Microsoft is enhancing Teams productivity with AI Workflows. This new feature leverages Microsoft 365 Copilot to automate routine tasks through scheduled prompts and intelligent templates. The capability, scheduled to roll out between late January and mid-February 2026, aims to streamline…
Tag: Cyber Security News
Langchain Community SSRF Bypass Vulnerability Enables Access to Internal Services
A Server‑Side Request Forgery (SSRF) vulnerability has been identified in the langchain/community package, affecting versions up to 1.1.13. The flaw, tracked as CVE‑2026‑26019, has a moderate severity rating, with a CVSS 3.1 score, due on its potential to expose sensitive cloud metadata and internal infrastructure. The…
Malicious Chrome Extension Steals Facebook Business Manage 2FA Codes and Analytics Data
A malicious Chrome extension that claims to help Meta Business users quietly steals Facebook Business Manager 2FA codes and analytics data, putting high‑value ad accounts at risk of takeover. The extension, “CL Suite by @CLMasters” (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is still available in…
Apache NiFi Vulnerability Enables Authorization Bypass
A newly disclosed high-severity vulnerability in Apache NiFi exposes systems to an authorization bypass that could allow lower-privileged users to modify restricted components. Tracked as CVE-2026-25903, the flaw impacts Apache NiFi versions 1.1.0 through 2.7.2 and has been fixed in version 2.8.0. According to…
25 Vulnerabilities in Cloud Password Managers Allow Unauthorized Access and Modifications
Researchers from ETH Zurich have uncovered 25 serious vulnerabilities in three leading cloud-based password managers: Bitwarden, LastPass, and Dashlane. These flaws enable a malicious server to bypass zero-knowledge encryption claims, allowing unauthorized access, modification, and recovery of users’ stored passwords…
Noodlophile Malware Creators Evolve Tactics with Fake Job Postings and Phishing Lures
The Noodlophile information stealer, originally uncovered in May 2025, has significantly evolved its attack strategies to bypass security measures. Initially, this malware hid behind deceptive advertisements for fake AI video generation platforms on social media, tricking users into downloading malicious…
Beware of Fake Shops from Threat Actors to Attack Winter Olympics 2026 Fans
Cybercriminals are targeting fans of the Milano Cortina 2026 Winter Olympics through an extensive network of fake online merchandise stores designed to steal payment information and personal data from unsuspecting shoppers. The scam campaign capitalizes on overwhelming demand for official…
Hackers Can Weaponize ‘Summarize with AI’ Buttons to Inject Memory Prompts Into AI Recommendations
A new security threat has emerged targeting users of AI assistants through a technique called AI Recommendation Poisoning. Companies and threat actors embed hidden instructions in seemingly harmless “Summarize with AI” buttons found on websites and emails. When clicked, these…
Joomla Novarain/Tassos Framework Vulnerabilities Enables SQL injection and Unauthenticated File Read
Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection attacks, potentially leading to remote code execution and full administrator takeover on unpatched systems. The issues affect multiple popular…
Single IP Dominates Exploitation Campaign Attacking Ivanti EPMM with RCE Vulnerability
A critical remote code execution (RCE) flaw in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281, is being heavily exploited. GreyNoise shows that 83% of observed attacks come from a single IP address: 193[.]24[.]123[.]42. This IP is registered to PROSPERO…
Palo Alto Networks Completed Acquisition of Identity Security Firm CyberArk
Palo Alto Networks has finalized its acquisition of CyberArk, a leading identity security firm, in a landmark $25 billion deal. This completion, announced on February 11, 2026, positions identity security as a foundational element of the company’s platform strategy amid…
LockBit’s New 5.0 Version Attacking Windows, Linux and ESXI Systems
A dangerous new version of LockBit ransomware has emerged, targeting multiple operating systems and threatening businesses worldwide. LockBit 5.0, released in September 2025, represents a major upgrade to one of the most active ransomware families in recent years. This version…
New Clickfix Variant ‘Matryoshka’ Attacking Users to Deploy macOS Stealer Malware
A sophisticated social engineering campaign targeting macOS users has emerged, deploying a dangerous stealer malware through an evolved version of the ClickFix attack technique. Named “Matryoshka” after the Russian nesting dolls, this variant uses nested obfuscation layers to hide malicious…
FileZen File Transfer App Vulnerability Enables Arbitrary Command Execution
A critical vulnerability has been discovered in the file transfer solution from Soliton Systems K.K., potentially allowing attackers to execute arbitrary system commands on affected installations. The issue, tracked as CVE-2026-25108, has been assessed with a CVSS v3.0 base score of 8.8,…
OpenClaw Founder Peter Steinberger Officially Joins OpenAI
OpenClaw founder Peter Steinberger has officially joined OpenAI, marking a notable collaboration between open-source innovation and one of the world’s leading AI research organizations. According to Steinberger’s announcement titled “OpenClaw, OpenAI and the Future,” his new role focuses on advancing AI agents to make them accessible…
Critical Airleader Vulnerability Exposes Systems to Remote Code Execution Attacks
A newly disclosed vulnerability in an industrial control system (ICS) monitoring solution has raised concerns across multiple critical infrastructure sectors. Published by CISA under advisory code ICSA-26-043-10, the flaw has been assigned CVE-2026-1358 and carries a CVSS v3 score of 9.8, indicating critical…
New ZeroDayRAT Attacking Android and iOS For Real-Time Surveillance and Data Theft
ZeroDayRAT is a new mobile spyware platform sold openly through Telegram, with activity first observed on February 2, 2026. It targets Android (5–16) and iOS (up to 26), giving attackers one cross-platform tool. From a browser-based control panel, an operator…
CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover
An alert regarding two critical vulnerabilities found in ZLAN Information Technology Co.’s ZLAN5143D industrial communication device. According to the advisory (ICSA-26-041-02), successful exploitation could allow attackers to gain complete control of affected systems by bypassing authentication mechanisms or resetting device…
Lotus Blossom Hackers Compromised Official Hosting Infrastructure of Notepad++
The state-sponsored threat group Lotus Blossom successfully breached the official hosting infrastructure of Notepad++ between June and December 2025, targeting users across government agencies, telecommunications companies and critical infrastructure sectors. The attackers gained access by compromising the shared hosting provider’s…
Critical BeyondTrust Vulnerability Exploited in the Wild to Gain Full Domain Control
A critical vulnerability tracked as CVE-2026-1731 is being actively exploited in the wild, enabling attackers to gain full domain control over affected systems. Threat actors are leveraging this flaw to execute operating system commands remotely without authentication. The flaw, discovered in self-hosted BeyondTrust…