We disclose new details about campaigns involving RenEngine and HijackLoader malware. Since March 2025, attackers have been distributing the Lumma stealer in a complex chain of infections, and in February 2026, ongoing attacks using ACR Stealer became known. This article…
Tag: EN
Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed
The Conduent data breach affects at least 25 million individuals, up from 10 million estimated a few months ago. The post Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed appeared first on SecurityWeek. This article has been indexed…
WSL in the Malware Ecosystem, (Wed, Feb 11th)
WSL or “Windows Subsystem Linuxâ€[1] is a feature in the Microsoft Windows ecosystem that allows users to run a real Linux environment directly inside Windows without needing a traditional virtual machine or dual boot setup. The latest version, WSL2, runs…
EU Commission Breach – The Importance of Upholding Strong Device Management Infrastructure
Last week, the European Commission launched an investigation after finding evidence that its mobile device management platform was hacked. The Commission reported that it discovered “traces of a cyberattack” that targeted infrastructure that manages its staff’s mobile devices. The breach…
Security in the Dark: Recognizing the Signs of Hidden Information
Security failures don’t always start with attackers, sometimes they start with missing truth. The post Security in the Dark: Recognizing the Signs of Hidden Information appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Zast.AI Raises $6 Million for AI-Powered Code Security
The startup relies on AI agents to identify software vulnerabilities and validate them before reporting. The post Zast.AI Raises $6 Million for AI-Powered Code Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
GitGuardian Raises $50M Series C to Address Non-Human Identities Crisis and AI Agent Security Gap
New York, NY, 11th February 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: GitGuardian Raises $50M Series C to Address Non-Human Identities Crisis and AI Agent Security…
Microsoft Launches Extended Security Update Program for Windows 10 Users
Microsoft released its latest security update, KB5075912, for Windows 10 on February 10, 2026, providing critical protections for users enrolled in the Extended Security Updates (ESU) program. This update addresses urgent security vulnerabilities and system issues. At the same time,…
Payroll pirates are conning help desks to steal workers’ identities and redirect paychecks
Attackers using social engineering to exploit business processes, rather than tunnelling in via tech Exclusive When fraudsters go after people’s paychecks, “every employee on earth becomes a target,” according to Binary Defense security sleuth John Dwyer.… This article has been…
February 2026 Patch Tuesday includes six actively exploited zero-days
Microsoft’s February Patch Tuesday fixes 59 flaws—including six zero-days already under active attack. How bad are they? This article has been indexed from Malwarebytes Read the original article: February 2026 Patch Tuesday includes six actively exploited zero-days
Microsoft to Refresh Windows Secure Boot Certificates in June 2026
After a decade and a half of service, the current certificates will expire, and new ones will be rolled out. The post Microsoft to Refresh Windows Secure Boot Certificates in June 2026 appeared first on SecurityWeek. This article has been…
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack…
VoidLink Framework Introduces On-Demand Tool Generation with Native Windows Plugin Support
A newly exposed malware framework, VoidLink, is reshaping how attackers manage implants across modern cloud and enterprise environments. Cisco Talos has now linked this framework to a threat actor tracked as UAT-9921, highlighting how on-demand compilation, modular plugins, and early…
MSHTML Framework Zero-Day Opens Door to Network-Based Security Bypass
Microsoft has disclosed a new zero-day vulnerability in the MSHTML Framework that allows attackers to bypass security features, posing significant risks to organizations worldwide. Tracked as CVE-2026-21513, this vulnerability was released on February 10, 2026, and has already been exploited…
Microsoft Investigates Teams Assignment Errors After Failed Service Update
Microsoft Teams faces widespread disruptions in assignment management, prompting an urgent investigation by the company. Users of Microsoft Teams are encountering error messages when trying to open, set, or delete assignments. The issue stems from a recent backend change that…
Microsoft Releases Critical Windows 11 Cumulative Updates for Versions 25H2, 24H2, and 23H2
In a routine Microsoft Patch Tuesday rollout, essential cumulative updates have been deployed for Windows 11 versions 25H2, 24H2, and 23H2, focusing on improving security amid increasing cyber threats. These updates, KB5077181, KB5075941, and KB5074105, bundle the latest security patches…
Ivanti Patches Endpoint Manager Vulnerabilities Disclosed in October 2025
It also fixed a high-severity authentication bypass that could be exploited remotely without authentication to obtain credentials. The post Ivanti Patches Endpoint Manager Vulnerabilities Disclosed in October 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Hacker Conversations: Professional Hacker Douglas Day
Day became a professional hacker by choice. But that doesn’t mean he isn’t a natural hacker. The post Hacker Conversations: Professional Hacker Douglas Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Hacker…
Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026
Microsoft has plugged 50+ security holes on February 2026 Patch Tuesday, including six zero-day vulnerabilities exploited by attackers in the wild. The “security feature bypass” zero-days Among the zero-days fixed are three vulnerabilities that allow attackers to bypass a security…
US Court Hands Crypto Scammer 20 Years in $73m Case
A federal court has sentenced crypto-scammer Daren Li to 20 years in absentia This article has been indexed from www.infosecurity-magazine.com Read the original article: US Court Hands Crypto Scammer 20 Years in $73m Case