BuzzSec

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. "Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands – making it particularly effective against users who may not appreciate the implications of running from The Hacker News https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear (aka UAC-0190 or Void Blizzard) aimed at Ukrainian defense forces with a malware from The Hacker News https://thehackernews.com/2026/03/drillapp-backdoor-targets-ukraine.html

I’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s a theoretical improvement in the speed of factoring large numbers with a quantum computer. from Schneier on Security https://www.schneier.com/blog/archives/2026/03/possible-new-result-in-quantum-factorization.html

Our Threat Intelligence team has observed an emerging obfuscation technique, specifically used to make Natural Language Processing (NLP) detection capabilities less effective. Broadly, malicious actors are adding additional characters, break lines, and legitimate links to the end of a phishing email in an attempt to disguise their malicious payloads amongst the noise and evade NLP detection. from Human Risk Management Blog https://blog.knowbe4.com/nlp-obfuscation-techniques-email-security-evasion

Google is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from using the accessibility services API. The change, incorporated in Android 17 Beta 2, was first reported by Android Authority last week. AAPM was introduced by Google in Android 16, released last year. When enabled, it causes the device to enter a heightened from The Hacker News https://thehackernews.com/2026/03/android-17-blocks-non-accessibility.html

Sending an unsecured email can be likened to writing sensitive information on a sticky note and leaving it on someone else's desk: anybody can intercept and share that information. Fortunately, there are ways to ensure your emails are safe from the prying eyes of hackers through encryption, meaning your message — no matter how sensitive — is seen only by the intended recipient. from Human Risk Management Blog https://blog.knowbe4.com/how-do-i-send-a-secure-email-in-outlook