74Articles
8Categories
2026-02-26Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 19[−]
26 FebCisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin AccessA newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023. The vulnerability, tracked a…THEHACKERNEWS.COM
26 FebChromium: CVE-2026-3063 Inappropriate implementation in DevToolsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
26 FebChromium: CVE-2026-3062 Out of bounds read and write in TintThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
26 FebChromium: CVE-2026-3061 Out of bounds read in MediaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
26 FebCVE-2025-71230 hfs: ensure sb->s_fs_info is always cleaned upInformation published.MSRC.MICROSOFT.COM
26 FebCVE-2026-23223 xfs: fix UAF in xchk_btree_check_block_ownerInformation published.MSRC.MICROSOFT.COM
26 FebCVE-2025-11563 wcurl path traversal with percent-encoded slashesInformation published.MSRC.MICROSOFT.COM
26 FebCISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerabilitysubmitted by kid to cybersecurity 7 points | 0 comments https://thehackernews.com/2026/02/cisa-confirms-active-exploitation-of.htmlSH.ITJUST.WORKS
⚠️ VULNERABILITY DISCLOSURE 16[−]
26 FebMultiple Vulnerabilities in Cisco Catalyst SD-WAN Products Could Allow for Authentication BypassMultiple vulnerabilities have been discovered in Cisco Catalyst SD-WAN products, the most severe of which could allow for authentication bypass. Cisco Catalyst SD-WAN (formerly Viptela) is a secure, cloud-delivered software-defined WAN architecture that optimizes application perf…CISECURITY.ORG
26 FebTrend Micro warns of critical Apex One code execution flawsTrend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. [...]BLEEPINGCOMPUTER.COM
26 FebCritical Juniper Networks PTX flaw allows full router takeoverA critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute code remotely with root privileges. [...]BLEEPINGCOMPUTER.COM
26 FebAeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownCybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure to make it resilient to takedown efforts. "Instead of relying on traditional servers or domains for command-and-control,…THEHACKERNEWS.COM
26 FebMalicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensCybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector. The package, codenamed StripeApi.Net, attempts to masquerade as S…THEHACKERNEWS.COM
26 FebCisco says hackers have been exploiting a critical bug to break into big customer networks since 2023The U.S. government and its allies said hackers have been exploiting the newly identified bug in Cisco networking gear around the world for years, and urged organizations to patch.TECHCRUNCH.COM
26 FebChina-linked hackers used Google Sheets to spy on telecoms and governments across 42 countriesGoogle has disrupted a China-linked espionage group that used Google’s spreadsheet application as a covert spy tool to compromise telecom providers and government agencies across 42 countries, sending commands and receiving stolen data through it, Google’s Threat Intelligence Gro…CSOONLINE.COM
26 FebThe farmers and the mercenaries: Rethinking the ‘human layer’ in securityThere’s a phrase that’s become gospel in cybersecurity: “Employees are the last line of defense.” We’ve built an entire industry around it. Billions of dollars in security awareness programs, mandatory simulations and user-reporting workflows across endpoints, applications and co…CSOONLINE.COM
26 Feb5 trends that should top CISO’s RSA 2026 agendasRSA 2026 is still weeks away and the hype machine is humming. This year’s theme, “The Power of Community,” is somewhat ironic as the overwhelming chatter at the Moscone Center in San Francisco from March 23 to March 26 will be about AI agents, not humans. Welcome to the cybersecu…CSOONLINE.COM
26 FebSteaelite RAT combines data theft and ransomware management capability in one toolIt’s bad enough that threat actors are leveraging AI for their attacks, but now they can also access a new remote access trojan (RAT) that makes it easy to launch data theft and ransomware attacks on Windows computers from a single management pane. The tool is called Steaelite, a…CSOONLINE.COM
26 FebNuke Docker From Orbit?#Docker #DevOps #LinuxPaul describes a script that removes all Docker containers, images, networks, and volumes at once. It’s designed for situations where development or testing environments become cluttered or inconsistent. Instead of selectively pruning resources, the script r…YOUTUBE.COM
26 FebHow Russia is intercepting communications from European satellitessubmitted by Valnao to cybersecurity 5 points | 0 comments https://theconversation.com/how-russia-is-intercepting-communications-from-european-satellites-276094INFOSEC.PUB
26 FebCritical Cisco SD-WAN bug exploited in zero-day attacks since 2023submitted by kid to cybersecurity 14 points | 0 comments https://www.bleepingcomputer.com/news/security/critical-cisco-sd-wan-bug-exploited-in-zero-day-attacks-since-2023/SH.ITJUST.WORKS
26 FebZyxel warns of critical RCE flaw affecting over a dozen routerssubmitted by kid to cybersecurity 8 points | 0 comments https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers/SH.ITJUST.WORKS
26 FebIntego X9: Why your macOS antivirus should not trust PIDsThis blog post dives into the most common classes of macOS Local Privilege Escalation vulnerabilities, from time-of-check to time-of-use (TOCTOU) Race Conditions and insecure XPC communications to a range of implementation and configuration oversights. We will explore how attacke…QUARKSLAB.COM
26 FebA Deep Dive into the GetProcessHandleFromHwnd APIIn my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access application. This API looked interesting so I thought I should take a closer look. I typical…PROJECTZERO.GOOGLE
📋 SECURITY BULLETINS 1[−]
26 FebThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ StoriesNothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting invite, or a software update. Behind the scenes, the tactics are sharper. Access happens faster. Control is established sooner. Cleanup …THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 5[−]
26 FebAI Is Taking Over Cybersecurity - PSW #915First up is a technical segment called "Paul's Linux Hacks". I finally got around to releasing a bunch of scripts and tutorials for Linux that I've created over the years. We'll go over scripts that can give you a supply chain security report and help you update your Arch-based L…YOUTUBE.COM
26 FebGoogle disrupts Chinese-linked group UNC2814, which breached 53+ organizations across 42 countries and utilized Google Sheets to manage targeting and data theftsubmitted by Innerworld to cybersecurity 3 points | 0 comments https://www.reuters.com/sustainability/boards-policy-regulation/google-disrupts-chinese-linked-hackers-that-attacked-53-groups-globally-2026-02-25/INFOSEC.PUB
26 FebGoogle disrupts Chinese-linked group UNC2814, which breached 53+ organizations across 42 countries and utilized Google Sheets to manage targeting and data theftsubmitted by Innerworld to security 6 points | 0 comments https://www.reuters.com/sustainability/boards-policy-regulation/google-disrupts-chinese-linked-hackers-that-attacked-53-groups-globally-2026-02-25/PROGRAMMING.DEV
26 FebGoogle disrupts Chinese-linked group UNC2814, which breached 53+ organizations across 42 countries and utilized Google Sheets to manage targeting and data theftsubmitted by Innerworld to cybersecurity 6 points | 1 comments https://www.reuters.com/sustainability/boards-policy-regulation/google-disrupts-chinese-linked-hackers-that-attacked-53-groups-globally-2026-02-25/SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 10[−]
26 FebEuropean DYI chain ManoMano data breach impacts 38 million customersDIY store chain ManoMano is notifying customers of a data breach personal data, which was caused by hackers compromising a third-party service provider. [...]BLEEPINGCOMPUTER.COM
26 FebOlympique Marseille confirms 'attempted' cyberattack after data leakFrench professional football club Olympique de Marseille has confirmed a cyberattack after a threat actor claimed on Monday that it breached the club's systems earlier this month. [...]BLEEPINGCOMPUTER.COM
26 FebRansomware payment rate drops to record low as attacks surgeThe number of ransomware victims paying threat actors has dropped to 28% last year, an all-time low, despite a significant increase in the number of claimed attacks. [...]BLEEPINGCOMPUTER.COM
26 FebExpert Recommends: Prepare for PQC Right NowIntroduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated fundin…THEHACKERNEWS.COM
26 FebMicrosoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory MalwareA "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines. "The activity aligns with a broader cluste…THEHACKERNEWS.COM
26 FebYour staff are your biggest security risk: AI is making it worseA new report claims that the cost of insider security incidents has surged 20% in two years, reaching an average of US $19.5 million per organization annually, with no sign that the alarming figure is flattening. Read more in my article on the Fortra blog.FORTRA.COM
26 FebNotorious ransomware gang allegedly blackmailed by fake FSB officerThere is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has been accused of trying to extort money... from a notorious Russian ransomware gang. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
26 FebSmashing Security podcast #456: How to lose friends and DDoS peopleWhen the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email - they allegedly weaponised their own CAPTCHA page to launch a DDoS attack, threatened to invent an entirely new genre of AI porn, and…GRAHAMCLULEY.COM
26 FebOdido - 688,102 breached accountsIn February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt . Following the incident, 1M records containing 317k unique email addresses were published, with the attackers threatening to leak additional data in the following days. That thre…HAVEIBEENPWNED.COM
26 FebCost of Insider Incidents Surges 20% to Nearly $20m - Infosecurity Magazinesubmitted by kid to cybersecurity 8 points | 0 comments https://www.infosecurity-magazine.com/news/cost-of-insider-incidents-surges/SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 15[−]
26 FebLLMs Generate Predictable PasswordsLLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven ­ for example, L …SCHNEIER.COM
26 FebApple iPhone and iPad Cleared for Classified NATO UseThe devices have been added to the NATO Information Assurance Product Catalogue (NIAPC). The post Apple iPhone and iPad Cleared for Classified NATO Use appeared first on SecurityWeek .SECURITYWEEK.COM
26 FebFour Risks Boards Cannot Treat as Background NoiseThe goal isn’t about preventing every attack but about keeping the business running when attacks succeed. The post Four Risks Boards Cannot Treat as Background Noise appeared first on SecurityWeek .SECURITYWEEK.COM
26 FebClaude Code Flaws Exposed Developer Devices to Silent HackingAnthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files. The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
26 FebUAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorA previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025. The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of th…THEHACKERNEWS.COM
26 FebFinding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary], (Tue, Feb 24th)[This is a Guest Diary by Austin Bodolay, an ISC intern as part of the SANS.edu BACS program] ISC.SANS.EDU
26 FebISC Stormcast For Thursday, February 26th, 2026 https://isc.sans.edu/podcastdetail/9826, (Thu, Feb 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 FebThreat modeling AI applicationsAI threat modeling helps teams identify misuse, emergent risk, and failure modes in probabilistic and agentic AI systems. The post Threat modeling AI applications appeared first on Microsoft Security Blog .MICROSOFT.COM
26 FebNation-State Threat Actors Incorporate AI to Streamline AttacksResearchers at Google’s Threat Intelligence Group (GTIG) warn that nation-state threat actors have adopted Gemini and other AI tools as essential components of their operations. The threat actors are using tools to conduct research and reconnaissance, target victims, and rapidly …KNOWBE4.COM
26 FebFedRAMP's Role in Risk ManagementFedRAMP 20X enhances vendor risk management with continuous monitoring. Collaboration with federal agencies offers deep visibility into control status. How will federal involvement reshape vendor risk strategies? Subscribe to our podcasts: https://securityweekly.com/subscribe #Fe…YOUTUBE.COM
26 FebFake Job Interviews Are Installing Backdoors on Developer Machinessubmitted by cm0002 to cybersecurity 17 points | 1 comments https://threatroad.substack.com/p/fake-job-interviews-are-installingINFOSEC.PUB
26 FebUnknown hacker used Claude to steal 150GB of Mexican government data, including 195M taxpayer records, in December 2025 and January 2026submitted by Innerworld to cybersecurity 7 points | 0 comments https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data?accessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb3VyY2UiOiJTdWJzY3JpYmVyR2lmdGVkQXJ0aWNsZSIsImlhdC…INFOSEC.PUB
26 FebUnknown hacker used Claude to steal 150GB of Mexican government data, including 195M taxpayer records, in December 2025 and January 2026submitted by Innerworld to security 32 points | 1 comments https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data?accessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb3VyY2UiOiJTdWJzY3JpYmVyR2lmdGVkQXJ0aWNsZSIsImlhdCI6MT…PROGRAMMING.DEV
26 FebConduent Says Hack Now Affects at Least 25 Million Patientssubmitted by kid to cybersecurity 12 points | 1 comments https://www.govinfosecurity.com/conduent-says-hack-now-affects-at-least-25-million-patients-a-30848SH.ITJUST.WORKS
26 FebUnknown hacker used Claude to steal 150GB of Mexican government data, including 195M taxpayer records, in December 2025 and January 2026submitted by Innerworld to cybersecurity 45 points | 1 comments https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data?accessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb3VyY2UiOiJTdWJzY3JpYmVyR2lmdGVkQXJ0aWNsZSIsImlhd…SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 2[−]
26 FebSpyware makers sentenced to prison in Greece for wiretapping politicians and journalistsTal Dilian and three other Intellexa executives were tried for their role in a scandal dubbed "Greek Watergate," which dates back to 2022.TECHCRUNCH.COM
📡 INFOSEC NEWS 6[−]
26 FebAI Capabilities Are Advancing Faster Than AI SecurityAI Security Insights – February 2026F5.COM
26 FebPreviously harmless Google API keys now expose Gemini AI dataGoogle API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. [...]BLEEPINGCOMPUTER.COM
26 FebMicrosoft expands Windows restore to more enterprise devicesMicrosoft now allows more enterprise users to restore their personal settings and Microsoft Store apps from a previous Windows 11 device. [...]BLEEPINGCOMPUTER.COM
26 FebNew York sues Valve for promoting illegal gambling via game loot boxesNew York Attorney General Letitia James sued video game developer and publisher Valve Corporation for using game loot boxes to facilitate illegal gambling activities among children and teenagers. [...]BLEEPINGCOMPUTER.COM
26 FebNew AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprisesThat guest network you set up for your neighbors may not be as secure as you think.ARSTECHNICA.COM
26 FebRecorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from CYBERARecorded Future is expanding its payment fraud prevention capabilities through a partnership with CYBERA, the industry leader in detecting and verifying data on scam-linked bank accounts.RECORDEDFUTURE.COM