Distillation technique lets copycats mimic Gemini at a fraction of the development cost. On Thursday, Google announced that "commercially motivated" actors have attempted to c
Published: 2026-02-12T19:42:08
For now, it might not function outside of a lab Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept.
Published: 2026-02-19T16:04:52
You told me not to write it on a Post-it... Bork!Bork!Bork! Today's bork is entirely human-generated and will send a shiver down the spine of security pros. No matter how secure a system is, a user's ability to undo an administrator's best efforts s
Published: 2026-02-19T11:14:14
A hacker tricked a popular AI coding tool into installing OpenClaw - the viral, open-source AI agent OpenClaw that "actually does things" - absolutely everywhere. Funny as a stunt, but a sign of what to come as more and more people let autonomous software use their computers on their behalf. The hacker took advantage of […] 
A hacker tricked a popular AI coding tool into installing OpenClaw - the viral, open-source AI agent OpenClaw that "actually does things" - absolutely everywhere. Funny as a stunt, but a sign of what to come as more and more people let autonomous s...
Published: 2026-02-19T13:58:56
Texas Attorney General Ken Paxton is suing TP-Link over claims that the router-maker is misleading customers about its ties to China. In a lawsuit filed this week, Paxton claims TP-Link is "masking its Chinese connections," while serving as "an open window for Chinese-sponsored threat actors and Chinese intelligence agencies." TP-Link was founded in China, but […] 
Texas Attorney General Ken Paxton is suing TP-Link over claims that the router-maker is misleading customers about its ties to China. In a lawsuit filed this week, Paxton claims TP-Link is "masking its Chinese connections," while serving as "an ope...
Published: 2026-02-19T13:20:25
Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious link inside a Markdown file opened in Notepad," as reported earlier by The Register. Clicking the link […] 
Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious l...
Published: 2026-02-11T13:06:36
Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to Microsoft's announcement blog, marking a "generational refresh" of the security standard. Secure Boot was introduced in 2011 to protect […] Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to M...
Published: 2026-02-10T12:00:00
The ShinyHunters extortion group has published personal information in more than 12 million records allegedly stolen from CarGurus, a U.S.-based digital auto platform. [...]
Published: 2026-02-24T13:08:20
AI agents now provision infrastructure and approve actions, but many inherit over-scoped privileges without proper governance. Token Security explains why CISOs must treat agents as identities and add intent-based controls so access is granted only
Published: 2026-02-24T10:02:12
The ShinyHunters extortion gang has claimed responsibility for breaching Dutch telecommunications provider Odido and stealing millions of user records from its compromised systems. [...]
Published: 2026-02-24T06:40:20
North Korean state-backed hackers associated with the Lazarus threat group are targeting U.S. healthcare organizations in extortion attacks using the Medusa ransomware. [...]
Published: 2026-02-24T06:00:00
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users' sensitive medical information. [...]
Published: 2026-02-23T17:59:04
Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutions. [...]
Published: 2026-02-23T16:59:42
New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its systems in a voice phishing attack. [...]
Published: 2026-02-23T13:04:01
CISA flagged two Roundcube Webmail vulnerabilities as actively exploited in attacks and ordered U.S. federal agencies to patch them within three weeks. [...]
Published: 2026-02-23T06:44:21
Intellexa's Predator spyware can hide iOS recording indicators while secretly streaming camera and microphone feeds to its operators. [...]
Published: 2026-02-21T11:13:24
Written by: Peter Ukhanov, Daniel Sislo, Nick Harbour, John Scarbrough, Fernando Tomlinson, Jr., Rich Reece Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in
Published: 2026-02-17T14:00:00
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets custome... 
Published: 2026-02-20T20:00:30
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communic... 
Published: 2026-02-11T16:08:11
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers are already exploiting in the wild. Z... 
Published: 2026-02-10T21:49:53
Military officials say Europe is too dependent on U.S. tech to break away now. Military officials say Europe is too dependent on U.S. tech to break away now.
Published: 2026-02-24T20:20:19
The known size of the breach keeps growing. The known size of the breach keeps growing.
Published: 2026-02-24T18:55:25
SolarWinds + file transfer software = what attackers' dreams are made of If you run SolarWinds Serv-U, you should patch promptly. Four critical vulnerabilities in the file transfer software can allow attackers to execute code as root.
Published: 2026-02-24T19:55:07
New ransomware of choice, same critical targets North Korea's Lazarus Group appears to have added another tool to its kit. It has begun using Medusa ransomware in extortion attacks targeting at least one US healthcare organization and an unnamed victim in the Middle East, according to Symantec and Carbon Black threat hunters.
Published: 2026-02-24T18:25:04
When a one-line fix triggers thousands of PRs, something's off A Go library maintainer has urged developers to turn off GitHub's Dependabot, arguing that false positives from the dependency-scanning tool "reduce security by causing alert fatigue."
Published: 2026-02-24T16:31:13
Social media giant retorts it doesn't want to collect 'private' data, and plans to appeal The UK's data protection regulator has fined social media giant Reddit 14.47 million ($19.5 million) over its use of children's data.
Published: 2026-02-24T13:29:47
Public prosecutor mulls sentencing following investigations into two separate attacks Two South Korean teenagers were this week charged with breaching Seoul's public bike service, Ttareungyi.
Published: 2026-02-24T11:53:49
Visa applications down, executives emigrating, and AI blamed for the rest The number of international workers applying for a visa to work in the UK's tech sector dropped 11 percent between Q2 and Q3 2025, and was down 6 percent year-on-year, according to consultancy RSM UK.
Published: 2026-02-24T10:15:15
We like our surface-to-air weapons affordable Britain has joined a handful of European allies in a program to develop low-cost air defense systems, including autonomous drones or missiles, with project delivery of the first elements scheduled for as early as 2027.
Published: 2026-02-24T09:30:11
Not the first of its kind ai-pocalypse Anthropic sent the infosec community into a tizzy on Friday when it rolled out Claude Code Security, a new feature that scans codebases for vulnerabilities and suggests patches to fix the issues.
Published: 2026-02-23T19:50:01
Watchdogs warn models that can generate realistic images of people must comply with data protection laws A global coalition of privacy watchdogs has fired a warning shot at the generative AI industry, saying companies churning out realistic synthetic images can't pretend that data protection rules don't apply.
Published: 2026-02-23T16:03:38
Goal is to run software locally and stream only to owners' computers If the sour taste has still not left your mouth after Ring's Super Bowl ad, there is a $10,000 prize for anyone who can find a security flaw in the company's cameras.
Published: 2026-02-23T15:17:34
Quartet accused of attacking public institutions, claiming the government was responsible for 2024 tragedy Spanish police say four self-proclaimed members of Anonymous are in custody after allegedly carrying out several cyberattacks on public authorities in the wake of the 2024 DANA floods.
Published: 2026-02-23T12:26:30
Off-the-shelf tools helped Russian-speaking cybercrime group run riot Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS.
Published: 2026-02-23T11:41:47
The only good password is no password at all opinion Passwords turn 65 this year. They became a feature of computer users' lives in 1961, with MIT's Compatible Time-Sharing System (CTSS). Before then, sysops were real sysops. All jobs went through them, one at a time, and access by others was forbidden by laws written on blocks of stone.
Published: 2026-02-23T09:30:09
PLUS: Unpatched Ivanti boxes under attack; 0APT might not be a scam; AI gets better at helping cyber-scum; And more Infosec In Brief An unknown attacker accessed the French government's database listing every bank account in the country and made off with 1.2 million records.
Published: 2026-02-22T23:26:50
Confidential complainant details passed to local politician following debate A UK councillor has dubbed her local authority's data breach "crazy" after the personal details of individuals behind a series of complaints were revealed to her.
Published: 2026-02-22T09:34:09
About 100 customers affected PayPal has notified about 100 customers that their personal information was exposed online during a code change gone awry, and in a few of these cases, people saw unauthorized transactions on their accounts.
Published: 2026-02-20T22:10:32
4K unintended installs in very odd supply chain attack Someone compromised open source AI coding assistant Cline CLI's npm package earlier this week in an odd supply chain attack that secretly installed OpenClaw on developers' machines without their knowledge.
Published: 2026-02-20T20:05:10
What happens in Vegas Las Vegas hotel and casino giant Wynn Resorts appears to be the latest victim of data-grabbing and extortion gang ShinyHunters.
Published: 2026-02-20T18:27:23
Polish arrest leads to extradition and federal prison sentence Ukrainian national Oleksandr Didenko will spend the next five years behind bars in the US for his involvement in helping North Korean IT workers secure fraudulent employment.
Published: 2026-02-20T14:30:20
Attempt to go 'Made in EU' offers big tech escapees a reality check where lower cloud bills come with higher effort Building a startup entirely on European infrastructure sounds like a nice sovereignty flex right up until you actually try it and realize the real price gets paid in time, tinkering, and slowly unlearning a decade of GitHub muscle memory.
Published: 2026-02-20T14:06:08
Hardcoded credential flaw in RecoverPoint already abused in espionage campaign Uncle Sam's cyber defenders have given federal agencies just three days to patch a maximum-severity Dell bug that's been under active exploitation since at least mid-2024.
Published: 2026-02-20T12:13:10
Feds say trio conspired to siphon processor and cryptography IP, allegedly routing some data overseas Two former Google engineers and a third alleged accomplice are facing federal charges after prosecutors accused them of swiping sensitive chip and security technology secrets and then trying to cover their tracks when the scheme began to unravel.
Published: 2026-02-20T10:45:49
Appeals judge overrules lower tribunal in latest battle of ICO against a breached retail giant The UK's data protection watchdog has scored a small win in a lengthy legal battle against a British retail group that lost millions of data records during a 2017 breach.
Published: 2026-02-20T10:25:24
Skill at buzzword bingo also required as company seeks innovative and disruptive visionary The CEO of code review platform provider Snyk has announced he will stand down so the company can find someone better-equipped to steer the company into the age of AI.
Published: 2026-02-20T05:07:25
MIT CSAIL's 2025 AI Agent Index puts opaque automated systems under the microscope AI agents are becoming more common and more capable, without consensus or standards on how they should behave, say academic researchers.
Published: 2026-02-20T01:01:15
$300 a month buys you a backdoor that looks like legit software Researchers at Proofpoint late last month uncovered what they describe as a "weird twist" on the growing trend of criminals abusing remote monitoring and management software (RMM) as their preferred attack tools.
Published: 2026-02-19T23:46:21
FBI warns these cyber-physical attacks are on the rise Thieves stole more than $20 million from compromised ATMs last year using a malware-assisted technique that the FBI says is on the uptick across the United States.
Published: 2026-02-19T18:39:04
For now, it might not function outside of a lab Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept.
Published: 2026-02-19T16:04:52
Emails show all discussed networking and biz interests with the sex offender throughout the 2010s Cybersecurity conference DEF CON has added three men named in the Epstein files to its list of banned individuals. They are not accused of any criminal wrongdoing.
Published: 2026-02-19T13:23:08
'Why not 12?' says lawyer The UK is bracketing "intimate images shared without a victim's consent" along with terror and child sexual abuse material, and demanding that online platforms remove them within two days.
Published: 2026-02-19T11:32:02
You told me not to write it on a Post-it... Bork!Bork!Bork! Today's bork is entirely human-generated and will send a shiver down the spine of security pros. No matter how secure a system is, a user's ability to undo an administrator's best efforts should not be underestimated.
Published: 2026-02-19T11:14:14
Dell, however, is welcome to help build a local-language LLM Poland's Ministry of Defence has banned Chinese cars and any others include tech to record position, images, or sound from entering protected military facilities.
Published: 2026-02-19T05:55:25
'Potential data protection incident' at an 'independent licensing partner,' we're told Adidas has confirmed it is investigating a third-party breach at one of its partner companies after digital thieves claimed they stole information and technical data from the German sportswear giant.
Published: 2026-02-18T23:57:30
Latest in a rash of grab-and-leak data incidents updated CarGurus purportedly suffered a data breach with 1.7 million corporate records stolen, according to a notorious cybercrime crew that posted the online vehicle marketplace on its leak site on Wednesday.
Published: 2026-02-18T20:40:44
'First time we have detected a crime using this method,' cops say Spanish police arrested a hacker who allegedly manipulated a hotel booking website, allowing him to pay one cent for luxury hotel stays. He also raided the mini-bars and didn't settle some of those tabs, police say.
Published: 2026-02-18T18:31:14
State disputes the company's claim that its routers are made in Vietnam TP-Link is facing legal action from the state of Texas for allegedly misleading consumers with "Made in Vietnam" claims despite China-dominated manufacturing and supply chains, and for marketing its devices as secure despite reported firmware vulnerabilities exploited by Chinese state-sponsored actors.
Published: 2026-02-18T17:29:41
National rail bookings and timetables disrupted for nearly 24 hours If you wanted to book a train trip in Germany recently, you would have been out of luck. The country's national rail company says that its services were disrupted for hours because of a cyberattack.
Published: 2026-02-18T16:36:52
Seemingly complex strings are actually highly predictable, crackable within hours Generative AI tools are surprisingly poor at suggesting strong passwords, experts say.
Published: 2026-02-18T14:06:36
Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and effectively unexploitable."
Published: 2026-02-18T12:41:26
No worries if the US doesn't want to be friends with Europe anymore Lockheed Martin's F-35 fighter aircraft can be jailbroken "just like an iPhone," the Netherlands' defense secretary has claimed.
Published: 2026-02-18T12:11:15
CEO lauds security researchers, insists they're not 'inputs' HackerOne has clarified its stance on GenAI after researchers fretted their submissions were being used to train its models.
Published: 2026-02-18T11:00:07
Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next If enterprises are implementing AI, they re not showing it to Palo Alto Networks CEO Nikesh Arora, who on Tuesday said business adoption of the tech lags consumer take-up by at least a couple of years except for coding assistants.
Published: 2026-02-18T04:52:07
Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.
Published: 2026-02-18T00:05:58
Plus 3 new goon squads targeted critical infrastructure last year Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Dragos' annual threat report published on Tuesday.
Published: 2026-02-17T21:45:14
Keep behavioral tracking American? PC giant says the claim is 'false' A US law firm has accused Lenovo of violating Justice Department strictures about the bulk transfer of data to foreign adversaries, namely China.
Published: 2026-02-17T13:42:03
Police say seized kit contained logins, passwords, and server IP addresses Polish police have arrested and charged a man over ties to the Phobos ransomware group following a property raid.
Published: 2026-02-17T13:14:33
Digital burglaries remain routine, and data shows most corps still don't stick to basic infosec standards Britain is telling businesses to "lock the door" on cybercrims as new government data suggests most still haven't even found the latch.
Published: 2026-02-17T11:30:15
Social media platform's legal eagles prepare to fight ever-growing number of countries The Irish Data Protection Commission (DPC) is the latest regulator to open an investigation into Elon Musk's X following repeated reports of harmful image generation by the platform's Grok AI chatbot.
Published: 2026-02-17T11:08:36
Top brass splash cash on acoustic targeting, hypersonic missiles and Red Hat Keir Starmer could ramp up the UK's defense spending plans faster than planned as the MoD reeled off new purchases for Britain's armed forces.
Published: 2026-02-17T09:14:00
Fashion brand latest to succumb to ShinyHunters' tricks Canada Goose says an advertised breach of 600,000 records is an old raid and there are no signs of a recent compromise.
Published: 2026-02-16T18:01:07
Plus: The cybersecurity community grapples with Epstein files revelations, the US State Department plans an online anti-censorship “portal” for the world, and more.
Published: 2026-02-21T11:30:00
Following increased surveillance and patrols of routes used by transnational drug-trafficking networks, Mexican authorities have seized approximately 10 tons of cocaine in the past week alone.
Published: 2026-02-21T10:00:00
Homeland Security aims to combine its face and fingerprint systems into one big biometric platform after dismantling centralized privacy reviews and key limits on face recognition.
Published: 2026-02-20T20:03:23
Comments and other data left on a PDF detailing Homeland Security’s proposal to build “mega” detention and processing centers reveal the personnel involved in its creation.
Published: 2026-02-20T18:27:39
Documents say customs officers in the US Virgin Islands had friendly relationships with Epstein years after his 2008 conviction, showing how the infamous sex offender tried to cultivate allies.
Published: 2026-02-20T03:29:17
The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon without breaking the hardware.
Published: 2026-02-20T01:12:25
A staffer of the Incognito dark web market was secretly controlled by the FBI and still allegedly approved the sale of fentanyl-tainted pills, including those from a dealer linked to a confirmed death.
Published: 2026-02-19T23:18:09
From threat modeling to encrypted collaboration apps, we’ve collected experts’ tips and tools for safely and effectively building a group even while being targeted and tracked by the powerful.
Published: 2026-02-19T10:00:00
A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals appear to have not yet exploited.
Published: 2026-02-18T17:22:10
Fears over a drug cartel drone over Texas sparked a recent airspace shutdown in El Paso and New Mexico, highlighting just how tricky it can be to deploy anti-drone weapons near cities.
Published: 2026-02-16T11:30:00
Plus: Meta plans to add face recognition to its smart glasses, Jared Kushner named as part of whistleblower’s mysterious national security complaint, and more.
Published: 2026-02-14T11:30:00
The Mexican city of Guadalupe, which will host portions of the 2026 World Cup, recently showed off four new robot dogs that will help provide security during matches at BBVA Stadium.
Published: 2026-02-14T10:00:00
The use of cryptocurrency in sales of human beings for prostitution and scam compounds nearly doubled in 2025, according to a conservative estimate. Many of the deals are happening in plain sight.
Published: 2026-02-12T13:00:00
Petitions demanding people get the chance to be released from ICE custody have overwhelmed courts throughout the US.
Published: 2026-02-11T21:23:51
US Border Patrol intelligence units will gain access to a face recognition tool built on billions of images scraped from the internet.
Published: 2026-02-11T16:32:27
The last major nuclear arms treaty between the US and Russia just expired. Some experts believe a combination of satellite surveillance, AI, and human reviewers can take its place. Others, not so much.
Published: 2026-02-09T11:30:00
After more than 15 years of draconian measures, culminating in an ongoing internet shutdown, the Iranian regime seems to be staggering toward its digital surveillance endgame.
Published: 2026-02-09T11:00:00
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure. "Attackers can craft hidden instructions inside a
Published: 2026-02-25T00:22:00
A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities supporting the war-torn nation. The activity, which targeted an unnamed entity involved in regional
Published: 2026-02-24T19:51:00
Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, hygiene, business context, and intent. Any one of these can perhaps be
Published: 2026-02-24T17:28:00
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom's threat intelligence division said it also identified the same threat actors mounting an unsuccessful attack against a healthcare
Published: 2026-02-24T17:22:00
The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and MarsSnake, according to a report published by Positive Technologies last week. "The group used several
Published: 2026-02-24T15:24:00
Anthropic on Monday said it identified "industrial-scale campaigns" mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude's capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its terms
Published: 2026-02-24T11:34:00
The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed Operation MacroMaze. "The campaign relies on basic tooling and the exploitation of legitimate services
Published: 2026-02-24T01:11:00
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. "Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated, multi-stage infection prioritizing maximum cryptocurrency mining hashrate, often destabilizing the victim
Published: 2026-02-23T23:29:00
Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are familiar. Across devices, cloud services, research labs, and even everyday apps, the line between normal behavior and hidden risk keeps getting thinner. Tools
Published: 2026-02-23T18:30:00
As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that serves, connects and automates the model. Each new LLM endpoint expands the attack surface, often in
Published: 2026-02-23T17:28:00
Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft. The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious code embedded
Published: 2026-02-23T15:50:00
The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and individuals mainly located across the Middle East and North Africa (MENA) region as part of a new campaign codenamed Operation Olalampo. The activity, first observed on January 26, 2026, has resulted in the deployment of new malware families that share
Published: 2026-02-23T12:55:00
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026. "No exploitation of FortiGate
Published: 2026-02-21T20:19:00
Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers. "It scans codebases for security vulnerabilities and suggests targeted
Published: 2026-02-21T13:28:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-49113 (CVSS score: 9.9) - A deserialization of untrusted data vulnerability that allows remote code
Published: 2026-02-21T12:51:00
With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4 help close the gap between AI adoption and workforce readiness. EC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite,
Published: 2026-02-21T10:00:00
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the
Published: 2026-02-20T21:15:00
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months. "On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI
Published: 2026-02-20T19:50:00
Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). "The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stage
Published: 2026-02-20T17:25:00
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk. For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are
Published: 2026-02-20T16:00:00
A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea's fraudulent information technology (IT) worker scheme. In November 2025, Oleksandr "Alexander" Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT workers to help them land
Published: 2026-02-20T15:22:00
The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading to losses of more than $20 million in 2025. The agency said 1,900 ATM jackpotting incidents have been reported since 2020, out of which 700 took place last year. In December 2025, the U.S. Department of Justice (DoJ) said about $40.73 million has been collectively
Published: 2026-02-20T13:35:00
Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran. Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor Ghandali, 32, have been accused
Published: 2026-02-20T10:57:00
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots,
Published: 2026-02-19T23:22:00
An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment
Published: 2026-02-19T23:20:00
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud. The high-severity vulnerability, tracked as CVE-2026-26119, carries a
Published: 2026-02-19T23:10:00
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries often all at the same time. Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to think about exposure, response, and preparedness right now
Published: 2026-02-19T20:05:00
We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay down during a slower cycle. In 2026, “Eventually” is Now But today, within minutes, AI-powered
Published: 2026-02-19T17:25:00
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that's designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. "This new threat, while
Published: 2026-02-19T15:54:00
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct information theft and long-term espionage. The Acronis Threat Research Unit (TRU) said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan (RAT) and
Published: 2026-02-19T13:43:00
New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident's phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs & Public
Published: 2026-02-18T23:00:00
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer overflow that could result in remote code
Published: 2026-02-18T22:05:00
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and
Published: 2026-02-18T18:46:00
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability: AI-driven threats that adapt in real time, expanding
Published: 2026-02-18T17:28:00
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials
Published: 2026-02-18T16:02:00
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comes
Published: 2026-02-18T16:00:00
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design that aims to make the update process "robust and effectively unexploitable." This includes verification
Published: 2026-02-18T13:10:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 (CVSS score: 8.8) - A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap
Published: 2026-02-18T12:22:00
Cloud attacks move fast faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins. Cloud forensics is fundamentally
Published: 2026-02-18T00:38:00
Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok
Published: 2026-02-17T23:38:00
A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build phase.
Published: 2026-02-17T22:11:00
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Server a tool that connects AI assistants to Oura Ring health data and built a deceptive
Published: 2026-02-17T18:12:00
My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (NDR) system. My goal was to understand how NDR is used in hunting and incident response, and how it fits into the daily workflow of a Security Operations Center (SOC). Corelight’s Investigator software, part of its Open NDR Platform, is
Published: 2026-02-17T17:00:00
New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the "Summarize with AI" button that's being increasingly placed on websites in ways that mirror classic search engine poisoning (SEO). The new AI hijacking technique has been codenamed AI Recommendation Poisoning by the Microsoft Defender Security Research Team. The tech giant
Published: 2026-02-17T15:01:00
Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption (E2EE) in Rich Communications Services (RCS) messages. The feature is currently available for testing in iOS and iPadOS 26.4 Beta, and is expected to be shipped to customers in a future update for iOS, iPadOS, macOS, and watchOS. "End-to-end encryption is in beta and is not available for all
Published: 2026-02-17T12:14:00
Cybersecurity researchers disclosed they have detected a case of an information stealer infection successfully exfiltrating a victim's OpenClaw (formerly Clawdbot and Moltbot) configuration environment. "This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the 'souls' and identities of personal AI [
Published: 2026-02-17T00:13:00
A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks range in severity from integrity violations to the complete compromise of all vaults in an organization," researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson said.
Published: 2026-02-16T23:36:00
This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path
Published: 2026-02-16T18:25:00
Technologies are evolving fast, reshaping economies, governance, and daily life. Yet, as innovation accelerates, so do digital risks. Technological change is no longer abstract for such a country as Lithuania, as well. From e-signatures to digital health records, the country depends on secure systems. Cybersecurity has become not only a technical challenge but a societal one demanding
Published: 2026-02-16T17:25:00
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spyware
Published: 2026-02-16T15:54:00
SolarWinds addressed four critical Serv-U vulnerabilities that could let attackers gain root access to unpatched servers. SolarWinds released updates fixing four critical Serv-U vulnerabilities that allow remote code execution, potentially giving attackers full root access on unpatched servers. Serv-U is a file transfer server software that allows organizations to securely transfer files over networks using […]
Published: 2026-02-24T20:07:24
Broadcom patched multiple VMware Aria Operations flaws, including high-severity issues that could enable remote code execution. Broadcom has released security updates to address multiple vulnerabilities affecting VMware Aria Operations. VMware Aria Operations is an IT operations management platform that helps organizations monitor and optimize virtual, cloud, and hybrid environments. It provides performance monitoring, capacity planning, […]
Published: 2026-02-24T15:02:03
Arkanix Stealer surfaced in late 2025 as a short-lived info-stealer, likely built as an AI-assisted experiment and quickly abandoned. Arkanix Stealer emerged in late 2025 as a short-lived information-stealing malware promoted on dark web forums. Researchers believe it was likely created as an AI-assisted experiment, suggesting the operators were testing automated development techniques rather than […]
Published: 2026-02-24T10:52:56
Russia-linked APT28 targeted European entities with a webhook-based macro malware campaign called Operation MacroMaze. Russia-linked APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) launched Operation MacroMaze, targeting select entities in Western and Central Europe from September 2025 to January 2026. The campaign used webhook-based macro malware, leveraging simple tools and legitimate services for infrastructure and data […]
Published: 2026-02-24T09:10:39
Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of […]
Published: 2026-02-24T08:37:25
A wormable cryptojacking campaign spreads via pirated software, using BYOVD and a time-based logic bomb to deploy a custom XMRig miner. Researchers uncovered a wormable cryptojacking campaign that spreads through pirated software bundles to deploy a custom XMRig miner. The attack uses a BYOVD exploit and a time-based logic bomb to evade detection and maximize […]
Published: 2026-02-23T18:36:09
A Romanian man pleaded guilty to selling admin access to Oregon’s state network for $3,000 in Bitcoin and repeatedly accessing it to prove control. Catalin Dragomir (45) from Romania, pleaded guilty in the U.S. for selling unauthorized admin access to an Oregon state emergency management network. He gained access in June 2021, advertised it, and […]
Published: 2026-02-23T14:43:49
Attackers are exploiting CVE-2026-1731 in BeyondTrust RS and PRA to deploy VShell, gain persistence, move laterally, and control compromised systems. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). The flaw is being used to conduct a wide […]
Published: 2026-02-23T12:09:32
A Russian-speaking cybercriminal used commercial generative AI tools to hack over 600 FortiGate devices across 55 countries. Amazon Threat Intelligence reports that a Russian-speaking, financially motivated threat actor used commercial generative AI services to compromise more than 600 FortiGate devices in 55 countries. The activity, observed between January 11 and February 18, 2026, highlights how […]
Published: 2026-02-23T10:39:40
Anthropic launches Claude Code Security, an AI tool that scans code for vulnerabilities and suggests how to address them. Anthropic has introduced Claude Code Security, a new AI-powered service designed to scan software codebases for vulnerabilities and recommend fixes. Built into Claude Code, the tool aims to help teams detect and remediate security flaws faster. […]
Published: 2026-02-23T00:11:55