U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the…
Exploits and vulnerabilities in Q4 2025
This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use of C2 frameworks in APT attacks. This article has been indexed from Securelist Read the original article:…
The Zero-Trust Paradox: Why Email Whitelists are Undoing Millions in Security Investment
Zero-trust collapses when email whitelists create permanent exceptions. Here’s why this hidden risk undermines modern security investments. The post The Zero-Trust Paradox: Why Email Whitelists are Undoing Millions in Security Investment appeared first on Security Boulevard. This article has been…
Cursor Automations turns code review and ops into background tasks
Cursor Automations, the always-on agent platform from Cursor, is expanding with a new generation of autonomous systems that streamline code review, incident response, and other engineering workflows. The platform runs AI agents on schedules or in response to development events.…
FBI Probes Attack On Intelligence Network
FBI says it is responding to cyber-incident reportedly involving system used to manage wiretaps, foreign intelligence surveillance warrants This article has been indexed from Silicon UK Read the original article: FBI Probes Attack On Intelligence Network
Amazon Hit By US E-Commerce Outage
Tens of thousands of users in US report errors, fluctuations in Amazon US e-commerce platform on Thursday This article has been indexed from Silicon UK Read the original article: Amazon Hit By US E-Commerce Outage
AWS-LC Flaw Exposes Amazon Users to Attacks by Bypassing Certificate Chain Validation
Amazon issued a critical security bulletin (2026-005-AWS) detailing three high-severity vulnerabilities in AWS-LC, its open-source cryptographic library. Discovered through a coordinated disclosure process with the AISLE Research Team, these flaws pose a serious risk to cloud infrastructure. Developers rely heavily…
16-28 February 2026 Cyber Attacks Timeline
In the second half of February 2026 I collected 80 events with a threat landscape dominated by malware with 42%, ahead of account takeovers and ransomware. This article has been indexed from HACKMAGEDDON Read the original article: 16-28 February 2026…
Google Confirms 90 Zero-Day Vulnerabilities Actively Exploited in 2025
The Google Threat Intelligence Group (GTIG) released its annual analysis, confirming that 90 zero-day vulnerabilities were actively exploited in the wild throughout 2025. While this marks a slight decrease from the record 100 zero-days in 2023, it represents a noticeable…
Data Security Firm Evervault Raises $25 Million in Series B Funding
The company has raised a total of $46 million in funding for its developer-focused encryption and orchestration platform. The post Data Security Firm Evervault Raises $25 Million in Series B Funding appeared first on SecurityWeek. This article has been indexed…
Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity
Collaboration is more important than ever—and doable—according to the WEF’s Global Security Outlook 2026 report. The post Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
OpenAI’s GPT-5.4 doubles down on safety as competition heats up
In the midst of recent developments and controversies surrounding a contract with the U.S. Department of Defense, OpenAI released the GPT-5.4 model. The release comes at a time when users are reportedly leaving ChatGPT for rival chatbots, particularly Anthropic’s Claude.…
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the…
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow
Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While…
Fake CleanMyMac site installs SHub Stealer and backdoors crypto wallets
We uncovered a fake CleanMyMac site delivering SHub Stealer, a macOS infostealer that steals credentials and silently backdoors crypto wallets. This article has been indexed from Malwarebytes Read the original article: Fake CleanMyMac site installs SHub Stealer and backdoors crypto…
Meta Rolls Out Charges For Third-Party Chatbots On WhatsApp
Facebook parent Meta reopens WhatsApp API access to third-party chatbots for fee, seeking to head off EU injunction ordering it to do so This article has been indexed from Silicon UK Read the original article: Meta Rolls Out Charges For…
China-Nexus Hackers Target Telecommunication Providers with New Malware Attack
A highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since 2024. Security researchers assess with high confidence that UAT-9244 exhibits close operational overlap with known espionage groups such as FamousSparrow…
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks
Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Linux…
Hackers Can Use Indirect Prompt Injection Allows Adversaries to Manipulate AI Agents with Content
Artificial intelligence tools are now a core part of everyday workflows — from browsers that summarize web pages to automated agents that help users make decisions online. As these tools become more capable, attackers are learning how to turn them…
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI functionality in their products directly. But just how secure are these AI…
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed below – CVE-2017-7921…
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February…
Apple blocks ByteDance, Google’s 90 zero-days, Iran backdoors U.S. organizations
Apple blocks ByteDance Chinese apps Google says 90 zero-days were exploited in attacks last year Iran intelligence backdoored U.S. bank, airport, software outfit networks Get the show notes here: https://cisoseries.com/cybersecurity-news-apple-blocks-bytedance-googles-90-zero-days-iran-backdoors-u-s-organizations/ Huge thanks to our sponsor, Adaptive Security This episode is…
Nvidia Stops Production Of H200 Chips For China
Nvidia reportedly reallocates TSMC capacity from H200 chips aimed at China market, after December deal fails to produce any sales This article has been indexed from Silicon UK Read the original article: Nvidia Stops Production Of H200 Chips For China