon authorized retailers, potentially exposing the personal records of over 6.3 million customers. A database weighing 61GB and containing sensitive details like names, account numbers, and employee credentials is reportedly being sold on a cybercrime forum for $1,200.

5. Heritage Bank Breach Exposes SSNs

Heritage Bank, a community institution established in 1927, recently reported a security breach involving an internal file share server that occurred on March 1, 2026. After identifying the unauthorized access the following day, the bank launched an investigation which confirmed that sensitive employee and customer information was copied during the incident.

6. Moorhead Parks Vendor Hit by Cyberattack

The City of Moorhead recently announced that its third-party Parks and Recreation registration vendor, Sportsman Software, was the target of a cyber attack. While the city’s own internal systems remained secure, an investigation is underway to determine if any personal customer or employee data was compromised during the breach.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Russian Hacker Sentenced for Ransomware

A 26-year-old Russian national has been sentenced to 81 months in federal prison for serving as an initial access broker for major cybercrime organizations, including the Yanluowang ransomware group. His activities facilitated dozens of network breaches across the United States, resulting in over 9 million dollars in actual financial damages and significantly higher intended losses.

8. Hacker Steals $24.5M from Resolv

The decentralized finance platform Resolv recently suffered a major security breach where a hacker used a compromised private key to illicitly mint $80 million in uncollateralized USR stablecoins. This exploit caused the stablecoin to collapse from its dollar peg to approximately 26 cents after the attacker traded the fake assets for roughly $24.5 million in Ethereum.

9. Space Force Adds Cyber Launch Defense

The U.S. Space Force has officially stationed specialized cybersecurity squadrons at its major launch facilities in Florida and California to defend against digital interference. These teams are tasked with real-time monitoring of launch infrastructure to ensure that adversaries cannot disrupt or halt missions through network attacks.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks traded with a cautiously positive tone on Tuesday, 24 March 2026, as broader technology markets showed signs of stabilization following recent volatility.

• Palo Alto Networks closed near ~158–162 dollars and was slightly higher, as the stock continued to recover from prior post-earnings pressure tied to margin outlook adjustments.

• CrowdStrike ended near ~415–418 dollars and was modestly higher, with endpoint security names benefiting from improving sentiment in high-growth software.

• Okta closed near ~85–87 dollars and was slightly higher, as identity security stocks showed early signs of stabilization after recent declines.

• Zscaler traded near ~185–190 dollars and was higher, reflecting renewed interest in zero trust and cloud-native security platforms.

• Fortinet closed near ~84–86 dollars and was modestly higher, supported by steady demand for network security and SASE-driven solutions.

💡 Cyber Tip

💻 VS Code Projects Used to Spread Malware

North Korean hackers are hiding malware inside Visual Studio Code project files that automatically run when opened. This tactic uses a built-in configuration to execute malicious code silently, allowing attackers to steal data and gain remote access to a developer’s system.

🛠️ What You Should Do

• Avoid opening code projects from untrusted or unknown sources

• Review VS Code configuration files like tasks.json before running projects

• Disable auto-run tasks or restrict execution of unknown scripts

• Keep your system, VS Code, and security tools up to date

⚠️ Why This Matters
Developers often trust project files, making this attack especially dangerous. Once executed, the malware can steal credentials and give attackers full control, potentially compromising entire development environments or organizations.

Visit BookClub

📚 Cyber Book

Smart betting secret and scam expose by OG FSO

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium