Six actively exploited zero-day bug have been patched by Microsoft This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday
Google gets EU Wiz approval, Microsoft secures Secure Boot certificates, North Korean hackers target crypto exec
EU grants Google approval for Wiz Microsoft rolls out Secure Boot certificates before expiration North Korean hackers target crypto exec Get the show notes here: Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World…
Blackstone Boosts Stake In Anthropic
World’s largest alternative asset manager reportedly looking to increase stake in AI start-up to around $1bn, amid ongoing funding round This article has been indexed from Silicon UK Read the original article: Blackstone Boosts Stake In Anthropic
Legacy systems blamed as ministers promise no repeat of Afghan breach
UK government grilled over progress made to prevent a second life-threatening leak Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.… This article has been indexed from The Register –…
Pony.ai, Toyota Start Robotaxi Mass-Production
Mass production begins for robotaxi co-developed with Toyota, as Pony.ai seeks to expand availability of autonomous vehicles This article has been indexed from Silicon UK Read the original article: Pony.ai, Toyota Start Robotaxi Mass-Production
Ivanti Endpoint Manager Flaw Enables Remote Data Exposure
Ivanti has issued a high-security update for its Endpoint Manager (EPM) solution to address two significant vulnerabilities that could put organisational data at risk. The advisory, released on February 9, 2026, highlights a high-severity flaw that allows attackers to bypass…
The Top Pentesting Platforms of 2026: What You Need to Know
What to Look for in a Pentesting Platform? Pen testing is increasingly becoming the way companies prove compliance with data privacy laws and battle-test their defenses. As the primary way of finding and exploiting vulnerabilities (before attackers do), pen testing…
Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise
Dozens of vulnerabilities, bugs, and potential improvements have been identified by the tech giants’ security teams. The post Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Yubico previews passkey-enabled digital signatures in upcoming YubiKey 5.8 firmware
Yubico’s upcoming YubiKey 5.8 firmware introduces standardized APIs that integrate hardware-backed signatures with passkey authentication. To enable privacy-capable digital signatures using passkeys, expanded enterprise IdP support, and next-generation digital wallet use cases, the firmware adds support for FIDO CTAP 2.3…
Chinese Company Rents Dancing Robots
Start-up Botshare offers humanoid robots for entertainment purposes ahead of Valentine’s Day and Lunar New Year, as robot makers seek use cases This article has been indexed from Silicon UK Read the original article: Chinese Company Rents Dancing Robots
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities (KEV)…
Windows Shell Security Feature 0-Day Vulnerability Let Attackers Bypass Authentication
Microsoft released Microsoft Patch Tuesday updates to address a critical zero-day vulnerability in Windows Shell that is currently being actively exploited in the wild. Tracked as CVE-2026-21510, this security flaw allows remote attackers to bypass essential protection mechanisms, putting millions of…
Socelars Malware Attacking Windows Systems to Steal Sensitive Business Data
A dangerous information-stealing malware called Socelars is actively targeting Windows systems to collect sensitive authentication data, with particular focus on Facebook Ads Manager accounts and session cookies. Unlike traditional malware that causes immediate system damage, Socelars operates silently in the…
Apple, Google Agree To ‘First Steps’ With CMA
Apple, Google say they will improve transparency and fairness in treatment of apps on their platforms, amid discussions with UK regulator This article has been indexed from Silicon UK Read the original article: Apple, Google Agree To ‘First Steps’ With…
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact
Several vulnerabilities have been patched and mitigated across the industrial giants’ products. The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
IT Security News Hourly Summary 2026-02-11 09h : 7 posts
7 posts were published in the last hour 7:32 : Windows Remote Access Connection Manager Zero-Day Enables DoS Attacks 7:32 : Hackers Exploit ChatGPT, Grok and Google Ads to Spread macOS AMOS Stealer 7:31 : Windows Shell Zero-Day Vulnerability Allows…
Windows Remote Access Connection Manager Zero-Day Enables DoS Attacks
Microsoft has released urgent security updates to address a zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan). Assigned the identifier CVE-2026-21525, this flaw is currently being exploited in the wild, meaning attackers were using it to target systems before…
Hackers Exploit ChatGPT, Grok and Google Ads to Spread macOS AMOS Stealer
Threat actors are abusing shareable ChatGPT and Grok conversations and pushing them with Google Search ads to trick macOS users into running Terminal commands that install the Atomic macOS Stealer (AMOS). This campaign shows how attackers now blend social engineering…
Windows Shell Zero-Day Vulnerability Allows Attackers to Bypass Authentication
Microsoft has issued an urgent security warning following the discovery of a zero-day vulnerability in the Windows Shell, now tracked as CVE-2026-21510. This critical flaw, which carries a high severity score of 8.8, is currently being exploited in the wild, forcing a…
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. “The intrusion relied on a social engineering scheme…
Legacy IRC Botnet Leverages Automated SSH Exploit Pipeline to Mass-Enroll Linux Hosts
Identified through data captured by our SSH honeypots over two months, this campaign represents a sophisticated blend of eras. It merges “old-school” Internet Relay Chat (IRC) botnet tactics from the late 2000s with modern, automated mass-compromise techniques. While the infrastructure…
GitLab Patches Multiple Vulnerabilities That Enables DoS and Cross-site Scripting Attacks
A critical security update has been released for both the Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, available in versions 18.8.4, 18.7.4, and 18.6.6, fix flaws that could allow attackers to crash servers,…
Cisco enhances security for enterprise AI adoption
Cisco announced a suite of capabilities to help enterprises adopt agentic AI with confidence, combining agent protection, interaction governance, and resilient connectivity for AI-driven workflows. As organizations move from AI assistants to autonomous agents that use tools and data across…
Cephalus Ransomware Emerges as Go-Based Double-Extortion Threat Exploiting Exposed RDP Access
A sophisticated ransomware operation known as Cephalus has emerged as a significant cybersecurity threat since mid-2025, exploiting exposed Remote Desktop Protocol (RDP) services to breach organizations worldwide. Developed in the Go programming language, this malware represents a growing trend of…