A $44 hardware implant disguised as an ordinary computer mouse. This device acts as a covert keystroke injector, akin to the Hak5 Rubber Ducky, but leverages the innocuous form factor of a mouse to bypass basic user awareness training. Plug…
Promptware – Hackers Can Use Google Calendar Invites to Stream Victims’ Cameras via Zoom
A new and dangerous class of cyberattack called “Promptware” has been discovered, capable of turning your personal AI assistant into a sleeper agent that spies on you. Security researchers from Ben-Gurion University, Tel Aviv University, and Harvard have demonstrated a…
OpenVPN releases version 2.7.0 with expanded protocol and platform updates
OpenVPN version 2.7.0 is now available. The update advances support for multi-address server configurations and updates client functionality across operating systems. The release includes enhancements in data channel handling and support for evolving kernel and cryptographic components. Server enhancements Version…
Crazy gang abuses employee monitoring tool, Nevada unveils new data classification, Georgia healthcare breach impact grows
Crazy gang abuses employee monitoring tool Nevada unveils new data classification Georgia healthcare breach impacts more than 620,000 Get the show notes here: Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers…
OpenClaw: Hit the ground running, with security lagging behind
OpenClaw has cause quite the stir among AI enthusiasts during the past few weeks – and it has also been cause for a few more gray hairs among security experts. But what is the whole hoopla about with OpenClaw? This…
BlueCat Horizon unifies DNS, DHCP, IPAM, and security into a cloud-first intelligent NetOps platform
BlueCat Networks has unveiled BlueCat Horizon, a SaaS-based platform designed to modernize how enterprises and mid-market organizations operate, secure, and evolve their networks through AI-assisted insights and coordinated action across the network. BlueCat Horizon introduces a common set of platform…
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said…
Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
A newly discovered malicious NPM package, dubbed duer-js , is being used to distribute an advanced information‑stealing malware that primarily targets Windows systems and Discord users. Published by the user “luizaearlyx”, the package contains a custom infostealer calling itself “bada stealer”, and…
Criminals are using AI website builders to clone major brands
AI-assisted website builders are making it far easier for scammers to impersonate well-known and trusted brands, including Malwarebytes. This article has been indexed from Malwarebytes Read the original article: Criminals are using AI website builders to clone major brands
Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’
Impacting the ‘dyld’ system component, the memory corruption issue can be exploited for arbitrary code execution. The post Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
IT Security News Hourly Summary 2026-02-12 09h : 9 posts
9 posts were published in the last hour 7:34 : OysterLoader Unmasked: The Multi-Stage Evasion Loader 7:34 : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware 7:34 : Adblock Filters Expose User Location Even…
OysterLoader Unmasked: The Multi-Stage Evasion Loader
Introduction OysterLoader, also known as Broomstick and CleanUp, is a malware developed in C++, composed of multiple stages, belonging to the loader (A.k.a.: downloader) malware family. First reported in June 2024 by Rapid7, it is mainly distributed via web sites…
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to cryptocurrency‑focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hide multi‑stage payloads behind seemingly legitimate coding tasks…
Adblock Filters Expose User Location Even With VPN Protection
A new fingerprinting technique called “Adbleed” reveals that VPN users aren’t as anonymous as they think. While VPNs hide your IP address and encrypt traffic, they can’t conceal which country-specific adblock filter lists are installed in your browser and that’s…
Threat Actors Leveraging Employee Monitoring and SimpleHelp Tools to Deploy Ransomware Attacks
Cybercriminals are increasingly using valid administrative software to launch attacks, making their malicious activities much harder to spot. Instead of relying solely on custom computer viruses, these actors abuse legitimate workforce monitoring tools to hide inside business networks. By utilizing…
GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (AI) to accelerate the attack lifecycle, achieving productivity gains in reconnaissance, social engineering, and malware development. This report serves as an…
Google: China’s APT31 used Gemini to plan cyberattacks against US orgs
Meanwhile, IP-stealing ‘distillation attacks’ on the rise A Chinese government hacking group that has been sanctioned for targeting America’s critical infrastructure used Google’s AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.… This article…
OpenClaw Scanner: Open-source tool detects autonomous AI agents
A new free, open source tool is available to help organizations detect where autonomous AI agents are operating across corporate environments. The OpenClaw Scanner identifies instances of OpenClaw, an autonomous AI assistant also known as MoltBot, that can execute tasks,…
When security decisions come too late, and attackers know it
In this Help Net Security, Chris O’Ferrell, CEO at CodeHunter, talks about why malware keeps succeeding, where attackers insert malicious code in the SDLC, and how CI/CD pipelines can become a quiet entry point. He also breaks down the difference…
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as…
Fake CAPTCHA Attacks Exploit Key Entry Point for LummaStealer Malware
Fake CAPTCHA attacks are now a key entry point for a new wave of LummaStealer infections, with CastleLoader loaders turning simple web clicks into full system compromise. Less than a year after a major law-enforcement takedown, the infostealer’s operators have…
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
A dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical…
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabilities in Endpoint Manager, including flaws disclosed in October 2025. The update addresses…
Picking an AI red teaming vendor is getting harder
Vendor noise is already a problem in traditional security testing. AI red teaming has added another layer of confusion, with providers offering everything from consulting engagements to automated testing platforms. Many buyers still struggle to tell whether a vendor can…