Cybersecurity News from Across the Internet
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand’s real website, and … Read More “‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA – Krebs on Security” »
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the … Read More “BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration – The Hacker News” »
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months. “On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to … Read More “Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems – The Hacker News” »
Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). “The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stage – Read More – The … Read More “ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT – The Hacker News” »
DDoS attack frequency has risen to ‘alarming levels,’ warns Radware report – Read More –
A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea’s fraudulent information technology (IT) worker scheme. In November 2025, Oleksandr “Alexander” Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to … Read More “Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case – The Hacker News” »
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk. For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are – Read More – … Read More “Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026 – The Hacker News” »
A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET – Read More –
The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading to losses of more than $20 million in 2025. The agency said 1,900 ATM jackpotting incidents have been reported since 2020, out of which 700 took place last year. In December 2025, the U.S. Department … Read More “FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025 – The Hacker News” »
Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran. Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor … Read More “Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran – The Hacker News” »
How AI is reshaping MVP development, helping startups build faster, validate smarter, avoid overbuilding, manage tech debt, and embed security early. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A Ukrainian national who ran multiple operations to aid the North Korean government’s expansive scheme to hire remote IT workers at U.S. companies was sentenced to five years in prison, the Justice Department said Thursday. Oleksandr Didenko stole U.S. citizens’ identities and created more than 2,500 fraudulent accounts on freelance IT job forums, money service … Read More “Ukrainian sentenced to 5 years in prison for facilitating North Korean remote worker scheme – CyberScoop” »
In this excerpt of a TrendAI Research Services vulnerability report, Nikolai Skliarenko and Yazhi Wang of the TrendAI Research team detail a recently patched command injection vulnerability in the Windows Notepad application. This bug was originally discovered by Cristian Papa and Alasdair Gorniak of Delta Obscura. Successful exploitation of this vulnerability could result in the … Read More “CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad – Zero Day Initiative – Blog” »
A cybersecurity official at the State Department called for the public and private sector to more tightly coordinate plans to transition their systems, devices and data to quantum-resistant encryption algorithms. Gharun Lacy, Deputy Assistant Secretary for the Cyber and Technology Security Directorate at the Department of State, issued a challenge for cybersecurity defenders to view … Read More “State Dept. official says post-quantum transition plans will outlive current leadership – CyberScoop” »
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud. The high-severity vulnerability, tracked as CVE-2026-26119, … Read More “Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center – The Hacker News” »
An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure … Read More “INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown – The Hacker News” »
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots, – … Read More “PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence – The Hacker News” »
The Trump administration wants to boost the use of artificial intelligence for security in a way that doesn’t increase the number of targets for adversaries to attack, a top official with the Office of the National Cyber Director said Thursday. The administration will “promote the rapid implementation of AI enabled cyber defensive tools to detect, … Read More “ONCD official says Trump administration aims to bolster AI use for defense without increasing risk – CyberScoop” »
A Department of Health and Human Services official said Thursday that HHS is devoting a lot of attention to the security of third-party service providers after the 2024 Change Healthcare cyberattack. That attack, which is widely regarded as the biggest ever in the sector — including by HHS’s Charlee Hess, who spoke Thursday at CyberTalks … Read More “HHS burrows into identifying risks to health sector from third-party vendors – CyberScoop” »
A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat to both America’s private and public sectors. Michael Machtinger, deputy assistant director for cyber intelligence at the FBI, touted improved partnerships between the telecommunications industry and … Read More ” FBI: Threats from Salt Typhoon are ‘still very much ongoing’ – CyberScoop” »
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows – Read More –
Frankfurt am Main, Germany, 19th February 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Dell warns of a critical security hole in its RecoverPoint software exploited by hackers. Learn how to protect your data from the CVE-2026-22769 vulnerability and the new GrimBolt malware. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Fraud campaign exploiting Indonesia’s Coretax resulted in $1.5m to $2m in losses via malicious apps – Read More –
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same time. Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to … Read More “ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories – The Hacker News” »
Forescout paper reveals ICS advisories hit a record 508 in 2025 – Read More –
We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a “temporary” API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay down during a slower cycle. In … Read More “From Exposure to Exploitation: How AI Collapses Your Response Window – The Hacker News” »
A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal – Read More –
Researchers at Hudson Rock have identified a live infection where an infostealer exfiltrated a victim’s OpenClaw configuration. The discovery highlights a shift in malware behaviour toward harvesting personal AI identity files. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The dominant narrative has framed the Jan. 3 Caracas power outage during the mission to capture Venezuelan leader Nicolás Maduro as a “precision cyberattack.” But publicly available information points to a more complicated picture: videos, photographs, and accounts published from Caracas show significant physical damage to at least three Venezuelan substations. Experts who reviewed that … Read More “The Caracas operation suggests cyber was part of the plan – just not the whole operation – CyberScoop” »
Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched – Read More –
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. “This new threat, … Read More “Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users – The Hacker News” »
Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw – Read More –
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran’s ongoing protests to conduct information theft and long-term espionage. The Acronis Threat Research Unit (TRU) said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan … Read More “CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware – The Hacker News” »
A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of the vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create … Read More “A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
A vulnerability has been discovered in Dell RecoverPoint for Virtual Machines which could allow for arbitrary code execution. Dell RecoverPoint for Virtual Machines is an enterprise-grade solution for VMware Virtual Machines (VMs) enabling local, remote, and concurrent local and remote replication with continuous cyber resilience for on premises recovery to any point-in time (PiT). Successful … Read More “A Vulnerability in Dell RecoverPoint for Virtual Machines Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Since the Digital Personal Data Protection (DPDP) regime in India is already shifting towards enforcement and not interpretation, organizations are coming… The post Choosing and Implementing a DPDP Tech Stack: Consent, Logs, and Governance appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
A 37-year-old Nigerian man was sentenced to eight years in prison for participating in a five-year cybercrime spree to steal money from the U.S. government through fraudulent tax returns, the Justice Department said Wednesday. Matthew Abiodun Akande was living in Mexico when he and at least four co-conspirators broke into the networks of tax preparation … Read More “Nigerian man sentenced to 8 years in prison for running phony tax refund scheme – CyberScoop” »
Could America turn off Europe’s internet? That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech sovereignty. Could Gmail, cloud services, and critical infrastructure really become geopolitical leverage? And is anyone actually building a Plan B? Plus we explore if Meta is quietly plotting to turn … Read More “Smashing Security podcast #455: Face off: Meta’s Glasses and America’s internet kill switch – GRAHAM CLULEY” »
A technical mistake in the popular Chat & Ask AI app has left 300 million private messages from 25 million users exposed online. Discover what happened and how you can protect your personal data when using AI chatbots. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident’s phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto’s Munk School of … Read More “Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody – The Hacker News” »
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer … Read More “Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution – The Hacker News” »
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics – Read More –
Hard disks and magnetic tape have a limited lifespan, but glass storage developed by Microsoft could last millennia Some cultures used stone, others used parchment. Some even, for a time, used floppy disks. Now scientists have come up with a new way to keep archived data safe that, they say, could endure for millennia: laser-writing … Read More “Stone, parchment or laser-written glass? Scientists find new way to preserve data – Data and computer security | The Guardian” »
A former federal official who tested and certified voting machines used in Fulton County, Georgia for the 2020 presidential election told a court that the federal government misrepresented key facts and omitted exculpatory public evidence while seeking a warrant in last month’s law enforcement raid. The raid, carried out by the FBI and overseen by … Read More “Fulton County lawsuit claims feds used ‘gross mischaracterizations’ to justify raid – CyberScoop” »
AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication – Read More –
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability: AI-driven threats that adapt in … Read More “Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability – The Hacker News” »
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and – … Read More “Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs – The Hacker News” »
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary … Read More “3 Ways to Start Your Intelligent Workflow Program – The Hacker News” »
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded … Read More “Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 – The Hacker News” »
