The ransomware landscape continues to evolve with new threat actors adopting unconventional tactics. Coinbase Cartel emerged in September 2025, quickly claiming 14 victims in its first month of operation. Unlike traditional ransomware groups, this threat actor focuses exclusively on data…
CISA Adds Six Microsoft 0-Day Vulnerabilities to KEV Catalog Following Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urgently expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding six zero-day vulnerabilities, all affecting Microsoft products. This move underscores escalating threats from nation-state actors and cybercriminals actively exploiting these flaws…
RU-APT-ChainReaver-L Hijacks Trusted Sites and GitHub in Sweeping Cross-Platform Supply Chain Attack
A newly exposed advanced persistent threat (APT) campaign, tracked as RU-APT-ChainReaver-L, is hijacking trusted file-hosting sites and long-standing GitHub accounts to deliver stealthy malware to Windows, macOS, and iOS users at scale. The campaign abuses popular mirror and file-distribution portals…
Spam and phishing in 2025
The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lures and others. This article has been indexed from Securelist Read the original article: Spam and phishing…
Fortinet Patches High-Severity Vulnerabilities
The bugs could be exploited without authentication for command execution and authentication bypass. The post Fortinet Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Fortinet Patches High-Severity Vulnerabilities
Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday
Six actively exploited zero-day bug have been patched by Microsoft This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday
Google gets EU Wiz approval, Microsoft secures Secure Boot certificates, North Korean hackers target crypto exec
EU grants Google approval for Wiz Microsoft rolls out Secure Boot certificates before expiration North Korean hackers target crypto exec Get the show notes here: Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World…
Blackstone Boosts Stake In Anthropic
World’s largest alternative asset manager reportedly looking to increase stake in AI start-up to around $1bn, amid ongoing funding round This article has been indexed from Silicon UK Read the original article: Blackstone Boosts Stake In Anthropic
Legacy systems blamed as ministers promise no repeat of Afghan breach
UK government grilled over progress made to prevent a second life-threatening leak Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.… This article has been indexed from The Register –…
Pony.ai, Toyota Start Robotaxi Mass-Production
Mass production begins for robotaxi co-developed with Toyota, as Pony.ai seeks to expand availability of autonomous vehicles This article has been indexed from Silicon UK Read the original article: Pony.ai, Toyota Start Robotaxi Mass-Production
Ivanti Endpoint Manager Flaw Enables Remote Data Exposure
Ivanti has issued a high-security update for its Endpoint Manager (EPM) solution to address two significant vulnerabilities that could put organisational data at risk. The advisory, released on February 9, 2026, highlights a high-severity flaw that allows attackers to bypass…
The Top Pentesting Platforms of 2026: What You Need to Know
What to Look for in a Pentesting Platform? Pen testing is increasingly becoming the way companies prove compliance with data privacy laws and battle-test their defenses. As the primary way of finding and exploiting vulnerabilities (before attackers do), pen testing…
Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise
Dozens of vulnerabilities, bugs, and potential improvements have been identified by the tech giants’ security teams. The post Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Yubico previews passkey-enabled digital signatures in upcoming YubiKey 5.8 firmware
Yubico’s upcoming YubiKey 5.8 firmware introduces standardized APIs that integrate hardware-backed signatures with passkey authentication. To enable privacy-capable digital signatures using passkeys, expanded enterprise IdP support, and next-generation digital wallet use cases, the firmware adds support for FIDO CTAP 2.3…
Chinese Company Rents Dancing Robots
Start-up Botshare offers humanoid robots for entertainment purposes ahead of Valentine’s Day and Lunar New Year, as robot makers seek use cases This article has been indexed from Silicon UK Read the original article: Chinese Company Rents Dancing Robots
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities (KEV)…
Windows Shell Security Feature 0-Day Vulnerability Let Attackers Bypass Authentication
Microsoft released Microsoft Patch Tuesday updates to address a critical zero-day vulnerability in Windows Shell that is currently being actively exploited in the wild. Tracked as CVE-2026-21510, this security flaw allows remote attackers to bypass essential protection mechanisms, putting millions of…
Socelars Malware Attacking Windows Systems to Steal Sensitive Business Data
A dangerous information-stealing malware called Socelars is actively targeting Windows systems to collect sensitive authentication data, with particular focus on Facebook Ads Manager accounts and session cookies. Unlike traditional malware that causes immediate system damage, Socelars operates silently in the…
Apple, Google Agree To ‘First Steps’ With CMA
Apple, Google say they will improve transparency and fairness in treatment of apps on their platforms, amid discussions with UK regulator This article has been indexed from Silicon UK Read the original article: Apple, Google Agree To ‘First Steps’ With…
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact
Several vulnerabilities have been patched and mitigated across the industrial giants’ products. The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
IT Security News Hourly Summary 2026-02-11 09h : 7 posts
7 posts were published in the last hour 7:32 : Windows Remote Access Connection Manager Zero-Day Enables DoS Attacks 7:32 : Hackers Exploit ChatGPT, Grok and Google Ads to Spread macOS AMOS Stealer 7:31 : Windows Shell Zero-Day Vulnerability Allows…
Windows Remote Access Connection Manager Zero-Day Enables DoS Attacks
Microsoft has released urgent security updates to address a zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan). Assigned the identifier CVE-2026-21525, this flaw is currently being exploited in the wild, meaning attackers were using it to target systems before…
Hackers Exploit ChatGPT, Grok and Google Ads to Spread macOS AMOS Stealer
Threat actors are abusing shareable ChatGPT and Grok conversations and pushing them with Google Search ads to trick macOS users into running Terminal commands that install the Atomic macOS Stealer (AMOS). This campaign shows how attackers now blend social engineering…
Windows Shell Zero-Day Vulnerability Allows Attackers to Bypass Authentication
Microsoft has issued an urgent security warning following the discovery of a zero-day vulnerability in the Windows Shell, now tracked as CVE-2026-21510. This critical flaw, which carries a high severity score of 8.8, is currently being exploited in the wild, forcing a…