GoAnywhere MFT Zero‑Day Lets Attackers Slip Past Firewalls
In September 2025 a previously unknown flaw in the GoAnywhere Managed File Transfer (MFT) license‑servlet was weaponized. The vulnerability
Proxy‑Based Surge Scans Target SonicWall Firewalls in Coordinated Recon Campaign
GreyNoise has identified a coordinated reconnaissance effort that leverages legitimate proxy services to flood target networks with high‑volume scan
Zero‑day firewalls and AI model theft raise risk 🚨. IoT and OAuth abuse widen surface 🤖.
Good morning, March 2, 2026 – here’s your critical cybersecurity briefing.
Today's headlines
* SonicWall firewalls scanned via commercial
Zero‑Trust Lateral Defense: VMware vDefend Shields Inside Networks
VMware’s vDefend platform expands zero‑trust principles beyond the perimeter, delivering continuous, real‑time monitoring of east‑west traffic
AI‑Generated Malware Variants Flood 2026, Eroding Traditional Defenses
CrowdStrike’s 2026 Global Threat Report shows threat actors now leveraging large language models to auto‑create thousands of code
Kimwolf Botnet Moves C2 to I2P, Hiding in IoT Networks
Security researchers have confirmed that the Kimwolf botnet, known for compromising consumer‑grade IoT devices, has migrated its command‑and‑
App Exposes Nearby Smart Glasses via IR Signature Scan
A developer has published a mobile application that uses the device’s camera and infrared (IR) sensor to identify the
LummaStealer Teams Up with CastleLoader to Boost Theft and Evade Detection
Bitdefender researchers have identified a resurgence of the LummaStealer credential‑stealer, now being delivered through the CastleLoader modular loader. The
Claude Code Flaws Open AI Supply‑Chain to Malicious Template Injection
Researchers uncovered a set of vulnerabilities in Anthropic’s Claude Code platform that allow threat actors to embed malicious code
Pro‑Russia Hacktivists Target OT with Credential‑Stuffing and Phishing
The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning of an organized wave of pro‑Russia hacktivist activity
