Conduent Data Breach Notification Letters Sent to Millions as Ransomware Group Claims 8 Terabytes Stolen in One of the Largest U.S. Incidents. Letters began reaching affected individuals this month detailing a major data breach at Conduent Business Services, LLC, a…
Tag: Cyber Security News
Anthropic Claude Under Large Scale Distillation Attacks By Chinese AI Labs with 13 Million Exchanges
Anthropic today accused three prominent Chinese artificial intelligence companies DeepSeek, Moonshot AI, and MiniMax of running coordinated “distillation” campaigns to steal advanced capabilities from its Claude models. The San Francisco-based lab said the operations involved roughly 24,000 fraudulent accounts and…
GrayCharlie Injects Malicious JavaScript into WordPress Sites to Deliver NetSupport RAT and Stealc
A threat actor known as GrayCharlie has been compromising WordPress websites since mid-2023, silently embedding malicious JavaScript to push malware onto visiting users. The group overlaps with the previously tracked SmartApeSG cluster, also called ZPHP or HANEMONEY. Its main tool…
New MIMICRAT Custom RAT Uncovered in Sophisticated Multi-Stage ClickFix Campaign
A sophisticated new cyber campaign has been uncovered, utilizing a deceptive technique known as “ClickFix” to distribute a custom remote access trojan dubbed MIMICRAT. This operation compromises legitimate websites to serve as delivery vectors, bypassing traditional security controls by relying…
North Korean Threat Actors Leverage Fake IT Worker Campaigns and Contagious Interview Tactics
North Korean nation-state threat actors have been running a two-part operation — posing as job recruiters while embedding fake workers inside real companies. Since at least 2022, these actors have tricked software developers into running malicious code during fake technical…
New Phishing Framework Starkiller Proxies Real Login Pages to Bypass MFA
A highly sophisticated phishing framework named Starkiller has recently emerged, offering attackers an advanced method to steal credentials and bypass multi-factor authentication. Developed by a group known as Jinkusu, this malicious toolkit is sold as a commercial software-as-a-service product. Unlike…
Microsoft MFA Down – 504 Gateway Timeout Errors Disrupting MFA Access for U.S. Users
Microsoft is currently investigating a significant service degradation affecting Multi-Factor Authentication (MFA) across its Microsoft 365 suite, with users in the North America region reporting widespread 504 gateway timeout errors when attempting to authenticate into MFA-protected services. The incident, tracked…
Threat Actor Allegedly Claimed Leak of Wendy’s International Franchise Database
A threat actor claimed on February 22, 2026, to have leaked what they are calling the “Wendy’s International Franchise Database,” exposing sensitive operational configurations, franchisee contact data, and live payment integration credentials across multiple food service brands. No public acknowledgment…
HPE Telco Service Activator Vulnerability Let Attackers Bypass Access Restrictions
Security Bulletin released on February 19, 2026, addresses a remote flaw in HPE Telco Service Activator that could let attackers bypass access restrictions. According to HPE, the issue stems from the Undertow HTTP server core used by the product. The…
jsPDF Vulnerability Exposes Millions of Developers to Object Injection Attacks
A newly disclosed security flaw in the popular jsPDF library has exposed millions of web developers to PDF Object Injection attacks, allowing remote attackers to embed arbitrary objects and actions into generated PDF documents. Tracked as CVE-2026-25755, the vulnerability affects the addJS method used to embed…
PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability
A critical zero-day vulnerability, tracked as CVE-2026-2329, is affecting Grandstream’s GXP1600 series VoIP desk phones. The issue is an unauthenticated stack-based buffer overflow that can be exploited remotely to achieve root-level remote code execution (RCE) on a vulnerable device. Because the…
OWASP Smart Contract Top 10 2026 — Security Risks and Vulnerabilities
The Open Web Application Security Project (OWASP) has published the Smart Contract Top 10: 2026, a forward-looking standard awareness document designed to arm Web3 developers, security auditors, and protocol owners with actionable intelligence on the most critical vulnerabilities affecting smart…
CISA Warns of Multiple Roundcube Vulnerabilities Exploited in Attacks
CISA has officially updated its Known Exploited Vulnerabilities (KEV) Catalog to include new security flaws affecting a popular webmail platform. On February 20, 2026, the agency added two critical vulnerabilities found in Roundcube Webmail based on clear evidence that threat…
DPRK Linked Operators Sustain Aggressive Crypto Targeting 12 Months After Bybit Breach
February 21, 2026, marks one year since North Korea (DPRK)-linked operators stole approximately $1.46 billion in cryptoassets from Dubai-based exchange Bybit — the largest confirmed crypto theft in history. Rather than slowing down after that breach, the group has only…
Google Suspends OpenClaw Users from Antigravity AI After OAuth Token Abuse
Google has suspended access to its Antigravity AI platform for numerous users of the open-source tool OpenClaw, sparking backlash over aggressive enforcement of terms of service (ToS). The move targets developers leveraging OpenClaw’s OAuth plugin to tap into subsidized Gemini…
Threat Actors Allegedly Selling WhatsApp Crash Exploit on Hacking Forums
A recent discovery on underground hacking forums has raised alarms about a new exploit targeting the popular messaging application, WhatsApp. Threat intelligence platforms have identified a threat actor allegedly offering a script designed to crash the application across multiple operating…
Silver Fox APT Uses DLL Sideloading and BYOVD Techniques in Sophisticated Malware Attacks
The cybersecurity community recently witnessed the emergence of targeted malware campaigns linked to the Silver Fox threat group. This operation focuses heavily on Asia, targeting local organizations with carefully localized lures. By disguising attacks as routine business communications, actors successfully…
Google Blocked 1.75 Million Malicious Apps from Entering into the Play Store
AI-powered security systems blocked over 1.75 million malicious or policy-violating apps from reaching the Play Store in 2025, strengthening Android security. According to Google’s latest Android and Google Play security update, the company blocked over 1.75 million apps during the…
Cybersecurity News Weekly: PayPal Breach, Chrome 0-Day, BeyondTrust RCE Exploit, and More
Welcome to this week’s Cybersecurity Weekly Digest, your curated roundup of the most critical threats, attacks, breaches, and vulnerabilities making headlines from February 16 to 22, 2026. This week proved to be one of the most eventful of the year…
Cloudflare Down – 6 Hour of Massive Global Service Outage Cause Customers Unreachable From the Internet
Cloudflare experienced a significant six-hour global service outage on February 20, 2026, causing major disruptions for customers utilizing its Bring Your Own IP (BYOIP) services. The incident, which began at 17:48 UTC and lasted for six hours and seven minutes,…