A highly sophisticated exploit kit named "Coruna" has been uncovered by Google's Threat Intelligence Group, posing a significant risk to iPhone users running outdated software. The toolkit is capable of compromising iPhones via a simple visit to a malicious website, using a combination of 23 distinct vulnerabilities to install data-stealing malware. Its journey from a government-developed tool to use by Russian espionage groups and finally Chinese cybercriminals marks a dangerous escalation in the mobile threat landscape.

To avoid being hacked: Immediately update to the latest iOS version, as all vulnerabilities are patched in current releases. Enable Lockdown Mode in Settings for additional protection against zero-click attacks.

LINK: https://www.infosecurity-magazine.com/news/coruna-exploit-older-iphones/

New Jersey County Says Malware Attack Took Down Phones: Officials in a New Jersey county confirmed a malware attack was responsible for a prolonged outage that took down its phone systems, disrupting government services and communications. Recovery efforts are underway, but the full extent of the damage is still being assessed. Link: https://therecord.media/new-jersey-county-says-malware-attack-took-down-phones

WordPress Plugin Bug Exploited to Create Admin Accounts: Threat actors are actively exploiting a critical vulnerability in a popular WordPress membership plugin, allowing them to create new administrator accounts and take full control of affected websites. Site owners are urged to update immediately. Link: https://www.bleepingcomputer.com/news/security/wordpress-membership-plugin-bug-exploited-to-create-admin-accounts/

CISA Adds Two New Flaws to Known Exploited Vulnerabilities Catalog: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Federal agencies are required to patch the flaws by the specified deadline. Link: https://www.cisa.gov/news-events/alerts/2026/03/03/cisa-adds-two-known-exploited-vulnerabilities-catalog

Zero-Click Flaw in FreeScout Allows Remote Code Execution: A critical zero-click vulnerability has been discovered in the FreeScout open-source help desk software. The bug could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable server without any user interaction, posing a severe risk. Link: https://www.infosecurity-magazine.com/news/zeroclick-freescout-bug-remote/

Scattered Spider Attack on TfL Affected 10 Million People: The cyberattack on Transport for London (TfL) last year, attributed to the Scattered Spider group, exposed the personal data of approximately 10 million individuals, according to a new report detailing the extensive impact of the breach on the city's transport network users. Link: https://www.computerweekly.com/news/366639589/Scattered-Spider-attack-on-TfL-affected-10-million-people

San Francisco Children's Council Warns 12,000 of Data Breach: The San Francisco Children's Council is notifying over 12,000 individuals that their personal data, including Social Security numbers, was exposed in a data breach. The non-profit organization is offering credit monitoring services to those affected by the incident. Link: https://www.comparitech.com/news/san-francisco-childrens-council-warns-12000-people-of-data-breach-that-leaked-ssns/

Paint Giant AkzoNobel Confirms Cyberattack on U.S. Site: Multinational paint and coatings manufacturer AkzoNobel confirmed it suffered a cyberattack that impacted operations at its U.S. sites. The company stated it isolated the affected systems and is working with cybersecurity experts to investigate and restore services. Link: https://www.bleepingcomputer.com/news/security/paint-maker-giant-akzonobel-confirms-cyberattack-on-us-site/

$48M in Crypto Stolen After Korean Tax Agency Exposes Seed: A staggering $48 million in cryptocurrency was stolen after a South Korean tax agency reportedly exposed the seed phrase for a wallet holding significant funds. The incident underscores the extreme risks associated with poor operational security for private keys. Link: https://www.bleepingcomputer.com/news/security/48m-in-crypto-stolen-after-korean-tax-agency-exposes-wallet-seed/

U.S. Leads Takedown of Major Hacker Forum 'The Dark Lords': The Justice Department announced a coordinated international law enforcement operation that successfully dismantled "The Dark Lords," identified as one of the world's largest English-language hacker forums, dealing a significant blow to cybercriminal marketplaces. Link: https://www.justice.gov/opa/pr/united-states-leads-dismantlement-one-worlds-largest-hacker-forums

62 Indicted in $2B Scam Linked to Taiwan-Based 'Prince Group': Federal prosecutors unsealed an indictment charging 62 individuals connected to a sprawling, transnational fraud and money laundering network known as the "Prince Group." The scheme allegedly defrauded victims, including the elderly, out of more than $2 billion. Link: https://therecord.media/62-indicted-taiwan-prince-group-scams

FBI Probes Suspicious Activities on Its Network Systems: The FBI confirmed it is investigating "suspicious activities" detected on its networks in February. While the bureau stated it has contained the incident, the nature and scope of the unauthorized access remain under review by federal investigators. Link: https://therecord.media/fbi-investigating-suspicious-activities-february-incident

Hackers Target FBI's Wiretap Management Systems: A report reveals the FBI is investigating a significant breach where hackers gained access to the networks managing its wiretaps and foreign intelligence surveillance warrants. The bureau confirmed it addressed suspicious activity but provided no further details on the intrusion. Link: https://techcrunch.com/2026/03/05/fbi-investigating-hack-on-its-wiretap-and-surveillance-systems-report/

DDoS Activity Spikes Following Operation Epic Fury: Security researchers at Radware are tracking a surge in distributed denial-of-service (DDoS) attacks, potentially linked to hacktivist groups like Roaring Lion, in the aftermath of the recent law enforcement operation "Epic Fury" against cybercriminal infrastructure. Link: https://www.radware.com/security/threat-advisories-and-attack-reports/ddos-activity-following-operation-epic-fury-roaring-lion/

Spyware Vendors Exploit More Zero-Days Than Nation-States: A new analysis indicates commercial spyware suppliers are now responsible for deploying a greater number of zero-day exploits than traditional nation-state actors, highlighting the growing threat posed by the private surveillance industry. Link: https://www.computerweekly.com/news/366639774/Spyware-suppliers-exploit-more-zero-days-than-nation-states

Fake Tech Support Spam Deploys Infostealer Malware: A new wave of tech support scam emails is actively distributing infostealer malware. The campaign lures victims with fake system alerts, leading them to call fraudulent numbers where operators then trick them into installing malware that steals credentials and data. Link: https://thehackernews.com/2026/03/fake-tech-support-spam-deploys.html

'Coruna' Malvertising Campaign Targets Older iPhones: A sophisticated malvertising operation named "Coruna" is specifically targeting users of older iPhone models, exploiting known but unpatched vulnerabilities in outdated iOS versions to deliver malware and steal sensitive information. Link: https://www.infosecurity-magazine.com/news/coruna-exploit-older-iphones/

White House Unveils Trump’s Cyber Strategy: The White House released a new strategy document outlining six policy pillars to guide the administration's approach, emphasizing coordinated action across government and with private industry to maintain American dominance in cyberspace through innovation and robust capabilities. Link: https://www.whitehouse.gov/articles/2026/03/white-house-unveils-president-trumps-cyber-strategy-for-america/

China Vows to Accelerate Tech Self-Reliance in AI Push: During its annual parliamentary meeting, China's government pledged to intensify efforts toward technological self-sufficiency, with a specific focus on advancing its artificial intelligence capabilities amid ongoing tensions with the U.S. over technology exports. Link: https://www.reuters.com/world/asia-pacific/china-vows-accelerate-technological-self-reliance-ai-push-2026-03-05/

EU Lawmakers Debate Overhaul of Cybersecurity Act: European policymakers convened to discuss a major revision of the EU Cybersecurity Act, framing the update as a critical component of economic security. The debate centers on expanding the mandate of ENISA and introducing new certification schemes. Link: https://www.epc.eu/events/cybersecurity-as-economic-security-a-deep-dive-into-the-revision-of-the-eu-cybersecurity-act/

Global Coalition Releases First 6G Security Guidelines: An international coalition has published the inaugural cybersecurity guidelines for next-generation 6G networks, aiming to embed security and privacy principles into the architecture from the outset, rather than as an afterthought. Link: https://www.infosecurity-magazine.com/news/gcot-6g-cybersecurity-guidelines/

Singapore Mandates Higher Security Standards for Home Routers: By 2027, all residential routers sold in Singapore must meet Level 2 of the Cybersecurity Labelling Scheme (CLS), requiring stronger encryption and authentication. The move follows a 2025 global operation where thousands of local devices were found compromised in a botnet. Link: https://thecyberexpress.com/singapore-mandatory-cybersecurity-requirements/

Italian Intelligence Reports on 2025 Cyber Threat Landscape: Italy's intelligence community released its annual report to Parliament, detailing the cyber threats faced in 2025. The report highlights an increase in hybrid attacks, espionage activities targeting strategic sectors, and the continued risk posed by hacktivism and cybercrime. Link: https://www.sicurezzanazionale.gov.it/contenuti/relazione-al-parlamento-2026

If you would like to sponsor any of our future in person or virtual events then please email us on [email protected]

We hope you enjoyed our email briefing! ☕🥮If you want to sponsor our next edition or advertise on our site, drop us an email [email protected].

Thank you for being a part of our newsletter community and you can be part of the community by joining our LinkedIn Group.