CISA Urging Organizations to Patch Google Chrome Immediately

Google Zero-Day Alert For 3.5 Billion Chrome Users—Attacks Underway

Updated March 15: Following the confirmation of two Chrome browser zero-days, already being exploited by attackers and resulting in an emergency security update rollout, this article has been updated as the Cybersecurity and Infrastructure Security Agency has urged all organizations to update as soon as possible. The article also now includes details of the millions of dollars paid to security researchers by Google for vulnerability disclosures.

…

America’s Cyber Defense Agency Urges All Organizations To Patch Google Chrome ASAP

The U.S. Cybersecurity and Infrastructure Security Agency, which likes to call itself America’s Cyber Defense Agency but is more formally referred to by the CISA acronym, has added both the CVE-2026-3909 and CVE-2026-3910 Google Chrome security vulnerabilities to the Known Exploited Vulnerabilities catalog database. This is important for many reasons, not least that it adds a very official, very government-level and formal confirmation of the use of the vulnerabilities in attacks, but also because of what this means for certain federal agencies and the wider business enterprise ecosystem.

Fortinet: How to Protect Banking From Rising AI Cyber Risks

The financial services sector is a lucrative target for cybercriminals and, as such, is one of the most targeted.

The Fortinet Report on Cybersecurity for the Banking Sector in the Middle East and Africa 2026, reveals the true extent of the threats that the sector is currently up against.

The report paints a picture of escalating cyber risk that financial institutions across the Middle East and Africa are having to reckon with.

With the rate of AI-driven fraud operations skyrocketing by 1300%, digital and mobile banking services are on high alert for burgeoning AI backed identity impersonation, deepfakes and phishing.

“The cybersecurity industry often feels as if we’re being outrun by someone with a drastic advantage,” writes Dr Carl Windsor, CISO at Fortinet, in a recent blog post.

“The CISOs I speak to daily frequently complain about having to defend against a growing number of adversaries with more resources and the ability to move faster than ever, thanks to AI.”

The ransomware economy is shifting toward straight-up data extortion

Ransomware remains a scourge that shows some signs of relenting, but incident responders and threat hunters are busier than ever as more financially motivated attackers lean exclusively on data theft for extortion.

Attacks that only involve data theft for extortion may not be more prevalent than traditional ransomware when attackers encrypt systems, but momentum is moving in that direction, Genevieve Stark, head of cybercrime intelligence at Google Threat Intelligence Group, told CyberScoop.

“When you look at the actors in the English-speaking underground, those actors are almost all just focusing on data-theft extortion right now,” Stark added. This includes groups like Scattered Spider, ShinyHunters, Clop and other groups that have been responsible for some of the largest and farthest-reaching attacks over the past few years.

Google Threat Intelligence Group’s research report on ransomware, which it shared exclusively and discussed with CyberScoop prior to release, underscores how the evolution and spread of cybercrime can cloud a collective understanding of ransomware, or attacks that use malware to encrypt or lock systems.

New York Legislature Passes GenAI Warning Bill

Key point: If enacted, the bill will require GenAI systems to provide a conspicuous warning that GenAI outputs may be inaccurate.

On March 9, 2026, the New York legislature passed A 3411, which requires generative artificial intelligence (GenAI) systems to notify users that the system’s outputs may be inaccurate. The bill will next move to Governor Kathy Hochul for consideration. If it becomes law, the bill will go into effect 90 days from enactment. The bill is short (it contains only 30 lines of text) but has broad implications.

…

The bill applies to GenAI systems, defined as a “class of artificial intelligence models that are self-supervised and emulate the structure and characteristics of input data to generate derived synthetic content, including, but not limited to, images, videos, audio, text, and other digital content.”

Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million

A 41-year-old South Florida man is accused of conducting at least 10 ransomware attacks and helping accomplices extort a combined $75.25 million in ransom payments while he was working as a ransomware negotiator for DigitalMint.

Five of Angelo John Martino III’s alleged victims hired DigitalMint, which assigned Martino to conduct ransomware negotiations on their clients’ behalf — putting him in a position to play both sides, as the criminal responsible for the attack and the lead negotiator for his alleged victims, according to federal court records unsealed Wednesday.

Martino allegedly obtained an affiliate account on ALPHV, also known as BlackCat, and conspired with other former cybersecurity professionals to break into victims’ networks, steal and encrypt data, and extort companies for ransoms over a six-month period in 2023.

45,000 malicious IP addresses taken down in international cyber operation

An international cybercrime operation targeting phishing, malware and ransomware has taken down more than 45,000 malicious IP addresses and servers.

Law enforcement from 72 countries and territories took part in Operation Synergia III (18 July 2025 – 31 January 2026), coordinated by INTERPOL. The operation led to the arrest of 94 people, with another 110 individuals still under investigation.

During the operation, INTERPOL transformed data into actionable intelligence, facilitated cross-border collaboration, and provided tactical operational assistance to member countries. Preliminary investigations led to a series of coordinated actions by national authorities, including raids on key locations and the disruption of malicious cyber activities. In total 212 electronic devices and servers were seized.

Neal Jetton, INTERPOL’s Director of the Cybercrime Directorate, said:

“Cybercrime in 2026 is more sophisticated and destructive than ever before, but Operation Synergia III stands as a powerful testament to what global cooperation can achieve. INTERPOL remains at the forefront of this fight, uniting law enforcement agencies and private sector experts to dismantle criminal networks, disrupt emerging threats and protect victims around the world.”