Daily Security Briefing #204
- DjediTech
- Security , Newsletter
- March 25, 2026
Table of Contents
March 25, 2026 | Read Online
GRIDTIDE disrupted, AI training data poisoning exposed, and MFA limitations eliminated…
Executive Summary
Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent disruption of the GRIDTIDE campaign highlights collaborative efforts between industry partners. Meanwhile, critical vulnerabilities in web applications have been exposed, and AI training data poisoning has become a growing concern. Additionally, Microsoft Entra ID introduces a feature to eliminate MFA limitations.
Top Articles
From Vectors to Verdicts: Web App Testing with Vector Command Vector Command breaches often occur through web apps, which can generate revenue and hold customer data. A recent report highlights the importance of testing these applications for vulnerabilities. rapid7.com
Sen. Wyden Warns of Another Section 702 Abuse Senator Ron Wyden is warning of an abuse of Section 702, a surveillance program that has been criticized for its lack of transparency and oversight. schneier.com
North America’s Cyber Security Threat Reality in 2026 The North America cyber security statistics are out, showing a threat environment defined by pressure and repetition. The same attack types and actors appear again and again. checkpoint.com
China-Backed Hackers Target Southeast Asian Military Systems in Ongoing Spy Campaign China-linked threat actors have been identified targeting Southeast Asian military networks in a long-running cyber espionage campaign focused on intelligence collection and operational surveillance. gbhackers.com
Microsoft Entra ID Introduces Feature to Eliminate MFA Limitations Microsoft has announced the general availability of its new External Multi-Factor Authentication (MFA) capability in Microsoft Entra ID, marking a significant step toward more flexible and integrated identity security. cyberpress.org
Threat Actors Exploit RDP Servers To Deliver Malware and Establish Long-Term Access The notorious advanced persistent threat (APT) group known as APT-C-13, widely recognized as Sandworm or APT44, is conducting a sophisticated cyberespionage campaign against defense, critical infrastructure, and government entities. cyberpress.org
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. thehackernews.com
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT). thehackernews.com
PolyShell attacks target 56% of all vulnerable Magento stores Attacks leveraging the ‘PolyShell’ vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. bleepingcomputer.com
Bubble AI app builder abused to steal Microsoft account credentials Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. bleepingcomputer.com
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.