Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online. The post Substack Breach May Have Leaked Nearly 700,000 User Details Online appeared first on TechRepublic. This…
German train line back on track after DDoS yanks the brakes
National rail bookings and timetables disrupted for nearly 24 hours If you wanted to book a train trip in Germany recently, you would have been out of luck. The country’s national rail company says that its services were disrupted for…
London Boroughs Struggle to Restore Services After November Cyber Attack
A cyber intrusion identified on November 24, 2025 has disrupted essential local authority services in two central London boroughs, freezing parts of the property market and delaying administrative functions. The Royal Borough of Kensington and Chelsea and Westminster City Council…
ISPsystem VMs Hijacked for Silent Ransomware Distribution
The evolution of cybercrime has led to infrastructure becoming less of a matter of ownership and more of a convenience issue. As opposed to investing time and resources in the construction and maintenance of dedicated command-and-control servers, ransomware operators…
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of…
Identity and supply chain need more attention, risk intelligence firm says
Roughly a third of attacks now use stolen credentials, according to the company’s latest report. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Identity and supply chain need more attention, risk intelligence firm…
IT Security News Hourly Summary 2026-02-18 18h : 11 posts
11 posts were published in the last hour 16:36 : Cyber Risk Is a Board Responsibility and Training Is the Missing Link 16:36 : ClawHavoc Poisoned OpenClaw’s ClawHub with 1,184 Malicious Skills, Enabling Data Theft and Backdoor Access 16:36 :…
Cyber Risk Is a Board Responsibility and Training Is the Missing Link
Boards now view cybersecurity as a business and financial priority, yet many lack the training to govern cyber risk effectively. Here’s why board-level education matters more than ever. This article has been indexed from Industry Trends & Insights Read…
ClawHavoc Poisoned OpenClaw’s ClawHub with 1,184 Malicious Skills, Enabling Data Theft and Backdoor Access
A large-scale supply chain poisoning campaign that targeted OpenClaw’s official marketplace, ClawHub, distributing 1,184 malicious “Skills” designed to steal data and establish backdoor access on compromised systems. OpenClaw, a fast-growing open-source AI agent platform, enables users to install plugin-like Skills…
OpenClaw AI Framework v2026.2.17 Released with Anthropic Model Support and Security Fixes
OpenClaw has released version 2026.2.17 with significant enhancements, including support for Anthropic’s Claude Sonnet 4.6 model. Expanded context windows, though the update arrives as the AI agent framework continues facing scrutiny over critical security vulnerabilities involving credential theft and remote…
New SysUpdate Variant Malware Discovered and Tool Developed to Decrypt Encrypted Linux C2 Traffic
A new variant of the SysUpdate malware has emerged as a sophisticated threat targeting Linux systems with advanced command-and-control (C2) encryption capabilities. The malware was discovered during a Digital Forensics and Incident Response (DFIR) engagement when security teams detected the…
How synthetic data can help solve AI’s data crisis
As AI demand outpaces the availability of high-quality training data, synthetic data offers a path forward. We unpack how synthetic datasets help teams overcome data scarcity to build production-ready AI. The post How synthetic data can help solve AI’s data…
SRE Playbook: A Guide to Discover and Catalog Non-Human Identities (NHI)
Let’s take a closer look at the fragmented NHI inventory from a site reliability engineer’s perspective. The post SRE Playbook: A Guide to Discover and Catalog Non-Human Identities (NHI) appeared first on Security Boulevard. This article has been indexed from…
NDSS 2025 – CLIBE: Detecting Dynamic Backdoors In Transformer-based NLP Models
Session 12D: ML Backdoors Authors, Creators & Presenters: Rui Zeng (Zhejiang University), Xi Chen (Zhejiang University), Yuwen Pu (Zhejiang University), Xuhong Zhang (Zhejiang University), Tianyu Du (Zhejiang University), Shouling Ji (Zhejiang University) PAPER CLIBE: Detecting Dynamic Backdoors in Transformer-based NLP…
Threat groups using AI to speed up and scale cyberattacks
A report from Palo Alto Networks finds hackers are increasingly using stolen identities and exploiting critical vulnerabilities within minutes of disclosure. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Threat groups using AI…
Windows Admin Center Flaw Opens Door to Privilege Escalation
A Windows Admin Center vulnerability could allow authorized attackers to escalate privileges across enterprise environments. The post Windows Admin Center Flaw Opens Door to Privilege Escalation appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
New Keenadu Android Malware Found on Thousands of Devices
The malware has been preinstalled on many devices but it has also been distributed through Google Play and other app stores. The post New Keenadu Android Malware Found on Thousands of Devices appeared first on SecurityWeek. This article has been…
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: Cryptojacking Campaign Exploits Driver to Boost Monero Mining
This former Microsoft PM thinks she can unseat CyberArk in 18 months
Though crowded, the identity management market seems eager for new solutions, and Venice is finding traction. This article has been indexed from Security News | TechCrunch Read the original article: This former Microsoft PM thinks she can unseat CyberArk in…
VS Code extensions with 125M+ installs expose users to cyberattacks
Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four widely used VS Code extensions (Live Server, Code Runner, Markdown Preview…
Cyber Briefing: 2026.02.18
SmartLoader spreads StealC via fake Oura server, Notepad++ fixes updater hijack, multiple breaches disclosed, luxury brands fined $25M, EU blocks AI tools on devices. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.18
Microsoft says Office bug exposed customers’ confidential emails to Copilot AI
Microsoft said the bug meant that its Copilot AI chatbot was reading and summarizing paying customers’ confidential emails, bypassing data protection policies. This article has been indexed from Security News | TechCrunch Read the original article: Microsoft says Office bug…
Cogent Security Raises $42 Million for AI-Driven Vulnerability Management
The Series A funding round, led by Bain Capital, brings the total raised by Cogent to $53 million. The post Cogent Security Raises $42 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Securonix shifts security operations to measurable AI-driven productivity
Securonix announced Sam, the AI SOC Analyst, and the Securonix Agentic Mesh, introducing a new operating model for security operations that scales analyst productivity, governs AI in production, and delivers board-ready outcomes. At a time when security operations are overwhelmed…