News - Security Ticks

Microsoft flips Windows Autopatch to default hotpatch security updates

Microsoft, News, patch, Windows / SecurityTicks

Microsoft flips Windows Autopatch to default hotpatch security updates 2026-03-10 at 15:32 By Sinisa Markovic Microsoft is changing the default behavior in Windows Autopatch so that hotpatch security updates are enabled automatically for eligible devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. Windows Autopatch is […]

Microsoft flips Windows Autopatch to default hotpatch security updates Read More »

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts

account hijacking, AWS, Datadog, Don't miss, Hot stuff, News, phishing / SecurityTicks

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts 2026-03-10 at 15:22 By Zeljka Zorz Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs)

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts Read More »

Teen crew caught selling DDoS attack tools

cybercrime, DDoS, EU, law enforcement, News, poland / SecurityTicks

Teen crew caught selling DDoS attack tools 2026-03-10 at 15:07 By Sinisa Markovic Seven minors who distributed online programs designed to facilitate DDoS attacks have been identified by Poland’s Central Bureau for Combating Cybercrime (CBZC). They were between 12 and 16 at the time of the crime. CBZC officer during a cybercrime investigation (Source: Poland’s

Teen crew caught selling DDoS attack tools Read More »

New Claude tool uses AI agents to find bugs in pull requests

Anthropic, code review, News / SecurityTicks

New Claude tool uses AI agents to find bugs in pull requests 2026-03-10 at 13:01 By Anamarija Pogorelec Anthropic’s Claude Code Review is a new tool, available as a research preview beta for Team and Enterprise plans, that sends a team of AI agents to examine every pull request. “We needed a reviewer we could

New Claude tool uses AI agents to find bugs in pull requests Read More »

Phishing campaign spoofs local officials to steal permit fees

cybercrime, FBI, Government, News, phishing, scams, USA / SecurityTicks

Phishing campaign spoofs local officials to steal permit fees 2026-03-10 at 13:01 By Sinisa Markovic The FBI is warning about a phishing scheme in which cybercriminals impersonate city and county officials to solicit fraudulent payments for planning and zoning permits. Criminals mine publicly available permit data to find likely targets and make their outreach appear

Phishing campaign spoofs local officials to steal permit fees Read More »

This spy tool has been quietly stealing data for years

cybercrime, ESET, Keylogger, News, research, Russian Federation, Ukraine / SecurityTicks

This spy tool has been quietly stealing data for years 2026-03-10 at 13:00 By Help Net Security ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture has enabled sustained surveillance

This spy tool has been quietly stealing data for years Read More »

Cybersecurity jobs available right now: March 10, 2026

cybersecurity jobs, News / SecurityTicks

Cybersecurity jobs available right now: March 10, 2026 2026-03-10 at 08:33 By Anamarija Pogorelec Associate Director Application Security BioNTech | Germany | On-site – View job details As an Associate Director Application Security, you will lead application security strategy, standardize security processes, and drive vulnerability management across development environments. You will enable secure-by-design practices through

Cybersecurity jobs available right now: March 10, 2026 Read More »

Bug bounties are broken, and the best security pros are moving on

bug bounty, Cobalt, cybersecurity, News, penetration testing / SecurityTicks

Bug bounties are broken, and the best security pros are moving on 2026-03-10 at 08:33 By Anamarija Pogorelec Penetration testing engagements are organized as scheduled contracts with defined scope, set testing windows, and direct communication channels with client teams. Cobalt’s 2026 Pentester Profile Report describes growing preference for penetration testing as a service (PTaaS) and

Bug bounties are broken, and the best security pros are moving on Read More »

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, travel industry / SecurityTicks

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming 2026-03-10 at 08:30 By Mirko Zorz Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming Read More »

The people behind cyber extortion are often in their forties

cybercrime, cybersecurity, Don't miss, News, Orange Cyberdefense, report / SecurityTicks

The people behind cyber extortion are often in their forties 2026-03-10 at 08:00 By Anamarija Pogorelec Many cybercrime investigations end with arrests or indictments that reveal little about the people behind the operations. When authorities do disclose demographic details, the pattern that emerges does not match the common assumption that cyber offenders are mostly very

The people behind cyber extortion are often in their forties Read More »

Russian hackers crack into officials’ Signal and WhatsApp accounts

cyberattack, EU, government-backed attacks, News, phishing, Russian Federation, Signal, WhatsApp / SecurityTicks

Russian hackers crack into officials’ Signal and WhatsApp accounts 2026-03-09 at 17:02 By Sinisa Markovic Russian state hackers are trying to break into Signal and WhatsApp accounts used by diplomats, military staff, and government officials worldwide, Dutch intelligence agencies warned. They believe journalists and other people who attract attention from Moscow may also be affected.

Russian hackers crack into officials’ Signal and WhatsApp accounts Read More »

No more soft play, President Trump warns in new cyber strategy

cybersecurity, Government, News, strategy, USA / SecurityTicks

No more soft play, President Trump warns in new cyber strategy 2026-03-09 at 15:37 By Sinisa Markovic The White House released “President Trump’s Cyber Strategy for America,” a policy framework outlining the administration’s priorities for maintaining U.S. leadership in cyberspace. The seven-page cyber strategy commits to a coordinated, government-wide response to cyber threats that extends

No more soft play, President Trump warns in new cyber strategy Read More »

OpenWrt 25.12.0 ships with new package manager, built-in upgrade tool, support for 2200+ devices

hardware, networking, News, open source, OpenWRT, software, wireless, Zyxel / SecurityTicks

OpenWrt 25.12.0 ships with new package manager, built-in upgrade tool, support for 2200+ devices 2026-03-09 at 13:50 By Anamarija Pogorelec OpenWrt 25.12.0 is now available for download. The release incorporates over 4,700 commits since branching from OpenWrt 24.10. Package manager changes One of the most significant structural changes in 25.12.0 is the replacement of the

OpenWrt 25.12.0 ships with new package manager, built-in upgrade tool, support for 2200+ devices Read More »

More AI tools, more burnout! New research explains why

Artificial Intelligence, burnout, cybersecurity, generative AI, News / SecurityTicks

More AI tools, more burnout! New research explains why 2026-03-09 at 12:58 By Anamarija Pogorelec Workflows built around multiple AI agents and constant tool switching are adding cognitive strain across large enterprises. A recent Harvard Business Review analysis describes this pattern as “AI brain fry,” a form of mental fatigue tied to intensive use and

More AI tools, more burnout! New research explains why Read More »

Fake Claude Code install pages highlight rise of “InstallFix” attacks

Anthropic, Claude Code, Don't miss, Google Search, Hot stuff, malvertising, News, programming, Push Security, social engineering, software development / SecurityTicks

Fake Claude Code install pages highlight rise of “InstallFix” attacks 2026-03-09 at 12:58 By Zeljka Zorz Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting

Fake Claude Code install pages highlight rise of “InstallFix” attacks Read More »

OpenAI joins the race in AI-assisted code security

Artificial Intelligence, code review, cybersecurity, News, OpenAI / SecurityTicks

OpenAI joins the race in AI-assisted code security 2026-03-09 at 11:59 By Sinisa Markovic OpenAI introduced Codex Security⁠, an AI agent that reviews codebases to find, verify, and help fix software vulnerabilities. The launch comes a few weeks after rival Anthropic unveiled its Claude Code Security tool. Codex Security (Source: OpenAI) The feature is available

OpenAI joins the race in AI-assisted code security Read More »

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity

CISO, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, resilience, strategy, ThriveDX, tips / SecurityTicks

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity 2026-03-09 at 09:01 By Mirko Zorz Stu Hirst was already a CISO when he started to go deaf. It was 2023, and the hearing loss crept in over months, enough for him to adapt, to lean on hearing aids and captions, to quietly reorganize

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity Read More »

Turning expertise into opportunity for women in cybersecurity

conferences, Don't miss, Features, Hot stuff, News / SecurityTicks

Turning expertise into opportunity for women in cybersecurity 2026-03-09 at 08:32 By Mirko Zorz Speaker diversity in cybersecurity has been a talking point for over a decade, with panels, pledges, and dedicated conference tracks failing to produce change. Stages still skew heavily male, even as women represent millions of qualified professionals in the field. SheSpeaksCyber,

Turning expertise into opportunity for women in cybersecurity Read More »

Open-source tool Sage puts a security layer between AI agents and the OS

agentic AI, cybersecurity, Don't miss, Gen Digital, GitHub, Hot stuff, News, open source, software / SecurityTicks

Open-source tool Sage puts a security layer between AI agents and the OS 2026-03-09 at 08:06 By Anamarija Pogorelec Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing. Open-source project Sage inserts an interception layer between an AI agent

Open-source tool Sage puts a security layer between AI agents and the OS Read More »

Product Showcase: Fing Desktop puts network visibility on your screen

cybersecurity, Fing, monitoring, network, News, Product showcase / SecurityTicks

Product Showcase: Fing Desktop puts network visibility on your screen 2026-03-09 at 07:48 By Anamarija Pogorelec Phones, laptops, smart TVs, cameras, and smart home equipment all use the same network. Knowing what’s connected helps users manage performance and security. Fing Desktop provides tools that identify devices, test connectivity, and analyze network activity. Account creation The

Product Showcase: Fing Desktop puts network visibility on your screen Read More »