• Source: https://cybernews.com/security/facepass-data-leak-brazil-passport-selfie/
• Details: A biometric authentication system in Brazil, Facepass, suffered a significant data leak due to misconfiguration.
• Compromised Data: Passport selfies, personal identification data. 1.6 million files.
• Impact: The exposure of sensitive biometric data raises major concerns about identity theft and fraudulent activities.

Google Chrome Zero-Day Exploit

• Sources:
  • https://thehackernews.com/2025/03/zero-day-alert-google-releases-chrome.html
  • https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-exploited-in-espionage-campaign/
• CVE: CVE-2025-2783
• Details: Google has released an emergency patch to fix a zero-day vulnerability actively exploited in espionage campaigns.
• Impact: Urgent update recommended to avoid exploitation.

Critical Flaw in Next.js

• Source: https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/
• CVE: CVE-2025-29927
• Details: A major security vulnerability in Next.js allows attackers to bypass authorization mechanisms.
• Impact: Websites using Next.js are at risk of unauthorized access.

Mozilla Firefox Critical Bug

• Source: https://thehackernews.com/2025/03/mozilla-patches-critical-firefox-bug.html
• CVE: CVE-2025-2857
• Details: Mozilla has patched a critical security flaw affecting Firefox users.
• Impact: Exploitation could allow attackers to take control of affected systems.

NPM Package Hijacking

• Sources:
  • https://thehackernews.com/2025/03/nine-year-old-npm-packages-hijacked-to.html
  • https://www.bleepingcomputer.com/news/security/infostealer-campaign-compromises-10-npm-packages-targets-devs/
• Details: Attackers compromised multiple NPM packages, injecting malicious code to steal sensitive developer data.
• Impact: Developers using these packages are at risk of credential theft and malware infections.

Russian Hackers Disrupt Belgian Websites

• Source: https://cybernews.com/security/russian-hackers-shut-down-belgian-websites/
• Details: A Russian hacker group launched a DDoS attack, shutting down major Belgian government and business websites.
• Impact: Temporary disruption of critical online services.

Cyberattack on Ukrainian Railways

• Source: https://www.bleepingcomputer.com/news/security/cyberattack-takes-down-ukrainian-state-railways-online-services/
• Details: A cyberattack disabled Ukrainian State Railways’ online services, causing operational disruptions.
• Impact: Delayed services and potential data exposure.

APT36 Targets India Post Users

• Source: https://thehackernews.com/2025/03/apt36-spoofs-india-post-website-to.html
• Details: APT36, a suspected state-sponsored hacking group, created a fake India Post website to steal user credentials.
• Impact: Increased phishing risks for Indian users.

Backdoor in Unitree Go1 Robots

• Source: https://cybernews.com/security/unitree-go1-contain-unprotected-remote-access-backdoor/
• Details: Researchers discovered an unprotected remote access backdoor in Unitree Go1 robots, potentially allowing unauthorized control.
• Impact: High risk for robotics users, particularly in industrial and research applications.

Leak of US Military Plans

• Sources:
  • https://cybernews.com/security/top-secret-war-plans-leaked-to-atlantic-journalist/
  • https://www.darkreading.com/cybersecurity-operations/opsec-nightmare-leaking-us-military-plans-reporter
• Details: Classified US military documents were leaked to a journalist, raising serious operational security concerns.
• Impact: Possible national security threat due to exposed sensitive information.