Distillation technique lets copycats mimic Gemini at a fraction of the development cost. On Thursday, Google announced that "commercially motivated" actors have attempted to c
Published: 2026-02-12T19:42:08
Incident is at least the third time the exchange has been targeted by thieves. Open source packages published on the npm and PyPI repositories were laced with code that stole
Published: 2026-02-06T22:16:51
The window to patch vulnerabilities is shrinking rapidly. Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compro
Published: 2026-02-04T23:08:04
We don't need self-replicating AI models to have problems, just self-replicating prompts. On November 2, 1988, graduate student Robert Morris released a self-replicating progr
Published: 2026-02-03T12:00:01
Suspected China-state hackers used update infrastructure to deliver backdoored version. Infrastructure delivering updates for Notepad++ a widely used text editor for Windows w
Published: 2026-02-02T20:30:56
Settlement comes more than 6 years after Gary DeMercurio and Justin Wynn's ordeal began. Two security professionals who were arrested in 2019 after performing an authorized se
Published: 2026-01-29T18:30:52
Flaw abused 'in an extremely sophisticated attack against specific targeted individuals' Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an "extremely sophisticated attack" against targeted
Published: 2026-02-12T14:01:13
'Claude DXT's container falls noticeably short of what is expected from a sandbox' LayerX, a security company based in Tel Aviv, says it has identified a zero-click remote code execution vulnerability in Claude Desktop Extensions that can be triggere
Published: 2026-02-11T00:24:51
Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you're feeling bold, chat for you in a messaging app. But beware: attackers can use malicious prompts
Published: 2026-02-10T17:55:12
More prompts when apps and agents roam around a user's system Updated Microsoft is introducing a raft of Windows security features that users and administrators alike might assume are already part of the operating system.
Published: 2026-02-10T15:05:34
Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious link inside a Markdown file opened in Notepad," as reported earlier by The Register. Clicking the link […] 
Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious l...
Published: 2026-02-11T13:06:36
Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to Microsoft's announcement blog, marking a "generational refresh" of the security standard. Secure Boot was introduced in 2011 to protect […] Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to M...
Published: 2026-02-10T12:00:00
Substack is notifying some users that the email addresses and phone numbers linked to their accounts were exposed in a "security incident" last year. In an email to account holders, Substack CEO Chris Best said that a hacker had accessed internal data without authorization in October 2025, but that passwords, credit card numbers, and other […] 
Substack is notifying some users that the email addresses and phone numbers linked to their accounts were exposed in a "security incident" last year. In an email to account holders, Substack CEO Chris Best said that a hacker had accessed internal d...
Published: 2026-02-05T05:55:06
OpenClaw, the AI agent that has exploded in popularity over the past week, is raising new security concerns after researchers uncovered malware in hundreds of user-submitted "skill" add-ons on its marketplace. In a post on Monday, 1Password product VP Jason Meller says OpenClaw's skill hub has become "an attack surface," with the most-downloaded add-on serving […] 
OpenClaw, the AI agent that has exploded in popularity over the past week, is raising new security concerns after researchers uncovered malware in hundreds of user-submitted "skill" add-ons on its marketplace. In a post on Monday, 1Password product...
Published: 2026-02-04T14:03:38
Microsoft has a new head of security. Hayete Gallot, who left Microsoft in October 2024 to become the president of Google Cloud's customer experience, is returning to the software giant as the executive vice president of security, reporting directly to CEO Satya Nadella. The move means Charlie Bell, formerly Microsoft's security chief, is taking on […] 
Microsoft has a new head of security. Hayete Gallot, who left Microsoft in October 2024 to become the president of Google Cloud's customer experience, is returning to the software giant as the executive vice president of security, reporting directl...
Published: 2026-02-04T12:27:30
Users of the text and code editor Notepad++ may have unknowingly downloaded a malicious update for the app after its shared hosting servers were hijacked last year. On Monday, the app's developer, Don Ho, posted an update on the attack with more details, including that the hackers were "likely a Chinese state-sponsored group" and that […] 
Users of the text and code editor Notepad++ may have unknowingly downloaded a malicious update for the app after its shared hosting servers were hijacked last year. On Monday, the app's developer, Don Ho, posted an update on the attack with more de...
Published: 2026-02-02T15:43:27
An open-source AI agent called OpenClaw (formerly known as both Clawdbot and Moltbot) that runs on your own computer and “actually does things” is taking off inside tech circles. Users interact with OpenClaw via messaging apps like WhatsApp, Telegram, Signal, Discord, and iMessage, giving it the keys to operate independently, managing reminders, writing emails, or […] 
An open-source AI agent called OpenClaw (formerly known as both Clawdbot and Moltbot) that runs on your own computer and “actually does things” is taking off inside tech circles. Users interact with OpenClaw via messaging apps like What...
Published: 2026-02-02T10:47:39
Dutch telecommunications provider Odido is warning that it suffered a cyberattack that reportedly exposed the personal data of 6.2 million customers. [...]
Published: 2026-02-12T13:18:14
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files without authentication. [...]
Published: 2026-02-12T12:09:41
Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to systematically probe models and replicate their log
Published: 2026-02-12T02:00:00
Apple has released security updates to fix a zero-day vulnerability that was exploited in an "extremely sophisticated attack" targeting specific individuals. [...]
Published: 2026-02-11T20:06:05
A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment. [...]
Published: 2026-02-11T14:29:14
Cyber resilience means anticipating threats, detecting them early, and recovering fast when incidents occur. Wazuh shows how its open source SIEM and XDR unify visibility, detection, and automated response to strengthen proactive defense. [...]
Published: 2026-02-11T12:40:28
A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware. [...]
Published: 2026-02-11T12:02:29
A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. [...]
Published: 2026-02-10T18:09:48
There has been a lot of architecture news coming out of Saudi Arabia recently, little of which has been good. Now the jewel in the crown of the desert kingdom's ongoing transformation, the Line, appears to be facing a major rethink.Continue ReadingCa...
Published: 2026-02-07T15:03:00
Introduction Mandiant has identified an expansion in threat activity that uses tactics, techniques, and procedures (TTPs) consistent with prior ShinyHunters-branded extortion operations. These operations primarily leverage sophisticated voice phish
Published: 2026-01-30T14:00:00
Introduction Mandiant is tracking a significant expansion and escalation in the operations of threat clusters associated with ShinyHunters-branded extortion. As detailed in our companion report, 'Vishing for Access: Tracking the Expansion of ShinyHu
Published: 2026-01-30T14:00:00
As if snooping on your workers wasn't bad enough Your supervisor may like using employee monitoring apps to keep tabs on you, but crims like the snooping software even more. Threat actors are now using legit bossware to blend into corporate networks and attempt ransomware deployment.
Published: 2026-02-12T20:07:13
Flaw abused 'in an extremely sophisticated attack against specific targeted individuals' Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an "extremely sophisticated attack" against targeted individuals.
Published: 2026-02-12T14:01:13
Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking breaches, credential theft, and ransomware into a "self-reinforcing" ecosystem, researchers say.
Published: 2026-02-12T11:59:09
Whoever gets it will steer UK department's IT, AI strategy, and megabucks vendor deals The UK Ministry of Defence (MoD) is offering between 270,000 to 300,000 for a senior digital leader who will oversee more than 4.6 billion in spending and more than 3,000 specialist staff.
Published: 2026-02-12T10:15:12
Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.
Published: 2026-02-12T07:00:08
Businesses are embedding prompts that produce content they want you to read, not the stuff AI makes if left to its own devices Amid its ongoing promotion of AI's wonders, Microsoft has warned customers it has found many instances of a technique that manipulates the technology to produce biased advice.
Published: 2026-02-12T01:07:06
Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says They know where you've been and they're going to share it. A security researcher has identified 287 Chrome extensions that allegedly exfiltrate browsing history data for an estimated 37.4 million installations.
Published: 2026-02-11T21:23:08
The more you share online, the more you open yourself to social engineering If you've seen the viral AI work pic trend where people are asking ChatGPT to "create a caricature of me and my job based on everything you know about me" and sharing it to social, you might think it's harmless. You'd be wrong.
Published: 2026-02-11T18:56:40
Curious port filtering and traffic patterns suggest advisories weren't the earliest warning signals sent Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise.
Published: 2026-02-11T15:41:47
Attackers using social engineering to exploit business processes, rather than tunnelling in via tech Exclusive When fraudsters go after people's paychecks, "every employee on earth becomes a target," according to Binary Defense security sleuth John Dwyer.
Published: 2026-02-11T13:00:14
Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).
Published: 2026-02-11T11:31:03
UK government grilled over progress made to prevent a second life-threatening leak Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.
Published: 2026-02-11T09:30:07
Roses are red, violets are blue ... now get patching What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February's Patch Tuesday.
Published: 2026-02-10T22:10:32
Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you're feeling bold, chat for you in a messaging app. But beware: attackers can use malicious prompts in chat to trick an AI agent into generating a data-leaking URL, which link previews may fetch automatically.
Published: 2026-02-10T17:55:12
Operation Cyber Guardian involved 100-plus staff across government and industry Singapore spent almost a year flushing a suspected China-linked espionage crew out of its telecom networks in what officials describe as the country's largest cyber defense operation to date.
Published: 2026-02-10T13:43:28
HR outsourcer Conduent confirms intruders accessed benefits-related records tied to US personnel Nearly 17,000 Volvo employees had their personal data exposed after cybercriminals breached Conduent, an outsourcing giant that handles workforce benefits and back-office services.
Published: 2026-02-10T11:09:10
Troops fitted with new comms kit as part of Project ASGARD British soldiers are to get an array of AI-ready kit that should mean they don't have to wait to see the "whites of their eyes" before pulling the trigger.
Published: 2026-02-10T10:00:12
So many CVEs, so little time Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege credentials, according to Microsoft researchers.
Published: 2026-02-09T21:54:56
By default, the bot listens on all network interfaces, and many users never change it It's a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster.
Published: 2026-02-09T17:23:30
Staff data belonging to the regulator and judiciary's governing body accessed The Dutch Data Protection Authority (AP) says it was one of the many organizations popped when attackers raced to exploit recent Ivanti vulnerabilities as zero-days.
Published: 2026-02-09T14:50:37
Moving 40% of semiconductor production to America is 'impossible' says vice premier Taiwan's vice-premier has ruled out relocating 40 percent of the country's semiconductor production to the US, calling the Trump administration's goal "impossible."
Published: 2026-02-09T14:02:53
Security devs forced to hide Boolean logic from overeager optimizer FOSDEM 2026 The creators of security software have encountered an unlikely foe in their attempts to protect us: modern compilers.
Published: 2026-02-09T12:07:02
Average Swiss salaries dwarf those on offer across the rest of the continent European techies looking for the biggest payday are far better off in Switzerland than anywhere else, with average salaries eclipsing all other countries on the continent.
Published: 2026-02-09T11:42:13
Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity Brussels is digging into a cyber break-in that targeted the European Commission's mobile device management systems, potentially giving intruders a peek inside the official phones carried by EU staff.
Published: 2026-02-09T10:37:47
PLUS: China broadens cryptocurrency crackdown; Australian facial recognition privacy revisited; Singapore debuts electric VTOL; and more! Asia In Brief The Commissioner of Police in the Indian city of Hyderabad, population 11 million, has called for AI agents to be issued with identity cards or at least their digital equivalent.
Published: 2026-02-09T04:08:59
PLUS: OpenClaw teams with VirusTotal; Crypto kidnappings in France; Critical vulns at SmarterMail; And more Infosec In Brief So-hot-right-now AI assistant OpenClaw, which is very much not secure right now, has teamed up with security scanning service VirusTotal.
Published: 2026-02-08T22:25:30
Research shows productivity and judgment peak decades after graduation A growing body of research continues to show that older workers are generally more productive than younger employees.
Published: 2026-02-07T12:30:13
Attackers may have snapped user locations and activity information, message warns Legacy image-sharing website Flickr suffered a data breach, according to customer emails seen by The Register.
Published: 2026-02-06T16:56:29
UK leaps to sixth in global flood charts as mega-swarm unleashes 31.4 Tbps Yuletide pummeling Cloudflare says DDoS crews ended 2025 by pushing traffic floods to new extremes, while Britain made an unwelcome leap of 36 places to become the world's sixth-most targeted location.
Published: 2026-02-06T16:36:49
The end isn't nigh after all Chrome's latest revision of its browser extension architecture, known as Manifest v3 (MV3), was widely expected to make content blocking and privacy extensions less effective than its predecessor, Manifest v2 (MV2).
Published: 2026-02-06T00:39:52
Skills marketplace is full of stuff - like API keys and credit card numbers - that crims will find tasty Another day, another vulnerability (or two, or 200) in the security nightmare that is OpenClaw.
Published: 2026-02-05T23:32:52
Contact details were accessed in an intrusion that went undetected for months, the blogging outfit says Newsletter platform Substack has admitted that an intruder swiped user contact details months before the company noticed, forcing it to warn writers and readers that their email addresses and other account metadata were accessed without permission.
Published: 2026-02-05T19:54:18
And their toolkit includes a new, Linux kernel rootkit A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage campaign, according to security researchers.
Published: 2026-02-05T19:21:33
Breach-tracking site flags dataset following impersonation-based intrusion Breach-tracking site Have I Been Pwned (HIBP) claims a cyberattack on Betterment affected roughly 1.4 million users although the investment company has yet to publicly confirm how many customers were affected by January's intrusion.
Published: 2026-02-05T16:25:00
Right on cue, petulant hacktivists attempt to disrupt yet another global sporting event Italy's foreign minister says the country has already started swatting away cyberattacks from Russia targeting the Milano Cortina Winter Olympics.
Published: 2026-02-05T11:49:35
Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes.
Published: 2026-02-05T11:38:13
Businesses still chase the cheapest option, but politics and licensing shocks are changing priorities, says OpenNebula Systems Interview Sovereignty remains a hot topic in the tech industry, but interpretations of what it actually means and how much it matters vary widely between organizations and sectors. While public bodies are often driven by regulation and national policy, the private sector tends to take a more pragmatic, cost-focused view.
Published: 2026-02-05T11:00:08
It's a threat straight out of sci-fi, and fiendishly hard to detect Sleeper agent-style backdoors in AI large language models pose a straight-out-of-sci-fi security threat.
Published: 2026-02-05T07:32:12
Picks chap who used to lead Redmond's security, lures replacement from Google Microsoft CEO Satya Nadella has decided Microsoft needs an engineering quality czar, and shifted Charlie Bell, the company's executive veep for security, into the new role.
Published: 2026-02-05T05:46:17
LLMs automated most phases of the attack UPDATED A digital intruder broke into an AWS cloud environment and in just under 10 minutes went from initial access to administrative privileges, thanks to an AI speed assist.
Published: 2026-02-04T21:09:42
US agencies told to patch by Friday Attackers are exploiting a critical SolarWinds Web Help Desk bug - less than a week after the vendor disclosed and fixed the 9.8-rated flaw. That's according to America's lead cyber-defense agency, which set a Friday deadline for federal agencies to patch the security flaw.
Published: 2026-02-04T18:15:16
Gang walks away with nothing, victims are left with irreparable hypervisors Cybersecurity experts usually advise victims against paying ransomware crooks, but that advice goes double for those who have been targeted by the Nitrogen group. There's no way to get your data back from them!
Published: 2026-02-04T13:50:49
Affected police officers squeezed mental health services, relocated over safety fears Police Service of Northern Ireland (PSNI) employees who had their details exposed in a significant 2023 data breach will each receive 7,500 ($10,279) as part of a universal offer of compensation.
Published: 2026-02-04T11:41:59
As analyst house Gartner declares AI tool comes with unacceptable cybersecurity risk and urges admins to snuff it out If you re brave enough to want to run the demonstrably insecure AI assistant OpenClaw, several clouds have already started offering it as a service.
Published: 2026-02-04T05:28:12
Don't relax: This is a 'when, not if' scenario AI agents and other systems can't yet conduct cyberattacks fully on their own but they can help criminals in many stages of the attack chain, according to the International AI Safety report.
Published: 2026-02-03T23:57:55
Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux machines, and yet the in-the-wild attacks still haven't received the "broad public acknowledgement" that they should, according to security researchers.
Published: 2026-02-03T19:01:03
GreyNoise's Glenn Thorpe counts the cost of missed opportunities On 59 occasions throughout 2025, the US Cybersecurity and Infrastructure Security Agency (CISA) silently tweaked vulnerability notices to reflect their use by ransomware crooks. Experts say that's a problem.
Published: 2026-02-03T17:17:16
Algorithmic bias probe continues, CEO and former boss summoned to defend the platform's corner French police raided Elon Musk's X offices in Paris this morning as part of a criminal investigation into alleged algorithmic manipulation by foreign powers.
Published: 2026-02-03T13:09:08
Azure Storage now requires version 1.2 or newer for encrypted connections Today is the day Azure Storage stops supporting versions 1.0 and 1.1 of Transport Layer Security (TLS). TLS 1.2 is the new minimum.
Published: 2026-02-03T12:59:03
DDoSer of 'strategically important' websites admitted to most charges Polish authorities have cuffed a 20-year-old man on suspicion of carrying out DDoS attacks.
Published: 2026-02-03T12:34:17
The use of cryptocurrency in sales of human beings for prostitution and scam compounds nearly doubled in 2025, according to a conservative estimate. Many of the deals are happening in plain sight.
Published: 2026-02-12T13:00:00
Petitions demanding people get the chance to be released from ICE custody have overwhelmed courts throughout the US.
Published: 2026-02-11T21:23:51
US Border Patrol intelligence units will gain access to a face recognition tool built on billions of images scraped from the internet.
Published: 2026-02-11T16:32:27
The last major nuclear arms treaty between the US and Russia just expired. Some experts believe a combination of satellite surveillance, AI, and human reviewers can take its place. Others, not so much.
Published: 2026-02-09T11:30:00
After more than 15 years of draconian measures, culminating in an ongoing internet shutdown, the Iranian regime seems to be staggering toward its digital surveillance endgame.
Published: 2026-02-09T11:00:00
Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more.
Published: 2026-02-07T11:30:00
The government has withheld details of the investigation of Renee Good’s killing but an unrelated case involving the ICE agent who shot her could force new revelations.
Published: 2026-02-06T22:14:45
ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that and only got approved after DHS abandoned its own privacy rules.
Published: 2026-02-05T20:28:34
Suspected Chinese state-backed hackers hijacked the Notepad++ update infrastructure to deliver a backdoored version of the popular free source code editor and note-taking app for Windows.
Published: 2026-02-04T19:52:59
Two agents involved in the shooting deaths of US citizens in Minneapolis are reportedly part of highly militarized DHS units whose extreme tactics are generally reserved for war zones.
Published: 2026-02-03T19:52:29
A new report from the Public Service Alliance finds state privacy laws offer public servants few ways to protect their private data, even as threats against them are on the rise.
Published: 2026-02-03T11:00:00
The influx of security personnel from around the world is sparking concern among Italians ahead of the Milano Cortina Olympic Games.
Published: 2026-02-02T11:00:00
Plus: AI agent OpenClaw gives cybersecurity experts the willies, China executes 11 scam compound bosses, a $40 million crypto theft has an unexpected alleged culprit, and more.
Published: 2026-01-31T11:30:00
Filming federal agents in public is legal, but avoiding a dangerous even deadly confrontation isn’t guaranteed. Here’s how to record ICE and CBP agents as safely as possible and have an impact.
Published: 2026-01-31T10:30:00
WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere.
Published: 2026-01-29T18:04:13
AI chat toy company Bondu left its web console almost entirely unprotected. Researchers who accessed it found nearly all the conversations children had with the company’s stuffed animals.
Published: 2026-01-29T17:00:00
ICE has been using an AI-powered Palantir system to summarize tips sent to its tip line since last spring, according to a newly released Homeland Security document.
Published: 2026-01-28T21:40:18
Immigration agents have used Mobile Fortify to scan the faces of countless people in the US including many citizens.
Published: 2026-01-28T20:17:15
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks. "The
Published: 2026-02-12T23:27:00
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025. "
Published: 2026-02-12T22:25:00
Threat activity this week shows one consistent signal attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight. Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromise
Published: 2026-02-12T17:21:00
A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point
Published: 2026-02-12T16:00:00
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346
Published: 2026-02-12T13:02:00
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple's Dynamic Link Editor. Successful exploitation of the vulnerability could allow an
Published: 2026-02-12T11:09:00
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fake Microsoft login page, stealing over 4,000 credentials in the process. The activity has been
Published: 2026-02-11T23:15:00
Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which are often
Published: 2026-02-11T20:22:00
It's Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. Elsewhere
Published: 2026-02-11T18:58:00
Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work in controlled environments. The issue is not the applications themselves, but how they are often
Published: 2026-02-11T17:00:00
Microsoft on Tuesday released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild. Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity. Twenty-five of the patched vulnerabilities have been classified as privilege escalation, followed by remote code
Published: 2026-02-11T15:52:00
Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat (IRC) communication protocol for command-and-control (C2) purposes. "The toolset blends stealth helpers with legacy-era Linux exploitation: Alongside log cleaners (utmp/wtmp/lastlog tampering) and rootkit-class artifacts, the actor keeps a large back-catalog of
Published: 2026-02-11T15:26:00
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. "The intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generated
Published: 2026-02-11T12:20:00
The information technology (IT) workers associated with the Democratic People's Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they're impersonating, marking a new escalation of the fraudulent scheme. "These profiles often have verified workplace emails and identity badges, which DPRK operatives hope will make their fraudulent
Published: 2026-02-10T23:14:00
Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense evasion purposes within the ransomware payload itself. BYOVD refers to an adversarial technique that abuses legitimate but flawed driver software to escalate privileges and disable Endpoint Detection
Published: 2026-02-10T20:06:00
Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them? According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and mapped 15.5 million adversarial actions observed across 2025, attackers are no longer optimizing for
Published: 2026-02-10T19:29:00
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. "An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiClientEMS may
Published: 2026-02-10T19:00:00
January 5, 2026, Seattle, USA ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates in security tools and making every alert
Published: 2026-02-10T17:10:00
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer, Derek Curtis, said. "Prior to the breach, we had approximately 30 servers/VMs
Published: 2026-02-10T15:54:00
The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country's parliament on Friday. "On January 29, the National Cyber Security Center (
Published: 2026-02-10T13:52:00
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector. "UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore's telecommunications sector," CSA said. "All four of Singapore's major telecommunications operators ('telcos') M1, SIMBA Telecom, Singtel, and
Published: 2026-02-09T22:31:00
Microsoft has revealed that it observed a multi stage intrusion that involved the threat actors exploiting internet exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets. That said, the Microsoft Defender Security Research Team said it's not clear whether the activity weaponized recently
Published: 2026-02-09T20:12:00
Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths. A clear pattern this week: attackers are abusing trust. Trusted updates, trusted marketplaces, trusted apps, even
Published: 2026-02-09T18:29:00
Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through. Top CISOs have realized the solution isn’t hiring more people or stacking yet another tool onto the workflow, but giving their teams faster, clearer
Published: 2026-02-09T16:53:00
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT. Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks against manufacturing, finance, and IT
Published: 2026-02-09T16:28:00
Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation. The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed
Published: 2026-02-09T14:07:00
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution. "BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company
Published: 2026-02-09T13:33:00
OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem. "All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, including their new Code Insight capability,"
Published: 2026-02-08T13:02:00
Germany's Federal Office for the Protection of the Constitution (aka Bundesamt f r Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app. "The focus is on high-ranking targets in
Published: 2026-02-07T16:45:00
Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019. The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Its primary targets seem to
Published: 2026-02-06T20:26:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months. The agency said the move is to drive down technical debt and minimize
Published: 2026-02-06T19:13:00
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42. In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155
Published: 2026-02-06T17:37:00
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically tailored to their
Published: 2026-02-06T16:00:00
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below - @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31&
Published: 2026-02-06T14:10:00
Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched Thursday, comes with improved coding skills, including code review and debugging capabilities, along with
Published: 2026-02-06T11:19:00
The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds. Cloudflare, which automatically detected and mitigated the activity, said it's part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth quarter of 2025. The
Published: 2026-02-05T22:55:00
This week didn’t produce one big headline. It produced many small signals the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is becoming less visible while impact
Published: 2026-02-05T18:27:00
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening
Published: 2026-02-05T17:00:00
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of January 2026. "The threat actor stopped maintaining its C2 servers on January 8 for the first time since we
Published: 2026-02-05T15:55:00
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that
Published: 2026-02-05T11:46:00
Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker's infrastructure. Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX
Published: 2026-02-05T10:26:00
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence (AI) systems. The tech giant's AI Security team said the scanner leverages three observable signals that can be used to reliably flag the presence of backdoors while maintaining a low false positive
Published: 2026-02-04T23:22:00
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass traditional detection mechanisms and deploy a remote access trojan (RAT) known as AsyncRAT. "The attack leverages IPFS-hosted VHD files, extreme script obfuscation, runtime decryption, and in-memory
Published: 2026-02-04T22:54:00
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker Amaranth-Dragon, which it said shares links to the APT 41 ecosystem. Targeted countries include Cambodia,
Published: 2026-02-04T19:39:00
An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge: Identity Lives Outside the Identity Stack Identity and access management tools were built to govern users and directories. Modern enterprises run on applications. Over time, identity logic has moved into application code, APIs, service accounts, and custom authentication
Published: 2026-02-04T17:28:00
Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is incomplete. I have seen IR teams recover from sophisticated intrusions with limited telemetry. I have also seen teams lose control of investigations they should have been able to handle. The
Published: 2026-02-04T15:30:00
Microsoft has warned that information-stealing attacks are "rapidly expanding" beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale. The tech giant's Defender Security Research Team said it observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix since
Published: 2026-02-04T13:12:00
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the open-source repository to combat supply chain threats. The move marks a shift from a reactive to a proactive approach to ensure that malicious extensions don't end up getting published on the Open VSX Registry.
Published: 2026-02-04T11:56:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks. The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote
Published: 2026-02-04T11:20:00
Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into Docker Desktop and the Docker Command-Line Interface (CLI), that could be exploited to execute code and exfiltrate sensitive data. The critical vulnerability has been codenamed DockerDash by cybersecurity company Noma Labs. It was addressed by
Published: 2026-02-03T22:11:00
Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. Hackers broke into Dutch telecom firm Odido and accessed data from 6.2 million accounts. The company confirmed the breach and said attackers took names, addresses, phone numbers, email addresses, bank account details, dates of […]
Published: 2026-02-12T20:02:48
A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked to affiliated physicians and practices. ApolloMD is a US-based healthcare services company that partners with hospitals, health systems, and physician practices. It provides practice management, staffing, revenue cycle, and administrative support services. The company works with affiliated physicians across specialties […]
Published: 2026-02-12T17:58:25
Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the MaaS infostealer recovered after 2025 takedowns. Active since 2022, it relies on affiliates, social engineering, fake cracked software, and fake CAPTCHA “ClickFix” lures. CastleLoader plays a key role in spreading it. […]
Published: 2026-02-12T14:57:44
Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS to address an actively exploited zero-day tracked as CVE-2026-20700. The flaw is a memory corruption issue in Apple’s Dynamic Link Editor (dyld) that […]
Published: 2026-02-12T10:50:10
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabilities in Endpoint Manager, including flaws disclosed in October 2025. The update addresses a high-severity authentication bypass, tracked as CVE-2026-1603 (CVSS score of 8.6), that attackers could exploit […]
Published: 2026-02-12T06:13:41
A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacted at least 25 million people, far more than initially reported. Volvo Group North America confirmed that the security breach exposed data of nearly […]
Published: 2026-02-11T19:28:49
Researchers discovered Reynolds ransomware, which uses BYOVD technique to disable security tools and evade detection before encryption. Researchers found a new ransomware, named Reynolds, that implements the Bring Your Own Vulnerable Driver (BYOVD) technique to disable security tools and evade detection before encrypting systems. Broadcom’s cybersecurity researchers initially attributed the attack to Black Basta due […]
Published: 2026-02-11T15:00:47
A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botnet dubbed SSHStalker, observed via SSH honeypots over two months. Researchers ran an SSH honeypot with weak credentials starting in early 2026 and spotted a set of intrusions unlike […]
Published: 2026-02-11T09:49:39
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: This week, Microsoft Patch Tuesday security […]
Published: 2026-02-11T07:37:24
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and other components, rising to 62 CVEs when third-party updates are included. Five vulnerabilities are Critical, two Moderate, and most […]
Published: 2026-02-10T22:31:47