VulnHub

In February 2026, the Uffizi Galleries, a renowned art museum in Florence, Italy, fell victim to a cyberattack that resulted in the theft of its complete photographic archive. The attack raised significant concerns about the security of cultural institutions, which often hold invaluable collections. The museum has since managed to restore its archive using backups, but the incident raises questions about the adequacy of cybersecurity measures in place to protect sensitive data. Such breaches not only threaten the integrity of cultural heritage but also expose institutions to potential reputational damage and financial losses. This incident serves as a stark reminder for museums and similar organizations to bolster their cybersecurity defenses.

A new report from Keeper Security indicates that non-human identities, such as AI agents and automated systems, pose a significant security risk for businesses by 2026. Researchers found that as companies increasingly rely on these automated interactions, vulnerabilities are emerging that could be exploited by attackers. This shift raises concerns about how well current security measures can protect against these non-human threats. Organizations need to reassess their cybersecurity strategies to address the unique challenges presented by automated systems and ensure they are not leaving critical gaps in their defenses. As businesses become more digital, understanding and mitigating these risks will be vital for maintaining security and trust.

The FBI has reported that cyber fraud cost victims over $17 billion in the past year, with cryptocurrency scams accounting for more than $7 billion of that total. The rise of AI-enabled fraud is a growing concern, as attackers are increasingly using advanced technology to deceive individuals and organizations. This surge in cyber crime affects a broad range of victims, from everyday users to businesses. The FBI's findings emphasize the urgent need for increased awareness and protective measures against these evolving scams. As cyber criminals become more sophisticated, both individuals and companies must stay informed about the risks and adopt better security practices to safeguard their assets.

Researchers have shown that GPU Rowhammer attacks can lead to privilege escalation, allowing attackers to gain root shell access on affected systems. This technique exploits vulnerabilities in the way graphics processing units (GPUs) manage memory, enabling unauthorized users to manipulate data and execute commands with higher privileges than intended. The implications of this discovery are significant, as it raises concerns about the security of systems that rely on GPUs for processing. Companies and users who utilize GPUs in their infrastructure may need to reassess their security measures to protect against this type of attack. As the research develops, it’s crucial for affected parties to stay informed and take necessary precautions to secure their systems.

Researchers have identified a new attack method called GPUBreach that exploits vulnerabilities in GPU memory, specifically through a technique known as RowHammer. This attack can lead to privilege escalation and even give attackers full control over affected systems. The method takes advantage of bit-flips in GDDR6 memory, which can go beyond just corrupting data. This poses a significant risk to users and organizations relying on these graphics processors, as it could compromise sensitive information and system integrity. As technology increasingly relies on GPUs for various applications, understanding and addressing this vulnerability is crucial for maintaining security.

Recent reports indicate that North Korean operatives are actively recruiting Iranian workers for fraudulent IT jobs. Internal records show how these facilitators scout for potential candidates and provide them with training to carry out various online scams. This operation raises concerns about the collaboration between North Korea and Iran in cybercrime, as it allows North Korea to generate revenue through illicit means while exploiting the skills of Iranian workers. The implications are significant, as this partnership could enhance the capabilities of both nations in executing cyberattacks and scams, potentially affecting businesses and individuals globally. Cybersecurity experts warn that such alliances may lead to more sophisticated cyber threats in the future.

The Hong Kong police can now compel individuals to disclose encryption keys for their personal devices, including phones and laptops. This change stems from a revision to the enforcement of the National Security Law, announced on March 23, 2026. The U.S. Consulate General issued a security alert regarding this development on March 26, warning that travelers could be affected even while passing through the airport. This legal shift raises significant privacy concerns, as individuals may be forced to provide access to sensitive personal information without any legal protections. It is essential for travelers and residents to be aware of this new requirement and consider the implications for their personal data security.

Recent reports have surfaced about a significant code leak from Claude, an AI chatbot developed by Anthropic. The exposed code could potentially allow malicious actors to replicate or manipulate the chatbot's functions, raising concerns over misuse and security vulnerabilities. Additionally, there has been a compromise involving the Axios NPM package, which affected developers using this popular JavaScript library. The incident emphasizes the risks associated with third-party libraries in software development, particularly in open-source environments. As these security issues come to light, developers and organizations must take extra precautions to safeguard their applications and data from potential exploitation.