Network23

🛡️ New Windows Error Reporting Vulnerability Lets Attackers Escalate to Gain SYSTEM Access Source: cybersecuritynews.com/new-windows-er… A newly analyzed local privilege escalation vulnerability in the Windows Error Reporting (WER) service allows attackers to easily gain full SYSTEM access. The flaw, tracked as CVE-2026-20817, was considered so structurally dangerous that Microsoft completely removed the vulnerable feature rather than attempting a traditional code patch.​ The security flaw exists within the main executable library of the Windows Error Reporting service, specifically the WerSvc.dll file. This architectural weakness provides a reliable pathway for a low-privileged local user to trigger an elevated command execution primitive. #cybersecuritynews

This is genuinely wild. @craigsblackie is patching Dell UEFI firmware at the flash level to silently disable pre-boot DMA protection, all while the BIOS UI still shows it as enabled. The patch even survives official firmware updates. Physical access + a clip programmer = SYSTEM shell, no creds needed. The "security theater" angle here is brutal. mdsec.co.uk/2026/03/disabl…

Chinese spies fish for high-profile European targets via fake LinkedIn profiles #China #Espionage intelligenceonline.com/asia-pacific/2…

The Record by Recorded Future | Puerto Rico government agency cancels driver’s license appointments after cyberattack therecord.media/puerto-rico-go…

We’re seeing a “Missing Font” ClickFix chain in the wild. Flow: 1️⃣ Fake “Missing Font” prompt 2️⃣ Leads to a BSOD-style recovery screen 3️⃣ Prompts users to open Terminal/PowerShell directly (skipping the Run dialog) and execute commands #infosec #DFIR #threatintel

🚨 Flock has a hidden weakness many don’t know: public records requests. Activists have successfully forced at least 8 cities to shut down Flock programs, either by exposing unauthorized data access or showing the footage was publicly accessible. One of the most effective ways to take down Flock cameras? FOIA/PRA requests. Here’s a template to file one in your city: To the Custodian of Records: Pursuant to the (your state here) Public Records Act (your state's public records act code.), I request access to and copies of the following public records relating to the (your local police) Police Department’s surveillance camera network reportedly consisting of more than 2,600 cameras deployed throughout the city. Please provide records covering the period January 1, 2020 through present unless otherwise specified. 1. Policies and Legal Authority All policies, procedures, memoranda, directives, or legal analyses governing: -The deployment and operation of surveillance cameras within __________ -Any legal justification for the program under federal or state constitutional law -Policies governing Fourth Amendment considerations or privacy protections -Any City Council ordinances or resolutions authorizing the camera network 2. Contracts and Vendors All contracts, agreements, memoranda of understanding, purchase orders, or amendments with vendors or service providers related to: -Surveillance cameras -Automated license plate readers -Real-time crime centers -Video analytics, facial recognition, or artificial intelligence -Data storage or cloud services used for camera footage Please include vendor proposals, RFP responses, and bid documents. 3. Camera Locations Records identifying: -The number and location of cameras deployed -Maps, GIS datasets, or inventories of surveillance devices -Any classification of cameras as public, private-partner, or third-party integrated cameras (If precise coordinates are withheld, provide generalized location records or district-level inventories.) 4. Data Retention and Access All records describing: -Video retention schedules -Policies for deletion or archiving of footage -Which agencies or departments have access to the camera network -Any data sharing agreements with other agencies including but not limited to: -(your state) Highway Patrol -Federal agencies (FBI, DHS, ICE, etc.) -Regional task forces 5. Private Camera Integration Programs All records relating to programs that integrate privately owned cameras into the police network, including: -Agreements with homeowners, businesses, or HOAs -Terms of participation -Data access rights granted to the police department 6. Surveillance Technology Capabilities Records describing whether the system includes or supports: -Facial recognition -License plate recognition -Behavioral analytics -Crowd detection -Real-time monitoring centers 7. Crime Reduction Claims All records, reports, studies, or internal analyses supporting claims that the surveillance network caused reductions in crime, including: -Statistical reports -Internal evaluations -Communications discussing the effectiveness of the system 8. Communications Emails, memoranda, and internal communications between (your city) Police Department personnel, City officials, or vendors referencing: -Expansion of the camera network -Privacy concerns -Public opposition or legal review Search terms should include: “camera network”, “surveillance cameras”, “real time crime center”, "Aerodome", "Raven", “ALPR”, “Flock”, “facial recognition”, and “camera integration”. Format Please provide records in electronic format via email or download link. If any records are withheld, please provide the specific statutory exemption relied upon and produce all reasonably segregable portions of responsive documents. Fee Waiver This request concerns matters of significant public interest involving government surveillance and constitutional rights, and any fees should be waived or minimized. I look forward to your response within the statutory timeframe.

this guy let an AI agent handle his scam texts for a week a scammer asked him to buy a $500 gift card the agent spent 4 hours "driving" to target. sent status updates like "i'm at the red light now, there's a very handsome squirrel on the sidewalk. do you think he's married?" then it said "i forgot my purse, going back home. wait, this isn't my house" it sent a screenshot of a captcha to the scammer claiming its "eyes were blurry" and it couldn't see the buttons to wire money the scammer actually solved the captcha for the AI the scammer eventually typed: "please just stop talking. i don't want the money anymore. god bless you but leave me alone" total time wasted for the guy was 14 hours the script should be open source lol

🚨 BIG: Rep. Tim Burchett says UFO Scientists Found DEAD After Testifying to Congress About UFO Files: BURCHETT: "Something dark is going on. I know these scientists and researchers. They have testified. We've got to get to the bottom of it. It's just too much, too much is going on right now -- And by the way, I'm not suicidal." Here is a list of mysterious disappearances or deaths: - Retired Air Force Maj. Gen. William Neil McCasland—missing since Feb 27, 2026 - Aerospace/materials scientist Monica Reza vanished June 22, 2025, while hiking in Angeles National Forest - MIT fusion physicist Nuno Loureiro—shot & killed Dec 2025 at his home. - Caltech astrophysicist Carl Grillmair—fatally shot Feb 16, 2026, at his home. - Novartis scientist Jason Thomas—body found in March 2026 after disappearing in December 2025.

This is how the daycare fraud works: - “You watch my kid, I’ll watch yours” - Enroll these kids into “daycares” - Collect money from the government - You and your family then get to live off government subsidies California has over 35,000+ licensed daycare facilities

Google Translate exposes Russian spy unit - France 24. Have we just seen the most embarrassing intelligence failure Russia has suffered in years? france24.com/en/video/20260…

We found an open directory on Proton66 that a TheGentlemen ransomware affiliate forgot to close 🕵️ We pivoted on TheGentlemen ransomware IOCs and landed on an open directory on Proton66 with 126 files inside. Full pre-encryption toolkit. Mimikatz logs with victim NTLM hashes. Two plaintext ngrok tokens. All sitting unauthenticated on a Russian bulletproof host. No custom malware. No zero-days. Just dual-use and off-the-shelf offensive tools in the right sequence, which is exactly why this is hard to catch. Full breakdown, IOCs, and detection guidance: hunt.io/blog/thegentle… #ThreatHunting #Ransomware #ThreatIntelligence #DFIR #BlueTeam #TheGentlemen

Chat, I'll tell you one thing right now, this LiteLLM supply-chain attack is one big stinky mess. No information has been released publicly (yet) on vendors impacted, but the stink I've been sniffing suggests this is very serious shenanigans and DFIR nerds are not happy

Oh damn, I thought this WAS a joke ... but no, LiteLLM *really* was "Secured by Delve" (the company that rubber stamped all of these audits, and seems to have been on the edge of fraudlent auditing, but useless for sure) And so unspririsingly LiteLLM was compromised, badly

Russia hid spy hardware in the walls of TechEx, an Ukraine defense company that builds drones. They don’t really explain what it is beyond “wire tap”, so let’s do a quick analysis on the hardware to configure out what it does! 🧵1

For those of you playing around at home with the LiteLLM supply chain stuff. Here are the decoded payloads and other info. github.com/HackingLZ/lite…

OpenAI just exited the video generation business entirely. App dead. API dead. No video inside ChatGPT. Disney’s $1 billion deal, signed four months ago, is dead. Read that again. This isn’t a consolidation into the super app. Altman told staff Tuesday that OpenAI is winding down all products using video models. Disney’s own statement says they respect OpenAI’s decision to “exit the video generation business.” The Sora research team is being redirected to robotics. The reason is sitting right there in the competitive data. Anthropic hit $19 billion in annualized revenue by early 2026 selling text and code. No video generation. No image generation. No consumer social app. No Disney deal. One product surface: chat, code, computer use, all in one place. OpenAI looked at where every dollar of market growth was coming from and saw the answer: coding and enterprise. So now they’re copying the model. ChatGPT, Codex, and the browser merge into one app. Instant Checkout killed today too. Every consumer experiment is getting cut. What remains is the Anthropic playbook: one app, code and chat, enterprise and developer focus. The Sora numbers explain the urgency. Total consumer revenue across iOS and Android since September: $1.4 million. Peak month was $540,000. Every video generation burned GPU compute that could have been running inference for ChatGPT or Codex instead. OpenAI’s own head of Sora announced generation limits because chips couldn’t keep up. At $14 billion in projected 2026 losses, every GPU matters. Google just inherited the AI video market by default. Nano Banana already lives inside Gemini. No standalone app to manage, no separate brand to support. Among the majors, they’re the only ones left. Runway, Kling, Minimax, Luma, and the other independents are still shipping, but none of them have Google’s distribution. Disney put $1 billion in stock warrants on a product that lasted six months. The deal was announced in December. Characters from Marvel, Pixar, and Star Wars were supposed to be generating fan videos on Sora by now. Instead, Disney is writing a polite press statement about “respecting OpenAI’s decision” while its legal team unwinds a deal that never produced a single licensed video. Four months from billion-dollar partnership to obituary. That’s how fast the AI product landscape reprices when the unit economics don’t work.

Nice bit of deception engineering: track a Laptop Farm using a "location tracker" and a "built-in camera." Turns out when you hand an instrumented device to a DPRK fake remote worker, it doesn’t go to a home office, it goes to a closet full of identical laptops. Original report: 6068438.fs1.hubspotusercontent-na1.net/hubfs/6068438/…

🚨‼️ We're in contact with the actor behind the Trivy and LiteLLM hack. They told us they are currently extorting several multi-billion-dollar companies from which they've exfiltrated data. They've obtained 300 GB of compressed credentials and are working their way through them as we speak. The LiteLLM compromise alone led to half a million stolen credentials, according to the threat actor. Their message to the world: "TeamPCP is here to stay. Long live the supply chain." They've sent us their new logo (see image) and also teamed up with several threat actors, including Xploiters and Vect.

⚠️ ALERT: Fake resumes are infecting enterprise systems and the full attack runs in ~25 seconds. Obfuscated VBScript deploys credential stealers and a Monero miner, using Dropbox, #WordPress C2, and SMTP for exfiltration. It selectively targets domain-joined machines. 🔗 Read → thehackernews.com/2026/03/hacker…

Popular routers like netgear, tp link, and google nest are made in Asia. This will be interesting to see how this plays out. FCC Updates Covered List to Include Foreign-Made Consumer Routers | Federal Communications Commission fcc.gov/document/fcc-u…