Distillation technique lets copycats mimic Gemini at a fraction of the development cost. On Thursday, Google announced that "commercially motivated" actors have attempted to c
Published: 2026-02-12T19:42:08
Incident is at least the third time the exchange has been targeted by thieves. Open source packages published on the npm and PyPI repositories were laced with code that stole
Published: 2026-02-06T22:16:51
For now, it might not function outside of a lab Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept.
Published: 2026-02-19T16:04:52
You told me not to write it on a Post-it... Bork!Bork!Bork! Today's bork is entirely human-generated and will send a shiver down the spine of security pros. No matter how secure a system is, a user's ability to undo an administrator's best efforts s
Published: 2026-02-19T11:14:14
Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and effectively unexploitable."
Published: 2026-02-18T12:41:26
CEO lauds security researchers, insists they're not 'inputs' HackerOne has clarified its stance on GenAI after researchers fretted their submissions were being used to train its models.
Published: 2026-02-18T11:00:07
When the gap between data generation and action is a strategic liability, it's time for a fix Sponsored Feature Today's digital economy is generating data in unprecedented volumes, flooding enterprise IT systems from a multitude of sources, includin
Published: 2026-02-17T16:00:08
A hacker tricked a popular AI coding tool into installing OpenClaw - the viral, open-source AI agent OpenClaw that "actually does things" - absolutely everywhere. Funny as a stunt, but a sign of what to come as more and more people let autonomous software use their computers on their behalf. The hacker took advantage of […] 
A hacker tricked a popular AI coding tool into installing OpenClaw - the viral, open-source AI agent OpenClaw that "actually does things" - absolutely everywhere. Funny as a stunt, but a sign of what to come as more and more people let autonomous s...
Published: 2026-02-19T13:58:56
Texas Attorney General Ken Paxton is suing TP-Link over claims that the router-maker is misleading customers about its ties to China. In a lawsuit filed this week, Paxton claims TP-Link is "masking its Chinese connections," while serving as "an open window for Chinese-sponsored threat actors and Chinese intelligence agencies." TP-Link was founded in China, but […] 
Texas Attorney General Ken Paxton is suing TP-Link over claims that the router-maker is misleading customers about its ties to China. In a lawsuit filed this week, Paxton claims TP-Link is "masking its Chinese connections," while serving as "an ope...
Published: 2026-02-19T13:20:25
Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious link inside a Markdown file opened in Notepad," as reported earlier by The Register. Clicking the link […] 
Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious l...
Published: 2026-02-11T13:06:36
Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to Microsoft's announcement blog, marking a "generational refresh" of the security standard. Secure Boot was introduced in 2011 to protect […] Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to M...
Published: 2026-02-10T12:00:00
Substack is notifying some users that the email addresses and phone numbers linked to their accounts were exposed in a "security incident" last year. In an email to account holders, Substack CEO Chris Best said that a hacker had accessed internal data without authorization in October 2025, but that passwords, credit card numbers, and other […] 
Substack is notifying some users that the email addresses and phone numbers linked to their accounts were exposed in a "security incident" last year. In an email to account holders, Substack CEO Chris Best said that a hacker had accessed internal d...
Published: 2026-02-05T05:55:06
Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. [...]
Published: 2026-02-20T13:30:44
Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. [...]
Published: 2026-02-20T12:02:25
The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. [...]
Published: 2026-02-20T11:20:40
The "shift left" approach has increased pressure on developers, as speed demands override security checks in modern CI pipelines. Qualys explains how analyzing 34,000 public container images revealed 7.3% were malicious and why security must be enfo
Published: 2026-02-20T09:45:54
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. [...]
Published: 2026-02-20T08:12:01
The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. [...]
Published: 2026-02-20T06:50:14
The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM "jackpotting" attacks, in which criminals use malware to force cash machines to dispense money. [...]
Published: 2026-02-20T05:08:49
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices. [...]
Published: 2026-02-19T17:36:25
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024. [...]
Published: 2026-02-19T10:30:37
A Nigerian national was sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. [...]
Published: 2026-02-19T08:51:49
Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while allowing Chinese state-backed hackers to exploit firmware vulnerabilities and access users' devices. [...]
Published: 2026-02-19T07:36:51
There has been a lot of architecture news coming out of Saudi Arabia recently, little of which has been good. Now the jewel in the crown of the desert kingdom's ongoing transformation, the Line, appears to be facing a major rethink.Continue ReadingCa...
Published: 2026-02-07T15:03:00
Written by: Peter Ukhanov, Daniel Sislo, Nick Harbour, John Scarbrough, Fernando Tomlinson, Jr., Rich Reece Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in
Published: 2026-02-17T14:00:00
4K unintended installs in very odd supply chain attack Someone compromised open source AI coding assistant Cline CLI's npm package earlier this week in an odd supply chain attack that secretly installed OpenClaw on developers' machines without their knowledge.
Published: 2026-02-20T20:05:10
What happens in Vegas Las Vegas hotel and casino giant Wynn Resorts appears to be the latest victim of data-grabbing and extortion gang ShinyHunters.
Published: 2026-02-20T18:27:23
Polish arrest leads to extradition and federal prison sentence Ukrainian national Oleksandr Didenko will spend the next five years behind bars in the US for his involvement in helping North Korean IT workers secure fraudulent employment.
Published: 2026-02-20T14:30:20
Attempt to go 'Made in EU' offers big tech escapees a reality check where lower cloud bills come with higher effort Building a startup entirely on European infrastructure sounds like a nice sovereignty flex right up until you actually try it and realize the real price gets paid in time, tinkering, and slowly unlearning a decade of GitHub muscle memory.
Published: 2026-02-20T14:06:08
Hardcoded credential flaw in RecoverPoint already abused in espionage campaign Uncle Sam's cyber defenders have given federal agencies just three days to patch a maximum-severity Dell bug that's been under active exploitation since at least mid-2024.
Published: 2026-02-20T12:13:10
Feds say trio conspired to siphon processor and cryptography IP, allegedly routing some data overseas Two former Google engineers and a third alleged accomplice are facing federal charges after prosecutors accused them of swiping sensitive chip and security technology secrets and then trying to cover their tracks when the scheme began to unravel.
Published: 2026-02-20T10:45:49
Appeals judge overrules lower tribunal in latest battle of ICO against a breached retail giant The UK's data protection watchdog has scored a small win in a lengthy legal battle against a British retail group that lost millions of data records during a 2017 breach.
Published: 2026-02-20T10:25:24
Skill at buzzword bingo also required as company seeks innovative and disruptive visionary The CEO of code review platform provider Snyk has announced he will stand down so the company can find someone better-equipped to steer the company into the age of AI.
Published: 2026-02-20T05:07:25
MIT CSAIL's 2025 AI Agent Index puts opaque automated systems under the microscope AI agents are becoming more common and more capable, without consensus or standards on how they should behave, say academic researchers.
Published: 2026-02-20T01:01:15
$300 a month buys you a backdoor that looks like legit software Researchers at Proofpoint late last month uncovered what they describe as a "weird twist" on the growing trend of criminals abusing remote monitoring and management software (RMM) as their preferred attack tools.
Published: 2026-02-19T23:46:21
FBI warns these cyber-physical attacks are on the rise Thieves stole more than $20 million from compromised ATMs last year using a malware-assisted technique that the FBI says is on the uptick across the United States.
Published: 2026-02-19T18:39:04
For now, it might not function outside of a lab Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept.
Published: 2026-02-19T16:04:52
Emails show all discussed networking and biz interests with the sex offender throughout the 2010s Cybersecurity conference DEF CON has added three men named in the Epstein files to its list of banned individuals. They are not accused of any criminal wrongdoing.
Published: 2026-02-19T13:23:08
'Why not 12?' says lawyer The UK is bracketing "intimate images shared without a victim's consent" along with terror and child sexual abuse material, and demanding that online platforms remove them within two days.
Published: 2026-02-19T11:32:02
You told me not to write it on a Post-it... Bork!Bork!Bork! Today's bork is entirely human-generated and will send a shiver down the spine of security pros. No matter how secure a system is, a user's ability to undo an administrator's best efforts should not be underestimated.
Published: 2026-02-19T11:14:14
Dell, however, is welcome to help build a local-language LLM Poland's Ministry of Defence has banned Chinese cars and any others include tech to record position, images, or sound from entering protected military facilities.
Published: 2026-02-19T05:55:25
'Potential data protection incident' at an 'independent licensing partner,' we're told Adidas has confirmed it is investigating a third-party breach at one of its partner companies after digital thieves claimed they stole information and technical data from the German sportswear giant.
Published: 2026-02-18T23:57:30
Latest in a rash of grab-and-leak data incidents updated CarGurus purportedly suffered a data breach with 1.7 million corporate records stolen, according to a notorious cybercrime crew that posted the online vehicle marketplace on its leak site on Wednesday.
Published: 2026-02-18T20:40:44
'First time we have detected a crime using this method,' cops say Spanish police arrested a hacker who allegedly manipulated a hotel booking website, allowing him to pay one cent for luxury hotel stays. He also raided the mini-bars and didn't settle some of those tabs, police say.
Published: 2026-02-18T18:31:14
State disputes the company's claim that its routers are made in Vietnam TP-Link is facing legal action from the state of Texas for allegedly misleading consumers with "Made in Vietnam" claims despite China-dominated manufacturing and supply chains, and for marketing its devices as secure despite reported firmware vulnerabilities exploited by Chinese state-sponsored actors.
Published: 2026-02-18T17:29:41
National rail bookings and timetables disrupted for nearly 24 hours If you wanted to book a train trip in Germany recently, you would have been out of luck. The country's national rail company says that its services were disrupted for hours because of a cyberattack.
Published: 2026-02-18T16:36:52
Seemingly complex strings are actually highly predictable, crackable within hours Generative AI tools are surprisingly poor at suggesting strong passwords, experts say.
Published: 2026-02-18T14:06:36
Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and effectively unexploitable."
Published: 2026-02-18T12:41:26
No worries if the US doesn't want to be friends with Europe anymore Lockheed Martin's F-35 fighter aircraft can be jailbroken "just like an iPhone," the Netherlands' defense secretary has claimed.
Published: 2026-02-18T12:11:15
CEO lauds security researchers, insists they're not 'inputs' HackerOne has clarified its stance on GenAI after researchers fretted their submissions were being used to train its models.
Published: 2026-02-18T11:00:07
Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next If enterprises are implementing AI, they re not showing it to Palo Alto Networks CEO Nikesh Arora, who on Tuesday said business adoption of the tech lags consumer take-up by at least a couple of years except for coding assistants.
Published: 2026-02-18T04:52:07
Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.
Published: 2026-02-18T00:05:58
Plus 3 new goon squads targeted critical infrastructure last year Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Dragos' annual threat report published on Tuesday.
Published: 2026-02-17T21:45:14
Keep behavioral tracking American? PC giant says the claim is 'false' A US law firm has accused Lenovo of violating Justice Department strictures about the bulk transfer of data to foreign adversaries, namely China.
Published: 2026-02-17T13:42:03
Police say seized kit contained logins, passwords, and server IP addresses Polish police have arrested and charged a man over ties to the Phobos ransomware group following a property raid.
Published: 2026-02-17T13:14:33
Digital burglaries remain routine, and data shows most corps still don't stick to basic infosec standards Britain is telling businesses to "lock the door" on cybercrims as new government data suggests most still haven't even found the latch.
Published: 2026-02-17T11:30:15
Social media platform's legal eagles prepare to fight ever-growing number of countries The Irish Data Protection Commission (DPC) is the latest regulator to open an investigation into Elon Musk's X following repeated reports of harmful image generation by the platform's Grok AI chatbot.
Published: 2026-02-17T11:08:36
Top brass splash cash on acoustic targeting, hypersonic missiles and Red Hat Keir Starmer could ramp up the UK's defense spending plans faster than planned as the MoD reeled off new purchases for Britain's armed forces.
Published: 2026-02-17T09:14:00
Fashion brand latest to succumb to ShinyHunters' tricks Canada Goose says an advertised breach of 600,000 records is an old raid and there are no signs of a recent compromise.
Published: 2026-02-16T18:01:07
Bungled link handed over sensitive docs, and when recipient didn't cooperate, police opted for cuffs Dutch police have arrested a man for "computer hacking" after accidentally handing him their own sensitive files and then getting annoyed when he didn't hand them back.
Published: 2026-02-16T17:26:07
Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.
Published: 2026-02-16T16:20:14
Free beer is great. Securing the keg costs money fosdem 2026 Open source registries are in financial peril, a co-founder of an open source security foundation warned after inspecting their books. And it's not just the bandwidth costs that are killing them.
Published: 2026-02-16T15:00:09
High-severity CSS flaw let malicious webpages run code inside the sandbox Google has quietly pushed out an emergency Chrome fix after attackers were caught exploiting the browser's first reported zero-day of 2026.
Published: 2026-02-16T12:39:06
PLUS: India demands two-hour deepfake takedowns; Singapore embraces AI; Japanese robot wolf gets cuddly; And more Asia In Brief The United States may be about to change its policies regarding Chinese technology companies.
Published: 2026-02-16T04:35:08
PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more Infosec in Brief The former General Manager of defense contractor L3Harris's cyber subsidiary Trenchant sold eight zero-day exploit kits to Russia, according to a court filing last week.
Published: 2026-02-15T23:22:14
As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being actively exploited, exposing unpatched businesses and government agencies to attack.
Published: 2026-02-13T18:45:15
Names, addresses, bank account numbers accessed but biz insists passwords and call data untouched The Netherlands' largest mobile network operator (MNO) has admitted that a breach of its customer contact system may have affected around 6.2 million people.
Published: 2026-02-13T11:45:13
Years later, he read about his antagonist doing time for murder On Call Welcome to another installment of On Call, The Register's weekly reader-contributed column that tells your tech support tales.
Published: 2026-02-13T07:27:12
Are you a good bot or a bad bot? More than 30 malicious Chrome extensions installed by at least 260,000 users purport to be helpful AI assistants, but they steal users' API keys, email messages, and other personal data. Even worse: many of these are still available on the Chrome Web Store as of this writing.
Published: 2026-02-12T22:59:07
As if snooping on your workers wasn't bad enough Your supervisor may like using employee monitoring apps to keep tabs on you, but crims like the snooping software even more. Threat actors are now using legit bossware to blend into corporate networks and attempt ransomware deployment.
Published: 2026-02-12T20:07:13
Flaw abused 'in an extremely sophisticated attack against specific targeted individuals' Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an "extremely sophisticated attack" against targeted individuals.
Published: 2026-02-12T14:01:13
Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking breaches, credential theft, and ransomware into a "self-reinforcing" ecosystem, researchers say.
Published: 2026-02-12T11:59:09
Whoever gets it will steer UK department's IT, AI strategy, and megabucks vendor deals The UK Ministry of Defence (MoD) is offering between 270,000 to 300,000 for a senior digital leader who will oversee more than 4.6 billion in spending and more than 3,000 specialist staff.
Published: 2026-02-12T10:15:12
Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.
Published: 2026-02-12T07:00:08
Businesses are embedding prompts that produce content they want you to read, not the stuff AI makes if left to its own devices Amid its ongoing promotion of AI's wonders, Microsoft has warned customers it has found many instances of a technique that manipulates the technology to produce biased advice.
Published: 2026-02-12T01:07:06
Homeland Security aims to combine its face and fingerprint systems into one big biometric platform after dismantling centralized privacy reviews and key limits on face recognition.
Published: 2026-02-20T20:03:23
Comments and other data left on a PDF detailing Homeland Security’s proposal to build “mega” detention and processing centers reveal the personnel involved in its creation.
Published: 2026-02-20T18:27:39
Documents say customs officers in the US Virgin Islands had friendly relationships with Epstein years after his 2008 conviction, showing how the infamous sex offender tried to cultivate allies.
Published: 2026-02-20T03:29:17
The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon without breaking the hardware.
Published: 2026-02-20T01:12:25
A staffer of the Incognito dark web market was secretly controlled by the FBI and still allegedly approved the sale of fentanyl-tainted pills, including those from a dealer linked to a confirmed death.
Published: 2026-02-19T23:18:09
From threat modeling to encrypted collaboration apps, we’ve collected experts’ tips and tools for safely and effectively building a group even while being targeted and tracked by the powerful.
Published: 2026-02-19T10:00:00
A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals appear to have not yet exploited.
Published: 2026-02-18T17:22:10
Fears over a drug cartel drone over Texas sparked a recent airspace shutdown in El Paso and New Mexico, highlighting just how tricky it can be to deploy anti-drone weapons near cities.
Published: 2026-02-16T11:30:00
Plus: Meta plans to add face recognition to its smart glasses, Jared Kushner named as part of whistleblower’s mysterious national security complaint, and more.
Published: 2026-02-14T11:30:00
The Mexican city of Guadalupe, which will host portions of the 2026 World Cup, recently showed off four new robot dogs that will help provide security during matches at BBVA Stadium.
Published: 2026-02-14T10:00:00
The use of cryptocurrency in sales of human beings for prostitution and scam compounds nearly doubled in 2025, according to a conservative estimate. Many of the deals are happening in plain sight.
Published: 2026-02-12T13:00:00
Petitions demanding people get the chance to be released from ICE custody have overwhelmed courts throughout the US.
Published: 2026-02-11T21:23:51
US Border Patrol intelligence units will gain access to a face recognition tool built on billions of images scraped from the internet.
Published: 2026-02-11T16:32:27
The last major nuclear arms treaty between the US and Russia just expired. Some experts believe a combination of satellite surveillance, AI, and human reviewers can take its place. Others, not so much.
Published: 2026-02-09T11:30:00
After more than 15 years of draconian measures, culminating in an ongoing internet shutdown, the Iranian regime seems to be staggering toward its digital surveillance endgame.
Published: 2026-02-09T11:00:00
Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more.
Published: 2026-02-07T11:30:00
The government has withheld details of the investigation of Renee Good’s killing but an unrelated case involving the ICE agent who shot her could force new revelations.
Published: 2026-02-06T22:14:45
ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that and only got approved after DHS abandoned its own privacy rules.
Published: 2026-02-05T20:28:34
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the
Published: 2026-02-20T21:15:00
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months. "On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI
Published: 2026-02-20T19:50:00
Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). "The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stage
Published: 2026-02-20T17:25:00
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk. For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are
Published: 2026-02-20T16:00:00
A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea's fraudulent information technology (IT) worker scheme. In November 2025, Oleksandr "Alexander" Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT workers to help them land
Published: 2026-02-20T15:22:00
The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading to losses of more than $20 million in 2025. The agency said 1,900 ATM jackpotting incidents have been reported since 2020, out of which 700 took place last year. In December 2025, the U.S. Department of Justice (DoJ) said about $40.73 million has been collectively
Published: 2026-02-20T13:35:00
Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran. Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor Ghandali, 32, have been accused
Published: 2026-02-20T10:57:00
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots,
Published: 2026-02-19T23:22:00
An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment
Published: 2026-02-19T23:20:00
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud. The high-severity vulnerability, tracked as CVE-2026-26119, carries a
Published: 2026-02-19T23:10:00
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries often all at the same time. Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to think about exposure, response, and preparedness right now
Published: 2026-02-19T20:05:00
We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay down during a slower cycle. In 2026, “Eventually” is Now But today, within minutes, AI-powered
Published: 2026-02-19T17:25:00
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that's designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. "This new threat, while
Published: 2026-02-19T15:54:00
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct information theft and long-term espionage. The Acronis Threat Research Unit (TRU) said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan (RAT) and
Published: 2026-02-19T13:43:00
New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident's phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs & Public
Published: 2026-02-18T23:00:00
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer overflow that could result in remote code
Published: 2026-02-18T22:05:00
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and
Published: 2026-02-18T18:46:00
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability: AI-driven threats that adapt in real time, expanding
Published: 2026-02-18T17:28:00
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials
Published: 2026-02-18T16:02:00
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comes
Published: 2026-02-18T16:00:00
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design that aims to make the update process "robust and effectively unexploitable." This includes verification
Published: 2026-02-18T13:10:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 (CVSS score: 8.8) - A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap
Published: 2026-02-18T12:22:00
Cloud attacks move fast faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins. Cloud forensics is fundamentally
Published: 2026-02-18T00:38:00
Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok
Published: 2026-02-17T23:38:00
A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build phase.
Published: 2026-02-17T22:11:00
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Server a tool that connects AI assistants to Oura Ring health data and built a deceptive
Published: 2026-02-17T18:12:00
My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (NDR) system. My goal was to understand how NDR is used in hunting and incident response, and how it fits into the daily workflow of a Security Operations Center (SOC). Corelight’s Investigator software, part of its Open NDR Platform, is
Published: 2026-02-17T17:00:00
New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the "Summarize with AI" button that's being increasingly placed on websites in ways that mirror classic search engine poisoning (SEO). The new AI hijacking technique has been codenamed AI Recommendation Poisoning by the Microsoft Defender Security Research Team. The tech giant
Published: 2026-02-17T15:01:00
Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption (E2EE) in Rich Communications Services (RCS) messages. The feature is currently available for testing in iOS and iPadOS 26.4 Beta, and is expected to be shipped to customers in a future update for iOS, iPadOS, macOS, and watchOS. "End-to-end encryption is in beta and is not available for all
Published: 2026-02-17T12:14:00
Cybersecurity researchers disclosed they have detected a case of an information stealer infection successfully exfiltrating a victim's OpenClaw (formerly Clawdbot and Moltbot) configuration environment. "This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the 'souls' and identities of personal AI [
Published: 2026-02-17T00:13:00
A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks range in severity from integrity violations to the complete compromise of all vaults in an organization," researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson said.
Published: 2026-02-16T23:36:00
This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path
Published: 2026-02-16T18:25:00
Technologies are evolving fast, reshaping economies, governance, and daily life. Yet, as innovation accelerates, so do digital risks. Technological change is no longer abstract for such a country as Lithuania, as well. From e-signatures to digital health records, the country depends on secure systems. Cybersecurity has become not only a technical challenge but a societal one demanding
Published: 2026-02-16T17:25:00
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spyware
Published: 2026-02-16T15:54:00
Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild. The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on February 11, 2026. "Use after
Published: 2026-02-16T12:08:00
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload. Specifically, the attack relies on using the "nslookup" (short for nameserver lookup) command to execute a custom DNS lookup triggered via the Windows
Published: 2026-02-15T19:40:00
A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hacking group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and
Published: 2026-02-13T22:57:00
Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG). The tech giant's threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defense
Published: 2026-02-13T21:53:00
A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services sectors, according to findings from Cisco Talos. "This threat actor seems to have been active since 2019, although they have not necessarily used VoidLink over the duration of their activity," researchers Nick
Published: 2026-02-13T20:53:00
Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.
Published: 2026-02-13T16:55:00
In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks here’s what you need to know for a safer Node community. Let’s start with the original
Published: 2026-02-13T16:15:00
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. "Attackers are abusing
Published: 2026-02-13T14:04:00
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks. "The
Published: 2026-02-12T23:27:00
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025. "
Published: 2026-02-12T22:25:00
Threat activity this week shows one consistent signal attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight. Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromise
Published: 2026-02-12T17:21:00
A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point
Published: 2026-02-12T16:00:00
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346
Published: 2026-02-12T13:02:00
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: 7.8), has been described as a memory corruption issue in dyld, Apple's Dynamic Link Editor. Successful exploitation of the vulnerability could allow an
Published: 2026-02-12T11:09:00
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fake Microsoft login page, stealing over 4,000 credentials in the process. The activity has been
Published: 2026-02-11T23:15:00
Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which are often
Published: 2026-02-11T20:22:00
A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrainian national, has been sentenced to five years in a U.S. prison for supporting North Korea’s fraudulent IT worker scheme. Didenko admitted stealing U.S. […]
Published: 2026-02-20T12:40:47
The FBI warns ATM jackpotting is rising nationwide, with over $20 million lost in 2025 and 1,900 incidents reported since 2020. The FBI has warned of a sharp rise in ATM jackpotting attacks across the U.S., with losses exceeding $20 million in 2025 alone. Since 2020, about 1,900 incidents have been reported, including 700 last […]
Published: 2026-02-20T09:27:55
INTERPOL’s Operation Red Card 2.0 led to 651 arrests across 16 African countries and recovered over $4.3 million from online scams. INTERPOL’s Operation Red Card 2.0, a joint effort involving law enforcement agencies from 16 African countries, resulted in 651 arrests linked to online scam networks. The operation was carried out under the African Joint […]
Published: 2026-02-20T08:15:17
PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Android malware to exploit Google’s Gemini AI to maintain persistence. The malware can capture lockscreen data, block uninstallation attempts, collect device information, take screenshots, and record screen activity […]
Published: 2026-02-20T07:49:37
Germany’s national rail operator, Deutsche Bahn, suffered a major DDoS attack that disrupted booking and information systems for several hours. Germany’s rail operator Deutsche Bahn was hit by a large-scale DDoS attack that disrupted information and booking systems for several hours. The cyberattack affected IT operations, causing delays and service interruptions. At this time, the […]
Published: 2026-02-19T18:45:56
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first vulnerability added to the catalog is […]
Published: 2026-02-19T15:16:39
CISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that Honeywell CCTVs are affected by a critical authentication bypass flaw, tracked as CVE-2026-1670 (CVSS score of 9.8), that lets attackers change the recovery email without logging […]
Published: 2026-02-19T11:54:01
Ireland’s Data Protection Commission opened a probe into X over Grok AI tool allegedly generating sexual images, including of children. Ireland’s Data Protection Commission has launched another investigation into X over Grok’s AI image generator. The probe focuses on reports that the tool created large volumes of non-consensual and sexualized images, including content involving children, […]
Published: 2026-02-19T09:53:32
Amnesty reports Angolan journalist’s iPhone was infected by Intellexa’s Predator spyware via a WhatsApp link in May 2024. Amnesty International reports that in May 2024, Intellexa’s Predator spyware infected the iPhone of Teixeira C ndido, an Angolan journalist and press freedom advocate, after he opened a malicious link sent via WhatsApp. This incident highlights how attackers […]
Published: 2026-02-19T08:17:16
A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts using stolen credentials belonging to a government official, according to the French Economy Ministry. French authorities said affected account holders will be notified in the […]
Published: 2026-02-18T21:25:19