Cybersecurity News | Daily Recap [13 Mar 2026]

hendryadrian.com

hendryadrian.com

Law Enforcement & Takedowns

• Interpol-led Operation Synergia III sinkholed 45,000 IPs, seized servers/devices, and produced 94 arrests (plus 110 suspects under investigation) across 72 countries, exposing >33,000 malicious sites impersonating Macau services – Synergia III
• U.S./European authorities disrupted the SocksEscort proxy network built on the AVRecon botnet, seizing domains/servers, freezing $3.5 million in crypto and disconnecting thousands of infected routers (avg. ~20,000 devices weekly) used for DDoS, fraud and illicit content distribution – SocksEscort, SocksEscort, SocksEscort
• The FBI added an alleged leader of an ATM jackpotting ring to its Ten Most Wanted list amid ongoing asset-recovery and global investigations – ATM Jackpotting
• Meta, working with the FBI and Thai police, helped shut Southeast Asian scam centers, leading to 21 arrests, shutdown of >150,000 accounts and removal of >159 million fraudulent ads while rolling out new AI anti-scam tools – Meta Tools

Malware & Ransomware

• Researchers tied the financially motivated group Hive0163 to the AI-assisted PowerShell backdoor Slopoly, used alongside NodeSnake and Interlock ransomware to maintain persistence and exfiltrate data, signaling increased LLM-assisted malware use – AI Slopoly, AI Slopoly, AI Slopoly
• New Rust-based banking trojan VENON targets 33 Brazilian banks with credential-stealing overlays, DLL side-loading, LNK hijacks and Google Cloud-hosted configs linked to WhatsApp-distributed SORVEPOTEL lures – VENON Malware

Data Breaches & Incidents

• Starbucks disclosed a breach of 889 Partner Central employee accounts exposing names, SSNs, DOBs and bank details after credentials were harvested via impersonation sites—company offering two years of identity protection – Starbucks Breach
• Canadian retail giant Loblaw notified customers of a data breach under investigation by forensics teams – Loblaw Breach
• Telus Digital confirmed an incident after alleged ShinyHunters claims of nearly 1 petabyte of stolen data; investigations and notifications underway – Telus Breach
• England Hockey is probing an alleged AiLock ransomware breach claiming 129GB of stolen data and extortion threats while involving law enforcement and specialists – England Hockey
• Medical device maker Stryker reported a global cyber incident that wiped devices and locked ~5,500 staff out of systems across multiple regions; root cause/timeline for recovery remain unclear – Stryker Incident

Vulnerabilities & Patches

• Google rolled out Chrome 146 emergency updates to fix two actively exploited zero-days—CVE-2026-3909 (Skia) and CVE-2026-3910 (V8)—and urged updates for Chromium-based browsers across platforms – Chrome Zero‑Days, Chrome Zero‑Days
• Apple patched legacy iOS/iPadOS versions to fix exploits used by the nation-grade Coruna toolkit, backporting fixes for older devices vulnerable to remote code execution – Apple Coruna
• Veeam released fixes and warnings for critical RCE flaws in its Backup & Replication platform that could expose backup servers to remote compromise—admins urged to apply patches immediately – Veeam RCE, Veeam RCE

Nation‑State & Policy

• Iran‑linked hackers have targeted U.S. and other Western/APAC organizations, raising the cyber risk profile amid geopolitical tensions and potential wartime escalation – Iran Hackers
• Unit 42 exposed long-running cyber espionage by cluster CL‑STA‑1087 against Asian militaries, underscoring persistent regional targeting of defense networks – CL‑STA‑1087
• Leadership changes at U.S. Cyber Command: Brig. Gen. Matthew Lennox will lead the Cyber National Mission Force amid broader turnover following prior senior departures – CNMF Command
• New data revealed a ~35% increase in FBI searches of Section 702 data on U.S. persons (to 7,413 searches), fueling civil‑liberties debate over warrantless queries – FBI Searches
• U.K. regulators ICO and Ofcom demanded major social platforms implement robust age‑assurance to block under‑13 access, warning of enforcement if self‑declaration persists – Kids Online
• Analysis warns of a growing era of continuous cyber operations—nation‑state strikes, AI weapons and criminal-AI convergence reshaping the digital battlefield in 2026 – Cyber Warfare

AI, Startups & Defense

• New York startup Bold Security emerged from stealth with $40 million to run custom AI agents on endpoints for local behavior monitoring, data classification and privacy‑by‑default controls – Bold Security
• Onyx Security launched with $40 million to build a secure AI control plane and supervisory agents that discover and govern autonomous agents across cloud, endpoints and SaaS – Onyx Security
• Practical guidance for SOCs: scale phishing detection with interactive sandboxing, automation that mimics analysts, and SSL decryption to combat modern credential‑harvesting attacks – Phishing Scale

Fraud, Underground Markets & Research

• Research shows stolen airline miles and hotel points are traded as underground currency, with organized sellers redeeming rewards and causing estimated annual losses of $1–$3 billion via credential compromise and infostealer activity – Rewards Fraud
• The Cyber Express weekly digest covers global cyberattacks, espionage, malware and security updates to help track evolving threats and mitigations – Weekly Roundup

Cybersecurity News | Daily Recap – hendryadrian.com