Category: Cyber Security News

A group of attackers has built a fake version of the Huorong Security antivirus website to trick users into downloading ValleyRAT, a Remote Access Trojan (RAT) built on the Winos4.0 framework. The campaign is linked to the Silver Fox APT…

Read more →

A malicious NPM package named buildrunner-dev has been caught hiding .NET malware inside innocent-looking PNG images, using steganography to slip past antivirus tools and deliver a Remote Access Trojan onto Windows systems. Discovered in February 2026, this campaign signals a notable shift…

Read more →

A Russian-linked cybercrime group named Diesel Vortex has been quietly running a large phishing operation against freight and trucking companies across the United States and Europe. The campaign ran from September 2025 through February 2026 and resulted in more than…

Read more →

The CEO of Tesla and xAI recently stated that the artificial intelligence company Anthropic has stolen large amounts of data to train its models. Musk claims this data theft occurred on a massive scale, resulting in the company paying billions…

Read more →

Broadcom issued security advisory VMSA-2026-0001 on February 24, 2026, disclosing three vulnerabilities in VMware Aria Operations that pose risks, including remote code execution. Organizations using affected products should prioritize patching to mitigate potential exploits. VMware Aria Operations, a key component…

Read more →

A sophisticated new malware campaign has emerged, leveraging fake CAPTCHA lures to deceive users and deploy a stealthy information stealer. Identified in early 2026, this activity shares significant behavioral patterns with the ClickFix campaign that previously targeted restaurant reservation systems…

Read more →

The notorious cybercriminal group has claimed responsibility for a massive data breach targeting the Dutch telecommunications company Odido and its brand BEN. The group ShinyHunters claims to have stolen 21 million records from 8 million customers, suggesting the incident is…

Read more →

In early February 2026, a significant cybersecurity threat emerged involving the sophisticated use of Large Language Models (LLMs) in active intrusion campaigns. A misconfigured server exposed a detailed software pipeline where threat actors integrated DeepSeek and Claude into their attack…

Read more →

OpenClaw, the open-source personal AI assistant with over 215,000 GitHub stars, has released version 2026.2.23, emphasizing robust security hardening alongside advanced AI integrations. This update addresses multiple vulnerabilities and introduces features like Claude Opus 4.6 support, making it a timely…

Read more →

A newly launched bug bounty program is offering nearly $18,000 to anyone who can successfully disconnect Ring Video Doorbells from Amazon’s cloud servers while keeping the devices fully functional. This initiative aims to address ongoing privacy concerns about Ring’s data-handling…

Read more →

WhatsApp has released a new Android update through the Google Play Beta Program, bringing the version up to 2.26.7.8. The update reveals that WhatsApp is actively developing an optional account password feature designed to add another layer of security on…

Read more →

Google has released a critical security update for its Chrome browser, pushing version 145.0.7632.116/117 to Windows and macOS users, while Linux users receive version 144.0.7559.116. The update, which is rolling out progressively over the coming days and weeks, addresses three…

Read more →

Conduent Data Breach Notification Letters Sent to Millions as Ransomware Group Claims 8 Terabytes Stolen in One of the Largest U.S. Incidents. Letters began reaching affected individuals this month detailing a major data breach at Conduent Business Services, LLC, a…

Read more →

Anthropic today accused three prominent Chinese artificial intelligence companies DeepSeek, Moonshot AI, and MiniMax of running coordinated “distillation” campaigns to steal advanced capabilities from its Claude models. The San Francisco-based lab said the operations involved roughly 24,000 fraudulent accounts and…

Read more →

A threat actor known as GrayCharlie has been compromising WordPress websites since mid-2023, silently embedding malicious JavaScript to push malware onto visiting users. The group overlaps with the previously tracked SmartApeSG cluster, also called ZPHP or HANEMONEY. Its main tool…

Read more →

A sophisticated new cyber campaign has been uncovered, utilizing a deceptive technique known as “ClickFix” to distribute a custom remote access trojan dubbed MIMICRAT. This operation compromises legitimate websites to serve as delivery vectors, bypassing traditional security controls by relying…

Read more →

North Korean nation-state threat actors have been running a two-part operation — posing as job recruiters while embedding fake workers inside real companies. Since at least 2022, these actors have tricked software developers into running malicious code during fake technical…

Read more →

A highly sophisticated phishing framework named Starkiller has recently emerged, offering attackers an advanced method to steal credentials and bypass multi-factor authentication. Developed by a group known as Jinkusu, this malicious toolkit is sold as a commercial software-as-a-service product. Unlike…

Read more →

Microsoft is currently investigating a significant service degradation affecting Multi-Factor Authentication (MFA) across its Microsoft 365 suite, with users in the North America region reporting widespread 504 gateway timeout errors when attempting to authenticate into MFA-protected services. The incident, tracked…

Read more →

A threat actor claimed on February 22, 2026, to have leaked what they are calling the “Wendy’s International Franchise Database,” exposing sensitive operational configurations, franchisee contact data, and live payment integration credentials across multiple food service brands. No public acknowledgment…

Read more →