Technology background with national flag of Iran. 3D rendering

(Adobe Stock)

Iran-backed Handala uses Telegram for C2 to push malware, FBI says

Steve ZurierMarch 23, 2026

FBI warns Iran-linked hackers use Telegram as stealthy malware C2, evading detection.

RESOURCES

Data Security
Your DLP can’t stop a smartphone: The data-leak crisis no one talks about
Governance, Risk and Compliance
Building institutional capacity: Why AI-augmented security is the new standard
Automated penetration testing
Why traditional VAPT is falling behind in the age of AI-built software
Identity
Thwarting AI-powered attacks: How identity management can help
Application security
Hard to handle: Securing AI-generated code and the AI agents that write it

PODCASTS

AI/ML
Can AI help critical infrastructure, the state of the cyber market, and weekly news – Kara Sprague, Mike Privette – ESW #451
Vulnerability Management
Ahab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet – SWN #565
AI/ML
Hacking IP KVMs & Reversing with Radare2 – Sergi Àlvarez – PSW #918
Leadership
Language of the Board as CISO-Board Time Falls Short and CISOs Struggle with Risk – Ben Wilcox – BSW #439
Vulnerability Management
AI Spicy Mode, Steam, Glassworm, Samsung, Stryker, Waymo, Cole Porter, and More – SWN #564

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Vulnerability Management

Critical Langflow RCE vulnerability exploited within 20 hours

Laura FrenchMarch 20, 2026

CVE-2026-33017 could enable an unauthenticated attacker to execute arbitrary Python code on the server.

Internet of Things (IoT)

Network Security

US, Canada and Germany take down four large DDoS botnets

Steve ZurierMarch 20, 2026

Experts warn that the botnet operators will likely regroup and come back stronger, armed with AI.

(Credit: Kateryna – stock.adobe.com)

Threat Management

Fake interactive Zoom call leads to malicious ScreenConnect download

Laura FrenchMarch 20, 2026

JavaScript is used to imitate a glitchy Zoom call, prompting the user to install an “update.”

Critical Infrastructure Security

Lack of CISA leadership amid DHS shutdown raises risks, cyber pros say

Steve ZurierMarch 19, 2026

CISA operates short-staffed without a director, raising concerns over cyber risk.

Beast Ransomware’s toolkit revealed by exposed directory

Laura FrenchMarch 19, 2026

Researchers tracked the group’s tooling from reconnaissance to encryption.

Close-up of Apple MacOS Dock with Finder icon selected and mouse cursor hovering

Application security

Apple rolls out ‘Background Security Improvements’ for WebKit browser engine bug

Steve ZurierMarch 18, 2026

Apple shifts to more continuous security patches versus waiting for the next big OS release.

AI coding assistants twice as likely to leak secrets, as overall leaks rise 34%

Laura FrenchMarch 18, 2026

A total of 28.65 million hardcoded secrets were found in public GitHub commits in 2025.

stethoscope on technology background

Threat Management

Stryker cyberattack contained, but experts warn repair costs could soar

Steve ZurierMarch 17, 2026

Security pros call “containment” victory claim hollow as recovery could cost multi-millions.

EVENTS