The Acronis Threat Research Unit (TRU) has identified a new and significantly enhanced version of the LockBit ransomware, LockBit 5.0, currently being deployed in active campaigns. The latest variant demonstrates expanded cross-platform capabilities, enabling attackers to target Windows, Linux, and…
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and…
Tenga Says Hacker Stole Customer Data
Tenga recently alerted customers that an unauthorized individual gained access to an employee’s professional email account, exposing personal data like names and order histories. This article has been indexed from CyberMaterial Read the original article: Tenga Says Hacker Stole Customer…
York City Cyberattack Led to $500K Ransom
York City paid a $500,000 ransom to regain control of its computer systems following a major cyberattack that occurred last summer. This article has been indexed from CyberMaterial Read the original article: York City Cyberattack Led to $500K Ransom
Amazon Ends Surveillance Firm Partnership
Amazon has ended its partnership with Flock Safety, a license-plate surveillance firm, following public outcry over a Ring Super Bowl advertisement that showcased AI-powered tracking capabilities. This article has been indexed from CyberMaterial Read the original article: Amazon Ends Surveillance…
California AG Announces $2.75M Disney Deal
California Attorney General Rob Bonta has reached a 2.75 million dollar settlement with the Walt Disney Company following allegations that it failed to honor consumer requests to opt out of data sharing. This article has been indexed from CyberMaterial Read…
Google Links Russian Actor to CANFAIL
A newly discovered hacking group linked to Russian intelligence is actively targeting Ukrainian infrastructure with a specialized malware strain called CANFAIL. This article has been indexed from CyberMaterial Read the original article: Google Links Russian Actor to CANFAIL
CISA Navigates DHS Shutdown With Reduced Staff
CISA is currently operating at roughly 38% capacity (888 out of 2,341 staff) due to the DHS shutdown that began February 14, 2026. The post CISA Navigates DHS Shutdown With Reduced Staff appeared first on SecurityWeek. This article has been…
Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security
The latest Android version continues to improve security and privacy, according to its developers. The post Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
New ClickFix Campaign Uses Nslookup to Fetch Malicious PowerShell Script
According to Microsoft, the ClickFix social engineering technique has evolved in a refined manner, emphasizing that even the most common software applications can be repurposed into covert channels for malware distribution. Using this latest iteration, hackers are no longer…
IT Security News Hourly Summary 2026-02-16 15h : 9 posts
9 posts were published in the last hour 13:32 : Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics 13:32 : Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices 13:32 : Microsoft alerts…
Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics
Hey folks in the threat‑hunting world looks like our coverage of the Noodlophile infostealer has struck a nerve with its creators. The operators used inflated engagement metrics and fake popularity scores to lure victims into downloading malicious ZIP archives. Once executed, these…
Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices
Microsoft’s February 10, 2026, Patch Tuesday cumulative update KB5077181 for Windows 11 is being linked to severe boot failures on some devices, with users reporting systems that restart repeatedly and never reach the desktop. The issue is primarily discussed across community threads,…
Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup
Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users into running a malicious nslookup command through the Windows Run dialog…
ClickFix added nslookup commands to its arsenal for downloading RATs
Microsoft researchers found a ClickFix campaign that uses the nslookup tool to have users infect their own system with a Remote Access Trojan. This article has been indexed from Malwarebytes Read the original article: ClickFix added nslookup commands to its…
Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape
Attackers recently leveraged LLMs to exploit a React2Shell vulnerability and opened the door to low-skill operators and calling traditional indicators into question. The post Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape appeared first on Security Boulevard. This article has been indexed…
FileZen File Transfer App Vulnerability Enables Arbitrary Command Execution
A critical vulnerability has been discovered in the file transfer solution from Soliton Systems K.K., potentially allowing attackers to execute arbitrary system commands on affected installations. The issue, tracked as CVE-2026-25108, has been assessed with a CVSS v3.0 base score of 8.8,…
OpenClaw Founder Peter Steinberger Officially Joins OpenAI
OpenClaw founder Peter Steinberger has officially joined OpenAI, marking a notable collaboration between open-source innovation and one of the world’s leading AI research organizations. According to Steinberger’s announcement titled “OpenClaw, OpenAI and the Future,” his new role focuses on advancing AI agents to make them accessible…
Critical Airleader Vulnerability Exposes Systems to Remote Code Execution Attacks
A newly disclosed vulnerability in an industrial control system (ICS) monitoring solution has raised concerns across multiple critical infrastructure sectors. Published by CISA under advisory code ICSA-26-043-10, the flaw has been assigned CVE-2026-1358 and carries a CVSS v3 score of 9.8, indicating critical…
New ZeroDayRAT Attacking Android and iOS For Real-Time Surveillance and Data Theft
ZeroDayRAT is a new mobile spyware platform sold openly through Telegram, with activity first observed on February 2, 2026. It targets Android (5–16) and iOS (up to 26), giving attackers one cross-platform tool. From a browser-based control panel, an operator…
Google patches Chrome zero-day as in-the-wild exploits surface
High-severity CSS flaw let malicious webpages run code inside the sandbox Google has quietly pushed out an emergency Chrome fix after attackers were caught exploiting the browser’s first reported zero-day of 2026.… This article has been indexed from The Register…
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud
Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation Breakfast: How Mission-Oriented Science and Innovation Programmes Will Address Societal Challenges’. Technologies are evolving fast, reshaping economies, governance, and daily life. Yet,…
Cybersecurity Alert: Fake Shops Target Winter Olympics 2026 Fans for Attacks
The excitement surrounding the Milano-Cortina 2026 Winter Olympics has given cybercriminals a new opportunity to trick fans. The adorable stoat mascots, Tina and Milo, have become international sensations especially their official 27 cm plush version, which quickly sold out on…
Joomla Vulnerabilities in Novarain/Tassos Framework Expose SQL Injection Risks
Joomla site owners using extensions that bundle the Novarain/Tassos Framework are being warned after a source code review identified multiple attack primitives that can be chained together to achieve administrator takeover and reliable remote code execution (RCE) on unpatched instances.…