Tag: Cyber Security News

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on February 24, 2026, designated Russian national Sergey Sergeyevich Zelenyuk and his St. Petersburg-based company Matrix LLC operating publicly as Operation Zero, along with five associated individuals and…

Read more →

A critical AI-driven vulnerability in GitHub Codespaces, dubbed RoguePilot, that enabled attackers to silently hijack a repository by embedding malicious instructions inside a GitHub Issue. The flaw, uncovered by researchers at the Orca Research Pod, exploits the seamless integration between…

Read more →

In 2025, threat actors turned widely used artificial intelligence tools into weapons for launching fast, precise network intrusions. CrowdStrike’s 2026 Global Threat Report found an 89% year-over-year increase in attacks by AI-enabled adversaries, as criminals used automation and machine-generated scripts…

Read more →

A supply chain attack targeting ASP.NET developers has surfaced, involving four malicious NuGet packages built to steal login credentials and plant persistent backdoors inside web applications. The packages — NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_ — were published between August 12…

Read more →

The financial sector remains a prime target for cybercriminals, safeguarding not only vast sums of money but also sensitive personal data, payment systems, and economic trust. Recent reports highlight escalating threats, with 65% of financial organizations hit by ransomware in…

Read more →

Atomic macOS Stealer (AMOS), a well-known data-theft malware, has taken a sharp turn in how it reaches victims. Instead of hiding inside cracked software downloads as it once did, threat actors now embed it within malicious OpenClaw skills — small…

Read more →

A critical Remote Code Execution (RCE) vulnerability has been identified in a Ruby background job processing system. The flaw stems from unsafe JSON deserialization, which allows untrusted input to be transformed into executable objects. This issue highlights the hidden dangers…

Read more →

The UK’s Information Commissioner’s Office (ICO) has issued a £14.47 million ($19.52 million) fine against Reddit, Inc. after an investigation concluded the social media platform unlawfully processed the personal information of children under the age of 13, failing to implement…

Read more →

A group of attackers has built a fake version of the Huorong Security antivirus website to trick users into downloading ValleyRAT, a Remote Access Trojan (RAT) built on the Winos4.0 framework. The campaign is linked to the Silver Fox APT…

Read more →

A malicious NPM package named buildrunner-dev has been caught hiding .NET malware inside innocent-looking PNG images, using steganography to slip past antivirus tools and deliver a Remote Access Trojan onto Windows systems. Discovered in February 2026, this campaign signals a notable shift…

Read more →

A Russian-linked cybercrime group named Diesel Vortex has been quietly running a large phishing operation against freight and trucking companies across the United States and Europe. The campaign ran from September 2025 through February 2026 and resulted in more than…

Read more →

The CEO of Tesla and xAI recently stated that the artificial intelligence company Anthropic has stolen large amounts of data to train its models. Musk claims this data theft occurred on a massive scale, resulting in the company paying billions…

Read more →

Broadcom issued security advisory VMSA-2026-0001 on February 24, 2026, disclosing three vulnerabilities in VMware Aria Operations that pose risks, including remote code execution. Organizations using affected products should prioritize patching to mitigate potential exploits. VMware Aria Operations, a key component…

Read more →

A sophisticated new malware campaign has emerged, leveraging fake CAPTCHA lures to deceive users and deploy a stealthy information stealer. Identified in early 2026, this activity shares significant behavioral patterns with the ClickFix campaign that previously targeted restaurant reservation systems…

Read more →

The notorious cybercriminal group has claimed responsibility for a massive data breach targeting the Dutch telecommunications company Odido and its brand BEN. The group ShinyHunters claims to have stolen 21 million records from 8 million customers, suggesting the incident is…

Read more →

In early February 2026, a significant cybersecurity threat emerged involving the sophisticated use of Large Language Models (LLMs) in active intrusion campaigns. A misconfigured server exposed a detailed software pipeline where threat actors integrated DeepSeek and Claude into their attack…

Read more →

OpenClaw, the open-source personal AI assistant with over 215,000 GitHub stars, has released version 2026.2.23, emphasizing robust security hardening alongside advanced AI integrations. This update addresses multiple vulnerabilities and introduces features like Claude Opus 4.6 support, making it a timely…

Read more →

A newly launched bug bounty program is offering nearly $18,000 to anyone who can successfully disconnect Ring Video Doorbells from Amazon’s cloud servers while keeping the devices fully functional. This initiative aims to address ongoing privacy concerns about Ring’s data-handling…

Read more →

WhatsApp has released a new Android update through the Google Play Beta Program, bringing the version up to 2.26.7.8. The update reveals that WhatsApp is actively developing an optional account password feature designed to add another layer of security on…

Read more →

Google has released a critical security update for its Chrome browser, pushing version 145.0.7632.116/117 to Windows and macOS users, while Linux users receive version 144.0.7559.116. The update, which is rolling out progressively over the coming days and weeks, addresses three…

Read more →