A newly disclosed security flaw in the popular jsPDF library has exposed millions of web developers to PDF Object Injection attacks, allowing remote attackers to embed arbitrary objects and actions into generated PDF documents. Tracked as CVE-2026-25755, the vulnerability affects the addJS method used to embed…
IT Security News Hourly Summary 2026-02-23 15h : 10 posts
10 posts were published in the last hour 14:5 : PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability 14:4 : Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud 14:4 : Lenovo expands ThinkEdge…
PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability
A critical zero-day vulnerability, tracked as CVE-2026-2329, is affecting Grandstream’s GXP1600 series VoIP desk phones. The issue is an unauthenticated stack-based buffer overflow that can be exploited remotely to achieve root-level remote code execution (RCE) on a vulnerable device. Because the…
Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
Oleksandr Didenko sold the stolen identities of US citizens, allowing North Koreans to get hired using freelance work platforms. The post Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud appeared first on SecurityWeek. This article…
Lenovo expands ThinkEdge portfolio with new AI-driven edge systems
Lenovo expanded its ThinkEdge portfolio with a new generation of AI-driven edge computing solutions, including the compact and reliable ThinkEdge SE10n Gen 2, the AI-ready ThinkEdge SE30n Gen 2, the AI-powerhouse ThinkEdge SE60n Gen 2, and Lenovo’s first industrial all-in-one…
Another day, another malicious JPEG, (Mon, Feb 23rd)
In his last two diaries, Xavier discussed recent malware campaigns that download JPEG files with embedded malicious payload[1,2]. At that point in time, I've not come across the malicious “MSI image†myself, but while I was going over malware samples…
GrayCharlie Hacks WordPress Sites, Spreads NetSupport RAT and Stealc Malware
GrayCharlie is abusing compromised WordPress sites to silently load malicious JavaScript that pushes NetSupport RAT, often followed by Stealc and SectopRAT, via fake browser updates and ClickFix lures. Insikt Group tracks GrayCharlie as a financially motivated threat actor overlapping with…
Password managers keep your passwords safe, unless…
Researchers investigated the zero-knowledge claims of password managers—and found some possible attack scenarios. This article has been indexed from Malwarebytes Read the original article: Password managers keep your passwords safe, unless…
Why Your SOC is Blind to Your Biggest Attack Surface (And How to Fix It)
The “Engineering” Trap In many organizations, there is a dangerous unspoken rule: The SOC handles endpoints and networks; Engineering handles APIs. This silo creates a massive blind spot. We recently spoke with the Senior Manager of Security Engineering at a…
⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More
Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are…
Fake Huorong security site infects users with ValleyRAT
One extra letter in the domain is all it takes to hand over remote control of your system. This article has been indexed from Malwarebytes Read the original article: Fake Huorong security site infects users with ValleyRAT
Japanese chip-testing toolmaker Advantest suffers ransomware attack
Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on February 15, 2026. What happened? Tokyo-based Advantest is a leading manufacturer of automatic test and measurement…
Mastering AI Home Security Cameras
A hands-on guide to building and running a local, AI-powered home surveillance system you fully control. This article has been indexed from CyberMaterial Read the original article: Mastering AI Home Security Cameras
CVE-2026-1731 fuels ongoing attacks on BeyondTrust remote access products
Attackers are exploiting CVE-2026-1731 in BeyondTrust RS and PRA to deploy VShell, gain persistence, move laterally, and control compromised systems. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), in BeyondTrust Remote Support…
Suspected Anonymous members detained in Spain over post-flood DDoS blitz
Quartet accused of attacking public institutions, claiming the government was responsible for 2024 tragedy Spanish police say four self-proclaimed members of Anonymous are in custody after allegedly carrying out several cyberattacks on public authorities in the wake of the 2024…
Autonomous AI Agents Provide New Class of Supply Chain Attack
While this campaign targets crypto wallets and steals money, the methodology has far wider potential that could be used by other attackers. The post Autonomous AI Agents Provide New Class of Supply Chain Attack appeared first on SecurityWeek. This article…
WhatsApp is adding another lock to your account
Meta has released WhatsApp Beta for Android 2.26.7.8 through the Google Play Beta Program. The update includes references to password-protected accounts, indicating plans to introduce an additional layer of protection beyond the app’s current authentication options. WhatsApp is exploring the…
How Exposed Endpoints Increase Risk Across LLM Infrastructure
As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from…
Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls
A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls
Hackers Use Excel Exploit to Hide XWorm 7.2 in JPEG Files, Hijack PCs
A new phishing campaign is spreading XWorm 7.2 via malicious Excel files, hiding the malware in Windows processes, and using AES encryption to steal passwords and Wi-Fi keys. This article has been indexed from Hackread – Cybersecurity News, Data Breaches,…
OWASP Smart Contract Top 10 2026 — Security Risks and Vulnerabilities
The Open Web Application Security Project (OWASP) has published the Smart Contract Top 10: 2026, a forward-looking standard awareness document designed to arm Web3 developers, security auditors, and protocol owners with actionable intelligence on the most critical vulnerabilities affecting smart…
CISA Warns of Multiple Roundcube Vulnerabilities Exploited in Attacks
CISA has officially updated its Known Exploited Vulnerabilities (KEV) Catalog to include new security flaws affecting a popular webmail platform. On February 20, 2026, the agency added two critical vulnerabilities found in Roundcube Webmail based on clear evidence that threat…
AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
Off-the-shelf tools helped Russian-speaking cybercrime group run riot Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS.… This article…
Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS
Threat actors relying on AI have been exploiting exposed ports and weak credentials to take over FortiGate devices. The post Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS appeared first on SecurityWeek. This article has been indexed from SecurityWeek…