A new malware loader, dubbed Foxveil, that abuses trusted platforms such as Cloudflare Pages, Netlify, and Discord to stage and deliver malicious payloads while evading traditional detection methods. Active since at least August 2025, the loader is used as an…
CISA Warns of Actively Exploited Google Chromium 0‑Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Google Chromium engine to its Known Exploited Vulnerabilities (KEV) catalog. Tracking as CVE-2026-2441, this security flaw is currently being actively exploited in the wild. The…
New Phishing Campaign Exploits Booking.com Partners, Targets Customers in Multi-Stage Fraud Scheme
New phishing activity is again abusing the Booking.com ecosystem to defraud both hotel partners and their guests, using a coordinated multi‑stage campaign that blends email, infrastructure abuse, and social engineering across email and WhatsApp. The primary objective is financial gain, using tailored…
Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks
Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The…
Master XDR Investigations: A Deep Dive into the GravityZone XDR Demo Incident
An attacker’s initial access, whether through phishing, unmanaged devices, exploited vulnerabilities, or a compromised supply chain, marks the beginning of a dangerous chain of events. The post Master XDR Investigations: A Deep Dive into the GravityZone XDR Demo Incident appeared…
The defense industrial base is a prime target for cyber disruption
Cyber threats against the defense industrial base (DIB) are intensifying, with adversaries shifting from traditional espionage toward operations designed to disrupt production capacity and compromise supply chains. In this Help Net Security interview, Luke McNamara, Deputy Chief Analyst, Google Threat…
CRESCENTHARVEST Malware Campaign Uses Iran Protest Lures to Deploy Info‑Stealing RAT
A new malware campaign, dubbed CRESCENTHARVEST, that abuses the ongoing Iran protest narrative to deliver a powerful information‑stealing remote access trojan (RAT) against Farsi‑speaking users. The operation appears tailored to supporters of the protests and other Iran‑focused audiences, with a clear…
OpenClaw AI ‘Log Poisoning’ Flaw Enables Malicious Content Injection
A severe “log poisoning” vulnerability has been discovered in the popular OpenClaw AI assistant, potentially allowing attackers to manipulate the agent’s behaviour through indirect prompt injection. OpenClaw, an open-source autonomous agent known for its deep system integrations and ability to…
Eurail User Records Up for Sale on the Dark Web
Eurail BV has confirmed that some customer data impacted by the previously reported security incident has been offered for sale on the dark web and a sample data set has been posted on Telegram. The company said it is continuing to investigate the scope…
Everyone uses open source, but patching still moves too slowly
Enterprise security teams rely on open source across infrastructure, development pipelines, and production applications, even when they do not track it as a separate category of technology. Open source has become a default building block in many environments, and the…
SecureClaw: Dual stack open-source security plugin and skill for OpenClaw
AI agent frameworks are being used to automate work that involves tools, files, and external services. That type of automation creates security questions around what an agent can access, what it can change, and how teams can detect risky behavior.…
Cybersecurity in cross-border logistics operations
In this Help Net Security video, Dieter Van Putte, CTO at Landmark Global, discusses how cybersecurity has become a core part of global supply chain operations. He explains that logistics is now also about data moving between carriers, customs authorities,…
OpenClaw: Info Stealers Take Your Soul
Info Stealers Target OpenClaw, a Robot Vacuum API Flaw Exposes Thousands, Best Buy Fraud Shows Zero Trust Context, and Canada Goose Data Leaked via Supplier The episode covers multiple security incidents and lessons. Hudson Rock details how an info stealer…
Dell 0-Day Vulnerability Targeted by Chinese Hackers Since Mid-2024 for Ongoing Malware Campaign
A critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been actively exploited by Chinese state-sponsored hackers since mid-2024. Mandiant and Google Threat Intelligence Group (GTIG) attribute this campaign to UNC6201, a threat cluster with significant overlaps to the group known as Silk…
Palo Alto CEO says AI isn’t great for business, yet
Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next If enterprises are implementing AI, they’re not showing it to Palo Alto Networks CEO Nikesh Arora, who on Tuesday said business adoption of the tech…
IT Security News Hourly Summary 2026-02-18 06h : 5 posts
5 posts were published in the last hour 4:18 : Credit Card Fraud Emerges with a New Sophisticated Carding-as-a-Service Marketplaces 4:18 : Threat Actors Advertising New ‘ClickFix’ Payload That Stores Malware within Browser Cache 4:17 : Matanbuchus 3.0 Returns with…
Credit Card Fraud Emerges with a New Sophisticated Carding-as-a-Service Marketplaces
Credit card fraud has persisted despite global mitigation efforts, evolving from scattered illegal trades into a highly organized Carding-as-a-Service (CaaS) economy. This underground structure now mirrors legitimate online marketplaces, providing criminals with streamlined access to stolen payment data, specialized tools,…
Threat Actors Advertising New ‘ClickFix’ Payload That Stores Malware within Browser Cache
Cybersecurity researchers have uncovered a new iteration of the ‘ClickFix’ social engineering campaign, which now employs a sophisticated technique to evade detection by storing malware directly within a victim’s browser cache. This evolution represents a significant and dangerous shift in…
Matanbuchus 3.0 Returns with ClickFix Social Engineering and Silent MSI Installations to Deploy AstarionRAT
Matanbuchus, a premium Malware-as-a-Service loader, has resurfaced in February 2026 following a nearly year-long hiatus. This latest iteration, version 3.0, features a complete code rewrite and now commands a subscription fee of up to $15,000 per month, a stark increase…
Dell 0-Day Vulnerability Exploited by Chinese Hackers since mid-2024 to Deploy Malware
A critical zero-day exploitation campaign targeting Dell RecoverPoint for Virtual Machines. The vulnerability, tracked as CVE-2026-22769, carries a maximum CVSSv3.1 score of 10.0 and has been under active exploitation since at least mid-2024. Incident response engagements attribute this activity to…
Cybercriminals Leverage Atlassian Cloud for Spam Campaigns Redirecting Targets to Fraudulent Investment Schemes
Cybercriminals have launched a sophisticated spam campaign leveraging the trusted infrastructure of Atlassian Cloud. By abusing legitimate features within the platform, attackers are effectively bypassing traditional email security controls to reach high-value targets. This campaign focuses on redirecting users to…
Is it OK to let your children post selfies online?
When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech. This article has been indexed from WeLiveSecurity Read the original article: Is it OK to let your…
Figure – 967,178 breached accounts
In February 2026, data obtained from the fintech lending platform Figure was publicly posted online. The exposed data, dating back to January 2026, contained over 900k unique email addresses along with names, phone numbers, physical addresses and dates of birth.…
California Fines Disney $2.75 Million in Record CCPA Case
California regulators have issued their largest penalty yet under the California Consumer Privacy Act, announcing a $2.75 million settlement with The Walt Disney Company after investigators found that consumer opt-out requests were not consistently honored across devices and streaming platforms.…