Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these…
Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware
Flaw abused ”in an extremely sophisticated attack against specific targeted individuals’ Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an “extremely sophisticated attack” against targeted individuals.… This article has been indexed…
Viral AI Caricatures Highlight Shadow AI Dangers
A viral AI caricature trend is spotlighting shadow AI risks, exposing how public LLM use can lead to data leakage and targeted attacks. The post Viral AI Caricatures Highlight Shadow AI Dangers appeared first on eSecurity Planet. This article has…
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Exploits GitHub, npm, and PyPI to Distribute Malware
The North Korean state-sponsored hacking team, Lazarus Group, has launched a sophisticated fake recruiter campaign targeting cryptocurrency developers through a malicious operation called “graphalgo.” Active since May 2025, this coordinated attack uses fraudulent job offers to distribute remote access trojans…
Google Warns of Hackers Leveraging Gemini AI for All Stages of Cyberattacks
Threat actors have begun leveraging Google’s Gemini API to dynamically generate C# code for multi-stage malware, evading traditional detection methods. The Google Threat Intelligence Group (GTIG) detailed this in its February 2026 AI Threat Tracker report, spotlighting the HONESTCUE framework…
Sophisticated ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
A dangerous malware campaign has emerged on the NPM package registry, putting thousands of developers and Windows users at risk. The malicious package, known as “duer-js,” was published by a user named “luizaearlyx” and disguised itself as a legitimate console…
Chrome Security Update – Patch for Vulnerabilities that Enables Code Execution Attacks
Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux, addressing 11 security vulnerabilities that could enable attackers to execute malicious code on user systems. The update, rolling out over the coming weeks, includes several high-severity…
North Korea–Linked Hackers Use AI Lures
The North Korea-linked group UNC1069 is targeting the cryptocurrency industry through elaborate social engineering tactics on platforms like Telegram to steal data from Windows and macOS users. This article has been indexed from CyberMaterial Read the original article: North Korea–Linked…
Windows 10 KB5075912 Extended Update
Microsoft has launched the KB5075912 extended security update for Windows 10 to address numerous vulnerabilities, including six actively exploited zero-day flaws. This article has been indexed from CyberMaterial Read the original article: Windows 10 KB5075912 Extended Update
Georgia Healthcare Data Breach Exposes
A major data breach at a Georgia healthcare provider has exposed the sensitive personal and medical information of over 620,000 individuals. This article has been indexed from CyberMaterial Read the original article: Georgia Healthcare Data Breach Exposes
IT Security News Hourly Summary 2026-02-12 15h : 8 posts
8 posts were published in the last hour 13:32 : DragonForce Ransomware Group Targets 363 Companies, Expands Cartel-Like Operations Since 2023 13:32 : Crypto-Funded Human Trafficking Is Exploding 13:31 : Stanley Malware Service Bypasses Chrome Web Store Safeguards 13:31 :…
DragonForce Ransomware Group Targets 363 Companies, Expands Cartel-Like Operations Since 2023
DragonForce is a ransomware group that has rapidly evolved into a cartel-style operation, extending its reach across the cybercrime ecosystem since late 2023. Operating under a Ransomware-as-a-Service (RaaS) model, the group now positions itself not just as a single gang,…
Crypto-Funded Human Trafficking Is Exploding
The use of cryptocurrency in sales of human beings for prostitution and scam compounds nearly doubled in 2025, according to a conservative estimate. Many of the deals are happening in plain sight. This article has been indexed from Security Latest…
Stanley Malware Service Bypasses Chrome Web Store Safeguards
Researchers at Varonis have discovered a new malware-as-a-service (MaaS) offering, dubbed “Stanley,” which allows malicious Chrome extensions to evade Google’s review process and be listed on the official Chrome Web Store. Dubbed after the alias of the seller, Stanley…
World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks
SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage Malware
A DShield honeypot sensor recently recorded a complete compromise sequence involving a self-replicating SSH worm that exploits weak passwords to spread across Linux systems. The incident highlights how poor SSH hygiene and the use of default credentials remain among the…
Child exploitation, grooming, and social media addiction claims put Meta on trial
Landmark trials now underway allege Meta failed to protect children from sexual exploitation, grooming, and addiction-driven design. This article has been indexed from Malwarebytes Read the original article: Child exploitation, grooming, and social media addiction claims put Meta on trial
Best Enterprise SSO Providers for EdTech/Education SaaS in 2026
Discover the best enterprise SSO providers for EdTech and Education SaaS in 2026, comparing security, scalability, compliance, and integrations. The post Best Enterprise SSO Providers for EdTech/Education SaaS in 2026 appeared first on Security Boulevard. This article has been indexed…
Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle This article has been indexed from www.infosecurity-magazine.com Read the original article: Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds
$44 Evilmouse Malware Grants Attackers Full Control of Systems Upon Connection
A new hardware-based threat has emerged that disguises malicious code execution capabilities inside an ordinary computer mouse. Dubbed “EvilMouse,” this covert keystroke injector demonstrates how everyday peripherals can become powerful attack tools for just $44 in parts. EvilMouse operates similarly…
Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched Vulnerabilities
Feiniu fnOS network-attached storage (NAS) devices have been pulled into a large Netdragon botnet after attackers exploited still-unpatched vulnerabilities, turning home and small‑business storage into infrastructure for DDoS attacks. The malware opens an HTTP backdoor on port 57132, letting attackers…
ApolloMD Data Breach Impacts 626,000 Individuals
The company says hackers stole the personal information of patients of affiliated physicians and practices. The post ApolloMD Data Breach Impacts 626,000 Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ApolloMD Data…
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in…
Supply chain attacks now fuel a ‘self-reinforcing’ cybercrime economy
Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking breaches, credential theft, and ransomware into a “self-reinforcing” ecosystem, researchers say.… This article has been…