👉 What's going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Bearlyfy Targets 70+ Firms With Ransomware

The pro-Ukrainian hacking collective Bearlyfy has executed over 70 cyber attacks against Russian enterprises since its emergence in early 2025, recently deploying a proprietary ransomware known as GenieLocker. Operating with the dual motives of financial extortion and political sabotage, the group has evolved from targeting small businesses to compromising major corporations with ransom demands reaching hundreds of thousands of dollars.

2. LangChain, LangGraph Flaws Expose Data

Researchers have identified three critical security flaws in the LangChain and LangGraph frameworks that could allow unauthorized access to sensitive system files and private data. These vulnerabilities impact widely used tools for building AI applications, potentially exposing environment secrets and entire conversation histories to attackers.

3. Red Menshen Uses BPFDoor For Telecom Spy

A persistent espionage campaign by a Chinese-affiliated threat group has successfully infiltrated telecommunications networks across Asia and the Middle East to monitor government communications. By utilizing advanced kernel-level backdoors like BPFDoor, the attackers maintain invisible, long-term access to critical infrastructure without traditional detection signatures.

For more alerts click here!

Subscribe Now

💥 Cyber Incidents

4. Maine Agency Hit By Russian Ransomware

The Maine-based mental health provider AMHC recently suffered a ransomware attack reportedly carried out by the Russia-linked cybercrime group Qilin. Although the organization is investigating the network disruption with specialists, they have declined to negotiate with the hackers despite being listed on a dark web leak site.

5. Ransomware Disrupts Spain’s Vigo Port

A ransomware attack has crippled digital systems at Spain’s Port of Vigo, forcing the isolation of its computer servers and a shift to manual cargo management. Although physical ship movements continue, officials have refused to restore network connections until they receive absolute security guarantees, leaving logistics coordination dependent on paper documentation.

6. Ransomware Hits Museum Ticket Systems

The recent ransomware attack on Viva Ticket highlights the critical need for robust cybersecurity measures across both internal systems and external partnerships. The breach impacted approximately 3,500 partners, including prestigious institutions like the Louvre, demonstrating how a single point of failure can disrupt an entire network of high-profile venues.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. $20B Crypto Scam Market Faces Crackdown

British authorities recently sanctioned Xinbi Guarantee, a massive Telegram-based marketplace that processed approximately $20 billion in illicit transactions. This Chinese-language platform served as a critical backbone for global cybercrime by facilitating money laundering and the sale of equipment used in human trafficking and scam operations.

8. Russian National Faces Prison In Botnet Case

A Russian national has been sentenced to two years in a United States federal prison and ordered to pay $1.6 million for his role in a major ransomware and botnet operation. Ilya Angelov pleaded guilty to managing the Mario Kart botnet, which compromised dozens of American corporate networks and facilitated millions of dollars in extortion payments.

9. Chinese Hackers In Telecom Backbone

A China-linked espionage group has embedded kernel-level implants and passive backdoors within global telecommunications infrastructure to maintain long-term access. These sophisticated sleeper cells target high-level government networks and critical environments using stealthy tools designed to inhabit systems rather than just breach them.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks were mixed to slightly higher on Friday, 27 March 2026, even as broader U.S. markets faced pressure from geopolitical tensions and rising oil prices.The sector showed relative resilience, with selective gains across endpoint, cloud, and identity security names.

• Zscaler closed at 141.50 dollars and was higher, with the stock recovering despite continued caution around premium cloud security valuations.

• Fortinet closed at 81.03 dollars and was higher, showing relative stability as investors balanced macro pressure against ongoing network and platform security demand.

• Check Point Software Technologies closed at 142.82 dollars and was higher, with its more defensive positioning helping it hold up better during the broader tech selloff.

• SentinelOne closed at 13.40 dollars and was slightly higher, indicating selective buying in endpoint security despite the risk-off market tone.

• Rapid7 closed at 5.70 dollars and was higher, outperforming the broader market even as mid-cap software names remained volatile.

💡 Cyber Tip

🤖 AI Framework Flaws Could Leak Sensitive Data

Critical vulnerabilities in LangChain and LangGraph could allow attackers to access system files, API keys, and even private AI conversation histories. These flaws impact widely used AI development tools and can expose sensitive data if left unpatched.

🛠️ What You Should Do

• Update LangChain and LangGraph to the latest patched versions

• Avoid loading untrusted templates or external data into AI workflows

• Secure and rotate API keys and environment secrets regularly

• Restrict database and file access permissions in your deployments

⚠️ Why This Matters
These flaws can expose sensitive internal data and AI interactions without obvious signs of compromise. In enterprise environments, this could lead to data leaks, credential theft, and deeper system access for attackers.

Visit BookClub

📚 Cyber Book

Don't Click That by Matthew F

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium