Tag Archives: it security

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Google on Friday released security updates for its Chrome browser to address a security flaw...

16
Feb
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in...

15
Feb
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware...

13
Feb
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia...

13
Feb
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular...

13
Feb
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated...

13
Feb
npm’s Update to Harden Their Supply Chain, and Points to Consider

In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul...

13
Feb
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote...

13
Feb
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using...

12
Feb
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python...

12
Feb
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

Threat activity this week shows one consistent signal — attackers are leaning harder on what...

12
Feb
The CTEM Divide: Why 84% of Security Programs Are Falling Behind

A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a...

12
Feb
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti...

12
Feb
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address...

12
Feb
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in...

11
Feb
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed...

11
Feb
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

It’s Patch Tuesday, which means a number of software vendors have released patches for various...

11
Feb
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations....

11
Feb
Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

Microsoft on Tuesday released security updates to address a set of 59 flaws across its...

11
Feb
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on...

11
Feb
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector...

11
Feb
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

The information technology (IT) workers associated with the Democratic People’s Republic of Korea (DPRK) are...

10
Feb
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded...

10
Feb
From Ransomware to Residency: Inside the Rise of the Digital Parasite

Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry...

10
Feb
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security

January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A...

10
Feb
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by...

10
Feb
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

The Netherlands’ Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both...

10
Feb
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead...

10
Feb
Improving your response to vulnerability management
February 9, 2026

How to ensure the ‘organisational memory’ of past vulnerabilities is not lost....

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage...

09
Feb