Fake CAPTCHA attacks are now a key entry point for a new wave of LummaStealer infections, with CastleLoader loaders turning simple web clicks into full system compromise. Less than a year after a major law-enforcement takedown, the infostealer’s operators have…
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
A dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical…
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabilities in Endpoint Manager, including flaws disclosed in October 2025. The update addresses…
Picking an AI red teaming vendor is getting harder
Vendor noise is already a problem in traditional security testing. AI red teaming has added another layer of confusion, with providers offering everything from consulting engagements to automated testing platforms. Many buyers still struggle to tell whether a vendor can…
Promptware – Hackers Exploit Google Calendar Invites to Stealthily Stream Victim’s Camera via Zoom
A new era of AI vulnerability has arrived, and it is far more dangerous than simply tricking a chatbot into saying something rude. New research released this week demonstrates how attackers can weaponize everyday tools such as Google Calendar and…
Digital Hygiene for High-Profile Individuals
Nisos Digital Hygiene for High-Profile Individuals Digital vulnerability isn’t limited to corporate executives. Any individual with a public profile faces similar – and sometimes even greater – digital exposure risks… The post Digital Hygiene for High-Profile Individuals appeared first on…
Cloud teams are hitting maturity walls in governance, security, and AI use
Enterprise cloud programs have reached a point where most foundational services are already in place, and the daily work now centers on governance, security enforcement, and managing sprawl across environments. Hybrid and multi-cloud architectures have become routine in large organizations,…
Cybercriminals Exploit Employee Monitoring and SimpleHelp Tools in Ransomware Attacks
Threat actors are abusing legitimate remote monitoring tools to hide inside corporate networks and launch ransomware attacks. Net Monitor for Employees Professional is a commercial workforce monitoring tool by NetworkLookout that offers remote screen viewing, full remote control, file management,…
Apple 0-Day Flaw Actively Exploited in Targeted Cyberattacks on Individuals
Apple has released emergency security updates for iOS and iPadOS to fix a critical “zero-day” vulnerability that hackers are actively using in attacks. The flaw, tracked as CVE-2026-20700, was discovered by Google’s Threat Analysis Group and is described by Apple as…
Israeli Spyware Firm Exposes Paragon Spyware Control Panel on LinkedIn
An Israeli spyware firm, Paragon Solutions, accidentally exposed its secretive Graphite control panel in a LinkedIn post, drawing sharp criticism from cybersecurity experts. The blunder offers a rare glimpse into the tool’s operations targeting encrypted communications. Cybersecurity researcher Jurre van…
Russia Blocked WhatsApp For Over 100 Million Users Nationwide
WhatsApp has accused the Russian government of attempting a nationwide block on its messaging service to force over 100 million users onto a Kremlin-backed alternative riddled with surveillance risks. In a statement on X, the Meta-owned app declared: “Today the…
Java security work is becoming a daily operational burden
Security teams in large enterprises already spend significant time tracking vulnerabilities across software supply chains, third-party libraries, and internal codebases. Java environments add another layer of exposure because so many mission-critical systems still run on the JVM. A 2026 Azul…
Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack to Target Individuals
Apple released iOS 26.3 and iPadOS 26.3 on February 11, 2026, patching over 40 vulnerabilities, including a critical zero-day in the dyld component actively exploited in targeted attacks. The update addresses CVE-2026-20700, a memory-corruption flaw discovered by Google’s Threat Analysis…
Is SSO the Same as SAML?
Confused about sso vs saml? Learn the difference between the authentication process and the XML-based protocol. Essential guide for engineering leaders and ctos. The post Is SSO the Same as SAML? appeared first on Security Boulevard. This article has been…
Guide to Setting Up OpenID Connect for Enterprises
Learn how to implement OpenID Connect (OIDC) for enterprise SSO. Technical guide for engineering leaders on identity providers, scopes, and secure integration. The post Guide to Setting Up OpenID Connect for Enterprises appeared first on Security Boulevard. This article has…
Four Seconds to Botnet – Analyzing a Self Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary], (Wed, Feb 11th)
[This is a Guest Diary by Johnathan Husch, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Four Seconds to Botnet – Analyzing…
ISC Stormcast For Thursday, February 12th, 2026 https://isc.sans.edu/podcastdetail/9806, (Thu, Feb 12th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, February 12th, 2026…
IT Security News Hourly Summary 2026-02-12 03h : 3 posts
3 posts were published in the last hour 1:32 : Login Instructions for Various Platforms 1:31 : What Is a Security Token Service? 1:18 : Microsoft warns that poisoned AI buttons and links may betray your trust
Login Instructions for Various Platforms
Learn how to implement and manage login instructions for various platforms using enterprise SSO, saml, and oidc to prevent data breach risks. The post Login Instructions for Various Platforms appeared first on Security Boulevard. This article has been indexed from…
What Is a Security Token Service?
Learn how a Security Token Service (STS) brokers trust in Enterprise SSO and CIAM. Explore token issuance, validation, and federated identity for CTOs. The post What Is a Security Token Service? appeared first on Security Boulevard. This article has been…
Microsoft warns that poisoned AI buttons and links may betray your trust
Businesses are embedding prompts that produce content they want you to read, not the stuff AI makes if left to its own devices Amid its ongoing promotion of AI’s wonders, Microsoft has warned customers it has found many instances of…
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate…
Nation-State Actors Exploit Notepad++ Supply Chain
Unit 42 reveals new infrastructure associated with the Notepad++ attack. This expands understanding of threat actor operations and malware delivery. The post Nation-State Actors Exploit Notepad++ Supply Chain appeared first on Unit 42. This article has been indexed from Unit…
VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support
A newly tracked intrusion framework called VoidLink is drawing attention for its modular design and focus on Linux systems. It behaves like an implant management framework, letting operators deploy a core implant and add capabilities as needed, which shortens the…