Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

The New Playground for Cybercriminals: Securing the Microsoft Teams Frontier

Mar 31, 2026 By KnowBe4 Team In KnowBe4
With 320 million daily users on Microsoft Teams, the ability to connect with colleagues across the organization has never been more seamless… or more targeted. The shift isn’t just about where we talk; it's about how we are being attacked. Threat actors moving beyond phishing emails and are infiltrating into the trusted spaces where your employees feel safest.
Read Post
mend

Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install

Mar 31, 2026 By Tom Abai In Mend
On March 30-31, 2026, threat actors published two malicious versions of the popular HTTP library axios (versions 1.14.1 and 0.30.4) to the npm registry. Both versions included a new dependency named plain-crypto-js which, in its 4.2.1 release, contained a fully-featured cross-platform dropper that silently installed a Remote Access Trojan (RAT) on developer machines.
Read Post
bluevoyant

Unpacking Augmented Marauder's Multi-Pronged Casbaneiro Campaigns

Mar 31, 2026 By Thomas Elkins and Joshua Green In BlueVoyant
BlueVoyant researchers have uncovered a broad, multi-pronged phishing campaign targeting Spanish-speaking users in organizations across Latin America and now Europe as well. While recent industry intelligence heavily documented attacks utilizing WhatsApp to deliver banking trojans under the umbrella of the Brazil-based eCrime group Augmented Marauder (a.k.a.
Read Post

Busting the Biggest Myth in Retail Cybersecurity | Nishith Datta | Titan

Mar 31, 2026 By Indusface In Indusface
In this Episode of Guardians of the Enterprise, Ashish Tandon, Founder & CEO, Indusface, and Nishith Datta, Head of Cybersecurity at Titan, breaks down one of the biggest myths in retail cybersecurity, especially in the era of omnichannel distribution channels. As digital and physical experiences evolve, securing consumer journeys is no longer straightforward. Nishith shares his frontline perspective on why traditional assumptions around retail security fall short, and what organizations must rethink to stay resilient.
View Video

Is Your Patch Management Strategy Ready for AI-Powered Attacks? | Nishith Datta | Titan

Mar 31, 2026 By Indusface In Indusface
In this Episode of Guardians of the Enterprise, Ashish Tandon, Founder & CEO, Indusface and Nishith Datta, Head of Cybersecurity at Titan, discusses one of the most pressing challenges in modern security, vulnerability patching in the age of AI. As AI accelerates both the scale and sophistication of attacks, traditional patching cycles are no longer enough. Nishith shares his frontline perspective on how enterprises securing omnichannel consumers must rethink their approach to exposure management.
View Video
appknox

Android Component Security: Common Misconfigurations That Expose Mobile Apps

Mar 31, 2026 By Denish Vaghasia In Appknox
When teams think about Android app security, the focus is usually on code for encryption, obfuscation, or binary protection. But in practice, many of the most critical Android app vulnerabilities don’t originate in code at all. They come from misconfigurations. Issues in the AndroidManifest, insecure component exposure, and unsafe inter-app communication often create direct entry points for attackers. These are not edge cases. They are common, repeatable, and frequently exploited.
Read Post
appknox

Gemini XSS Vulnerability: When AI Executes Malicious Code

Mar 31, 2026 By Jeel Patel In Appknox
Artificial intelligence is no longer just generating text. It generates and executes code in real time. With tools like Google Gemini, features such as code canvases and live previews are turning AI systems into interactive execution environments. This shift introduces a new and rapidly growing category of risk: AI security vulnerabilities tied to real-time code execution.
Read Post
appknox

4 Phases, 357 Crashes, 2 Bugs: What AFL++ Campaign Actually Looks Like

Mar 31, 2026 By Vinay Kumar Rasala In Appknox
357 crash files. 2 real bug sites. That’s the outcome of this AFL++ campaign after roughly 8.5 billion executions across multiple harnesses, binaries, and phases. At first glance, everything looked like success. Crashes were increasing steadily. New inputs were being generated every few seconds. Coverage appeared to improve over time. From a surface-level perspective, the campaign looked productive. Then triage began.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.