30Articles
6Categories
2026-02-24Date
🚨 CISA KEV 1[−]
24 Feb KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-25108 Soliton Systems K.K. FileZen OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for maliciou…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 8[−]
24 FebAPT28 Targeted European Entities Using Webhook-Based Macro MalwareThe Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 threat intelligence team, was active between September 2025 and January 2026. It has…THEHACKERNEWS.COM
24 FebCelebrating Two Years of CSF 2.0!Celebrate this milestone with us! Email us at csf [at] nist.gov (csf[at]nist[dot]gov) or tag @NISTcyber on X telling us what your favorite CSF 2.0 resource is (or how your organization has benefitted from implementing the CSF 2.0). Today marks two years since the publication of t…NIST.GOV
24 FebOpen Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)In 2010, OWASP added "Unvalidated Redirects and Forwards" to its Top 10 list and merged it into "Sensitive Data Exposure" in 2013 [owasp1] [owasp2]. Open redirects are often overlooked, and their impact is not always well understood. At first, it does not look…ISC.SANS.EDU
24 FebDeveloper-targeting campaign using malicious Next.js repositoriesA developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard build workflows. The activity demonstrates how staged command-and-control can hide inside routine development tasks. The post Developer-targeting campaign …MICROSOFT.COM
24 FebTreasury sanctions Russian zero-day broker accused of buying exploits stolen from US defense contractorThe U.S. Treasury announced it was imposing sanctions against a Russian broker of zero-day exploits, its founder and two affiliates, citing a threat to U.S. national security. Another affiliated zero-day broker in the United Arab Emirates was also sanctioned.TECHCRUNCH.COM
24 FebNews alert: Sendmarc highlights impact of DMARC update on evolving email security standardsWILMINGTON, Del., Feb. 24, 2026, CyberNewswire — Sendmarc has released a new fireside chat featuring Todd Herr, Principal Solutions Architect at GreenArrow Email and co-editor of DMARCbis, on the upcoming update to DMARC (Domain-based Message Authentication, Reporting, and Confor…LASTWATCHDOG.COM
24 FebHelping Users with Practical Advice to Protect their Digital Devices - Runa Sandvik - ASW #371Journalists put a lot of effort into collecting information and protecting their sources, but everyone can benefit from having a digital environment that's more secure and more privacy protecting. Runa Sandvik shares her experience working with journalists and targeted groups to …YOUTUBE.COM
24 Feb KEVJanuary 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-DayJanuary 2026 saw 23 actively exploited CVEs, including APT28’s Microsoft Office zero-day and critical auth bypass flaws impacting enterprise systems.RECORDEDFUTURE.COM
🔥 INCIDENT REPORTING 8[−]
24 FebThe Ghost in the Shell: Why Agentic AI is a Corporate Security NightmareAutonomous AI agents blur security boundaries, enabling data exfiltration, privilege abuse, and insider‑level risk in enterprises.F5.COM
24 FebWeekly Update 492Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite The recurring theme this week seems to be around the gap between breaches happening and individual victims finding out about them. It&a…TROYHUNT.COM
24 FebLazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksThe North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom's threat intelligen…THEHACKERNEWS.COM
24 FebScaling security operations with Microsoft Defender autonomous defense and expert-led servicesAI-powered cyberattacks outpace aging SOC tools, and this new guide explains why manual defense fails and how autonomous, expert-led security transforms modern protection. The post Scaling security operations with Microsoft Defender autonomous defense and expert-led services appe…MICROSOFT.COM
24 FebCarGurus data breach affects 12.5 million accountsAutomotive marketplace CarGurus was the target of a data breach in which the names, email addresses, phone numbers, and physical addresses of millions of customers were stolen.TECHCRUNCH.COM
24 FebMarquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attackFintech giant Marquis is suing its firewall provider SonicWall, claiming that an earlier breach with SonicWall allowed hackers to deploy ransomware on Marquis' network.TECHCRUNCH.COM
24 FebConduent data breach grows, affecting at least 25M peopleThe number of people affected by a data breach at government contractor giant Conduent is growing, as millions of people continue to receive notices warning them that hackers stole their personal data.TECHCRUNCH.COM
24 FebPreparing for Russia’s New Generation Warfare in EuropeRussia is escalating its hybrid warfare against NATO into a coordinated, full-scale campaign blending cyber attacks, sabotage, and influence operations. Read the full report to understand what New Generation Warfare means for your organization.RECORDEDFUTURE.COM
🕵️ THREAT INTELLIGENCE 9[−]
24 FebIs AI Good for Democracy?Politicians fixate on the global race for technological supremacy between US and China. They debate geopolitical implications of chip exports, latest model releases from each country, and military applications of AI. Someday, they believe, we might see advancements in AI tip the …SCHNEIER.COM
24 FebUAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareA Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into…THEHACKERNEWS.COM
24 FebISC Stormcast For Tuesday, February 24th, 2026 https://isc.sans.edu/podcastdetail/9822, (Tue, Feb 24th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
24 FebFake Video Meeting Invites Trick Users Into Installing RMM ToolsThreat actors are using phony meeting invites for Zoom, Microsoft Teams, Google Meet, and other video conferencing applications to trick users into installing remote monitoring and management (RMM) tools, according to researchers at Netskope.KNOWBE4.COM
24 FebIntroducing the AIDA Orchestration Agent: Always-On Human Risk Management Has ArrivedSocial engineering remains the most reliable way into an organization—and attackers are getting better at it every day.KNOWBE4.COM
24 FebA Joint Vision for Simplified SASE Management at ScaleUnlock simplified SASE management at scale. The Prisma SASE app on ServiceNow unifies security, automates deployment, and accelerates time to value. The post A Joint Vision for Simplified SASE Management at Scale appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
24 FebHidden Risks in Security DefaultsMany enterprise security models rely on users to secure their infrastructure, lacking secure defaults. This can lead to vulnerabilities and data loss, as seen with Amazon's AWS. Should vendors be responsible for enabling security by default, and how can this change? Subscribe to …YOUTUBE.COM
24 FebSignal vs WhatsApp: Privacy ChoiceSignal and WhatsApp both encrypt messages, but differ in data storage practices. Signal offers more privacy by storing less user data compared to WhatsApp. How important is data privacy to you when choosing a messaging app? Subscribe to our podcasts: https://securityweekly.com/su…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
24 FebUnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsThe threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed…THEHACKERNEWS.COM
📡 INFOSEC NEWS 3[−]
24 FebIdentity Prioritization isn't a Backlog Problem - It's a Risk Math ProblemMost identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created …THEHACKERNEWS.COM
24 FebAnthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelAnthropic on Monday said it identified "industrial-scale campaigns" mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude's capabilities to improve their own models. The distillation attacks generated over 16 mill…THEHACKERNEWS.COM
24 FebFormer L3Harris Trenchant boss jailed for selling hacking tools to Russian brokerPeter Williams, the former head of U.S. hacking tools maker L3Harris Trenchant, was sentenced to seven years in prison for stealing and selling his former company’s hacking and surveillance tools to a Russian firm.TECHCRUNCH.COM