North Korea-linked threat group APT37 has launched a sophisticated new campaign using a fresh set of custom malware tools specifically designed to reach computers that are not connected to the internet — a type of system long considered among the…
Microsoft Defender Uncovers Trojanized Gaming Utility Campaign Targeting Users with RATs and Remote Data Theft
Cybercriminals have found a new way to get past users’ defenses — by hiding malware inside gaming tools that look completely normal. Microsoft’s security team has uncovered an active campaign where attackers are distributing trojanized versions of popular gaming utilities…
NATO greenlights iPhone and iPad for classified information handling
Apple confirmed that the iPhone and iPad have been approved for use with classified information in NATO restricted environments. The devices will no longer require special software or settings to handle NATO restricted-level information. “This achievement recognizes that Apple has…
EU Top Court Adviser Sides Against Meta, In Data Setback
Adviser to EU’s highest court sides against Meta, as Facebook parent tries to prevent discovery of internal documents in antitrust case This article has been indexed from Silicon UK Read the original article: EU Top Court Adviser Sides Against Meta,…
ManoMano data breach impacted 38 Million customer accounts
European DIY platform ManoMano suffered a data breach via a third-party provider, exposing personal data of 38 million customers. European DIY e-commerce platform ManoMano disclosed a major data breach affecting 38 million customers. Hackers accessed personal information by compromising a…
12 Million exposed .env files reveal widespread security failures
Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny rule, an overlooked server setting, or a full project folder uploaded to production can quietly expose…
Claude Code Security: Why the Real Risk Lies Beyond Code
Anthropic’s Claude Code Security launch sent shockwaves through cybersecurity markets. As GitGuardian’s CEO, here’s why I believe the real battle has shifted from code vulnerabilities to identity and secrets management in the AI era. The post Claude Code Security: Why…
NATO adopts Apple, Education and Healthcare backdoor, Apex One flaws
iPhone and iPad cleared for classified NATO work U.S. Education and Healthcare targeted with Dohdoor backdoor Trend Micro warns of critical Apex One code execution flaws Get links to all of today’s news in our show notes here: https://cisoseries.com/cybersecurity-news-nato-adopts-apple-education-and-healthcare-backdoor-apex-one-flaws/ Thanks…
Executives Convicted Amid Greek Spyware Scandal
Four executives linked to Greece-based Israeli spyware company Intellexa convicted of misdemeanour offences, as critics allege cover-up This article has been indexed from Silicon UK Read the original article: Executives Convicted Amid Greek Spyware Scandal
Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials
The cybersecurity community is witnessing a rise in credential‑stuffing attacks targeting corporate Single Sign‑On (SSO) systems, with recent campaigns focusing on F5 BIG‑IP devices. To understand the source of the stolen logins, Defused Cyber analyzed a dataset of 70 unique…
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
Meta on Thursday said it’s taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers based in Brazil, China, and Vietnam. As part of the effort, the advertisers’ methods of payment have…
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking
CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio. The post Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking appeared first on SecurityWeek. This article has been indexed…
IT Security News Hourly Summary 2026-02-27 09h : 12 posts
12 posts were published in the last hour 7:36 : FreeBSD Vulnerabilities Enable Attackers to Crash Entire System 7:36 : 1 Million Records from Dutch Telco Odido Leaked Online in Massive Data Breach 7:36 : Varist Hybrid Detection Engine protects…
FreeBSD Vulnerabilities Enable Attackers to Crash Entire System
The FreeBSD Project has disclosed a critical security vulnerability, tracked as CVE-2025-15576, which allows attackers to escape jail environments and gain unauthorized access to the full host filesystem. This flaw impacts FreeBSD versions 14.3 and 13.5, leaving unpatched systems exposed…
1 Million Records from Dutch Telco Odido Leaked Online in Massive Data Breach
The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers. The incident, which included an extortion attempt, has raised serious concerns about customer privacy and data security in the telecom sector.…
Varist Hybrid Detection Engine protects against AI-assisted malware
Varist launched the Hybrid Detection Engine, creating an AI-scale malware detection solution that detects both known and zero-day threats. Built on proven technology used to perform more than 500 billion file scans per day for global customers, the Varist solution…
Android app uses Bluetooth signals to detect nearby smart glasses
Smart glasses with built-in cameras are showing up in more public spaces, and a growing number of people want a way to know when one is nearby. An Android app called Nearby Glasses, developed by Yves Jeanrenaud, attempts to fill…
N-able’s Anomaly Detection feature identifies credential-based threats
N-able expanded its Anomaly Detection capabilities in Cove Data Protection to combat the surge in identity-driven cyberattacks targeting backup environments. The new functionality delivers real-time alerts when suspicious or unauthorized changes to backup policies are detected, giving customers an early…
Oculeus 2FN authenticates calls in real time to stop CLI spoofing
Oculeus has launched its new Two Factor Network (2FN) solution. The 2FN solution provides a framework for telcos to trace the origin of traffic, verify caller identity, determine the roaming status of inbound calls, and prevent Caller Line Identification (CLI)…
Are Your Chrome Extensions Spying on You?
Chrome web browser extensions offer a range of useful tools to help manage your tabs, sharpen your writing, track deals online, and more. They seem… The post Are Your Chrome Extensions Spying on You? appeared first on Panda Security Mediacenter.…
Vshell Gains Popularity Among Cybercriminals as Cobalt Strike Alternative
A Go‑based remote administration tool known as Vshell is emerging as a favored alternative to Cobalt Strike among both red teams and threat actors. Though marketed as a legitimate network administration and security testing platform, recent analyses indicate that Vshell’s powerful post‑compromise…
OpenClaw Insights: A CISO’s Guide to Safe Autonomous Agents – FireTail Blog
Feb 27, 2026 – Alan Fagan – The “OpenClaw” crisis has board members asking, “Could this happen to us?” The answer isn’t to ban AI agents. It’s to govern them. By now, the dust is settling on the OpenClaw (aka…
DeVry University’s CISO on higher education cybersecurity risk
In this Help Net Security interview, Fred Kwong, VP, CISO at DeVry University, outlines how the university balances academic openness with cyber risk. He describes how systems for students are separated from back end operations to limit exposure. Kwong also…
Backblaze launches two tools to automate endpoint backup management
Backblaze announced two new tools for Backblaze Computer Backup designed to give IT teams greater control, consistency, and automation across endpoint deployments: the Advanced Installer and the Backblaze Command Line Interface (bzcli). Backblaze Computer Backup has long been known for…