Monthly Archives: February 2026

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan...

24
Feb
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies,...

24
Feb
APT28 Targeted European Entities Using Webhook-Based Macro Malware

The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign...

23
Feb
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles...

23
Feb
⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Security news rarely moves in a straight line. This week, it feels more like a...

23
Feb
How Exposed Endpoints Increase Risk Across LLM Infrastructure

As more organizations run their own Large Language Models (LLMs), they are also deploying more...

23
Feb
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign...

23
Feb
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has...

23
Feb
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial...

21
Feb
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for...

21
Feb
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting...

21
Feb
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four...

21
Feb
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote...

20
Feb
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline...

20
Feb
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT

Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites...

20
Feb
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing...

20
Feb
Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S....

20
Feb
FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting...

20
Feb
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran

Two former Google engineers and one of their husbands have been indicted in the U.S....

20
Feb
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini,...

19
Feb
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown

An international cybercrime operation against online scams has led to 651 arrests and recovered more...

19
Feb
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an...

19
Feb
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

The cyber threat space doesn’t pause, and this week makes that clear. New risks, new...

19
Feb
From Exposure to Exploitation: How AI Collapses Your Response Window

We’ve all seen this before: a developer deploys a new cloud workload and grants overly...

19
Feb
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to...

19
Feb
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of...

19
Feb
Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody

New research from the Citizen Lab has found signs that Kenyan authorities used a commercial...

18
Feb
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP...

18
Feb
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS...

18
Feb
Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability

In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted...

18
Feb