Tag: Cyber Security News

A wave of credential stuffing attacks has exposed a troubling shift in how threat actors are breaking into corporate networks — not by exploiting software vulnerabilities, but by simply logging in with stolen passwords. At the center of this campaign…

Read more →

Microsoft is strengthening its cybersecurity ecosystem by extending Microsoft Defender for Office 365 (MDO) URL click alerts to Microsoft Teams. Previously focused on email threats, this update gives security teams crucial visibility into potentially malicious activity happening within Teams messages.…

Read more →

A major networking vendor has issued an out-of-cycle security bulletin to address a critical vulnerability in its Junos OS Evolved software, specifically affecting PTX Series platforms. This flaw, identified as CVE-2026-21902, allows an unauthenticated, remote attacker to execute arbitrary code…

Read more →

North Korea-linked threat group APT37 has launched a sophisticated new campaign using a fresh set of custom malware tools specifically designed to reach computers that are not connected to the internet — a type of system long considered among the…

Read more →

Cybercriminals have found a new way to get past users’ defenses — by hiding malware inside gaming tools that look completely normal. Microsoft’s security team has uncovered an active campaign where attackers are distributing trojanized versions of popular gaming utilities…

Read more →

A major data breach has hit Odido, one of the Netherlands’ prominent telecommunications providers, with cybercriminals publishing over one million customer records online following a failed extortion attempt in February 2026. The threat actor group ShinyHunters is believed to be…

Read more →

Critical vulnerabilities in Anthropic’s Claude Code, an AI-powered command-line development tool. The flaws could allow attackers to achieve Remote Code Execution (RCE) and exfiltrate Anthropic API keys by exploiting project configuration files. The issues were reported by Check Point Research…

Read more →

A critical privilege escalation vulnerability affecting Google Cloud API keys specifically how legacy public-facing keys now silently grant unauthorized access to Google’s Gemini AI endpoints, exposing private files, cached data, and billable AI usage to attackers. For over a decade,…

Read more →

A newly uncovered cloaking platform called 1Campaign is giving cybercriminals a powerful tool to push malicious advertisements through Google’s ad review system, putting everyday users at serious risk of phishing scams and cryptocurrency theft.​ Google Ads is one of the most trusted…

Read more →

A cleverly crafted fake Zoom website has silently pushed surveillance software onto Windows machines, infecting 1,437 users globally in just 12 days. The campaign, first detected on February 11, 2026, on the Microsoft Defender for Endpoint (MDE) platform, used a…

Read more →

A newly discovered Android Remote Access Trojan (RAT) named Oblivion is raising serious concerns across the mobile security community. Sold on a public hacking forum for as little as $300 a month, this malware is built to silently take over…

Read more →

A newly documented Android spyware called ResidentBat has been linked to the Belarusian KGB, giving state operators deep and persistent access to the mobile devices of journalists and civil society members. First publicly reported in December 2025 through a joint investigation by…

Read more →

The Wireshark Foundation has officially released Wireshark 4.6.4, a significant maintenance update for the world’s most popular network protocol analyzer. This release addresses multiple security vulnerabilities and resolves various functional bugs that could impact stability and performance. Network administrators, security…

Read more →

A highly sophisticated and previously unreported threat campaign dubbed SeaFlower (藏海花) has been actively targeting users of popular Web3 cryptocurrency wallets, embedding stealthy backdoors into cloned versions of legitimate applications to silently steal seed phrases and drain victims’ funds. The…

Read more →

The cybersecurity threat landscape is facing a growing challenge as infostealers continue to dominate the initial access ecosystem in 2026. Among the latest threats drawing serious attention is DarkCloud, a commercially available credential-harvesting malware that proves even low-cost tools can…

Read more →

A newly emerged remote access trojan (RAT) called Steaelite is raising serious concerns across enterprise security teams. First spotted on underground cybercrime networks in November 2025, this malware merges two traditionally separate attack stages — data theft and ransomware deployment…

Read more →

Anthropic has launched a new “Remote Control” feature for its agentic terminal tool, Claude Code. His capability allows developers to start tasks in their local terminal and continue managing them from a mobile device or browser. Currently in Research Preview…

Read more →

A critical vulnerability in an enterprise AI platform has been patched, addressing a flaw that could allow unauthenticated remote code execution. Tracked as CVE-2026-0542, this security flaw poses a significant risk to organizations using the ServiceNow AI Platform. The vulnerability…

Read more →

OpenAI has officially confirmed that a ChatGPT account linked to an individual associated with Chinese law enforcement was used to plan and document large-scale covert cyberattack campaigns. The revelation, published in OpenAI’s February 2026 threat disruption report, marks one of…

Read more →

A proof-of-concept (PoC) exploit has been publicly released for CVE-2026-2636, a newly documented vulnerability in Windows’ Common Log File System (CLFS) driver that allows any low-privileged, unprivileged user to instantly crash a target system into an unrecoverable Blue Screen of Death…

Read more →