CISA Orders Emergency Patch for Actively Exploited Dell Flaw; Texas Sues TP-Link; Massive ID Verification Data Leak; SSA Database Leak Allegations Host Jim Love covers four cybersecurity stories: Cybersecurity Today would like to thank Meter for their support in bringing…
Snyk CEO bails, wants someone with more AI experience to replace him
Skill at buzzword bingo also required as company seeks innovative and disruptive visionary The CEO of code review platform provider Snyk has announced he will stand down so the company can find someone better-equipped to steer the company into the…
CarMax – 431,371 breached accounts
In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt. The data included 431k unique email addresses along with names, phone numbers and physical addresses. This article has been indexed from…
New infosec products of the week: February 20, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Compliance Scorecard, Impart Security, Redpanda, and Virtana. Impart enables safe, in-app enforcement against AI-powered bots Impart Security has launched Programmable Bot Protection, a runtime approach…
IT Security News Hourly Summary 2026-02-20 06h : 1 posts
1 posts were published in the last hour 4:13 : Jeffrey Epstein’s Ties to CBP Agents Sparked a DOJ Probe
Jeffrey Epstein’s Ties to CBP Agents Sparked a DOJ Probe
Documents say customs officers in the US Virgin Islands had friendly relationships with Epstein years after his 2008 conviction, showing how the infamous sex offender tried to cultivate allies. This article has been indexed from Security Latest Read the original…
Splunk Enterprise for Windows Vulnerability Let Attackers Hijack DLLs and Gain SYSTEM Access
Splunk has disclosed a high-severity vulnerability in Splunk Enterprise for Windows that allows a low-privileged local user to escalate their privileges to SYSTEM level through a DLL search-order hijacking attack. Tracked as CVE-2026-20140 and published on February 18, 2026, under…
Hackers Use Fake Oura AI Server to Spread StealC Malware
Cybersecurity analysts have uncovered a fresh wave of malicious activity involving the SmartLoader malware framework. In this campaign, attackers circulated a compromised version of an Oura Model Context Protocol server in order to deploy a data-stealing program known as…
ISC Stormcast For Friday, February 20th, 2026 https://isc.sans.edu/podcastdetail/9818, (Fri, Feb 20th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, February 20th, 2026…
Lattice-Based Zero Trust Identity Verification for AI Agents
Explore lattice-based zero trust identity verification for AI agents. Secure MCP deployments with quantum-resistant encryption and 4D access control. The post Lattice-Based Zero Trust Identity Verification for AI Agents appeared first on Security Boulevard. This article has been indexed from…
IT Security News Hourly Summary 2026-02-20 03h : 2 posts
2 posts were published in the last hour 1:34 : A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon 1:22 : AI agents abound, unbound by rules or safety disclosures
A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon
The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware. This article has been indexed from Security Latest Read the…
AI agents abound, unbound by rules or safety disclosures
MIT CSAIL’s 2025 AI Agent Index puts opaque automated systems under the microscope AI agents are becoming more common and more capable, without consensus or standards on how they should behave, say academic researchers.… This article has been indexed from…
Crims create fake remote management vendor that actually sells a RAT
$300 a month buys you a backdoor that looks like legit software Researchers at Proofpoint late last month uncovered what they describe as a “weird twist” on the growing trend of criminals abusing remote monitoring and management software (RMM) as…
An FBI ‘Asset’ Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years
A staffer of the Incognito dark web market was secretly controlled by the FBI—and still allegedly approved the sale of fentanyl-tainted pills, including those from a dealer linked to a confirmed death. This article has been indexed from Security Latest…
Your Most Dangerous User Is Not Human: How AI Agents and MCP Servers Broke the Internal API Walled Garden
Highlights The Perimeter is Porous: Modern Agentic AI and the Model Context Protocol (MCP) have effectively turned internal data centers inside out, making the “internal API” security model obsolete. The “Confused Deputy” Risk: Legitimate AI agents act as trusted internal…
IT Security News Hourly Summary 2026-02-20 00h : 11 posts
11 posts were published in the last hour 23:4 : VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) 23:4 : FBI says ATM ‘jackpotting’ attacks are on the rise, and netting hackers millions in stolen cash 22:55…
VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)
CVE-2026-1731 is an RCE vulnerability in identity platform BeyondTrust. This flaw allows attackers control of systems without login credentials. The post VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) appeared first on Unit 42. This article has…
FBI says ATM ‘jackpotting’ attacks are on the rise, and netting hackers millions in stolen cash
The FBI says hacks that trick ATMs into spitting out cash on demand are rising, with hundreds of attacks in the past year alone netting hackers millions in stolen bills. This article has been indexed from Security News | TechCrunch…
IT Security News Daily Summary 2026-02-19
165 posts were published in the last hour 22:34 : MVP Development in the Age of AI: How Startups Can Build Smarter, Faster and Leaner 22:34 : Cellebrite cut off Serbia citing abuse of its phone unlocking tools. Why not…
MVP Development in the Age of AI: How Startups Can Build Smarter, Faster and Leaner
How AI is reshaping MVP development, helping startups build faster, validate smarter, avoid overbuilding, manage tech debt, and embed security early. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Cellebrite cut off Serbia citing abuse of its phone unlocking tools. Why not others?
Cellebrite, which makes phone unlocking and hacking tools, stopped sales to countries that allegedly abused its tools. But after new allegations in Jordan and Kenya, the company has changed its approach. This article has been indexed from Security News |…
MLSecOps: Bridging security and AI development processes
<p>As security practitioners, we know that securing an organization isn’t necessarily a monolithic exercise: We don’t — literally can’t — always focus equally on every part of the business.</p> <p>This is normal and natural, for many reasons. Sometimes, we have…
AI Governance Becomes Critical as Agentic AI Moves Into Production
As agentic AI scales, strong governance is essential to prevent unintended autonomous actions. The post AI Governance Becomes Critical as Agentic AI Moves Into Production appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…