👉 What’s going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Hackers Use Fake Resumes to Breach

A phishing campaign named FAUX#ELEVATE is currently targeting French corporations by using malicious resume files to install data stealers and cryptocurrency miners. These attacks use sophisticated evasion techniques and legitimate cloud services to bypass security measures and quickly compromise enterprise workstations.

2. Ghost Campaign Uses npm to Steal Crypto

Cybersecurity researchers have identified a malicious campaign named Ghost that uses deceptive npm packages to steal cryptocurrency wallets and sensitive user data. These packages, often masquerading as legitimate developer tools or AI utilities, trick users into providing administrative passwords to execute a multi-stage infection process on macOS and Linux systems.

3. TeamPCP Backdoors LiteLLM via Trivy

TeamPCP, the group responsible for attacking Trivy and KICS, recently compromised the popular Python package litellm by releasing two malicious versions on PyPI. These tainted updates, versions 1.82.7 and 1.82.8, included a sophisticated toolkit designed to harvest credentials, move laterally through Kubernetes clusters, and establish a persistent backdoor.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. Dutch Finance Ministry Probes Breach

Dutch authorities are currently investigating a cyberattack on the Ministry of Finance after unauthorized access to several internal systems was discovered last week. While investigators work to determine the extent of the data exposure, primary government services like taxation and customs remain fully operational and unaffected.

5. Lapsus$ Claims AstraZeneca Hack

The cybercriminal group Lapsus$ has allegedly breached the pharmaceutical giant AstraZeneca, claiming to have exfiltrated roughly 3GB of internal data. This purported theft includes a variety of sensitive assets such as internal source code, employee records, and various system credentials.

6. Kaplan Breach Exposes 230K Records

Kaplan is currently managing a major data breach that exposed the personal records of more than 230,000 individuals across multiple states. The company discovered that hackers had access to their systems for three weeks in late 2025, stealing sensitive data including Social Security numbers and driver’s license information.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. FCC Bans Foreign Routers Over Risks

The FCC has announced a ban on the importation of new foreign-made consumer routers, citing severe risks to national security and critical infrastructure. New models will be prohibited from the U.S. market unless they receive specific conditional approval from federal agencies after a rigorous safety determination.

8. Verdict Says Meta Harmed Children

A jury in New Mexico recently ruled that Meta Platforms is liable for failing to protect minors from online risks such as sexual exploitation and human trafficking. The court ordered Meta to pay 375 million dollars in civil penalties for misleading the public about safety and violating consumer protection laws.

9. Crypto Fugitive Seeks U.S. Pardon

A lobbying firm based in Washington, D.C., is reportedly seeking a presidential pardon for Andean Medjedovic, a Canadian man wanted for a multi-million dollar cryptocurrency exploit. Documents filed with the U.S. Department of Justice reveal that the firm intends to pressure government officials to clear the 23-year-old of federal charges.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Wednesday, 25th March 2026, declined broadly in the latest session as weakness across the broader technology sector weighed on high-growth software names.

• Okta closed near ~83–85 dollars and declined, with identity security stocks tracking broader SaaS multiple compression.

• Zscaler traded near ~178–182 dollars and was lower, reflecting continued pressure on premium cloud security valuations.

• Fortinet closed at 79.34 dollars and declined, underperforming alongside broader market weakness and sector peers.

• Check Point Software Technologies closed near ~162–164 dollars and was slightly lower, showing relatively defensive movement but still aligned with sector trends.

• SentinelOne traded near ~13 dollars and declined, as unprofitable growth cybersecurity firms remained under pressure.

💡 Cyber Tip

📄 Fake Resumes Used to Hack Companies

Hackers are sending fake resume files in phishing emails to trick employees into opening malicious scripts. Once opened, the file silently disables security, steals data, and installs crypto miners, targeting corporate systems within seconds.

🛠️ What You Should Do

• Do not open resume files or attachments from unknown or unverified senders

• Verify job applications through official channels before downloading files

• Block or restrict script files like .vbs from email attachments

• Monitor systems for unusual security changes or disabled antivirus

⚠️ Why This Matters
These attacks combine social engineering with stealthy malware to quickly compromise enterprise systems. A single click can lead to data theft, financial loss, and long-term unauthorized access inside corporate networks.

Visit BookClub

📚 Cyber Book

Wired for Risk: The Rise of Online Gambling Addiction by Adam LeMoine

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium