50Articles
7Categories
2026-02-28Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 35[−]
28 FebCVE-2025-71147 KEYS: trusted: Fix a memory leak in tpm2_load_cmdInformation published.MSRC.MICROSOFT.COM
28 FebCVE-2025-71152 net: dsa: properly keep track of conduit referenceInformation published.MSRC.MICROSOFT.COM
28 FebCVE-2025-71161 dm-verity: disable recursive forward error correctionInformation published.MSRC.MICROSOFT.COM
28 FebCVE-2026-22978 wifi: avoid kernel-infoleak from struct iw_pointInformation published.MSRC.MICROSOFT.COM
28 FebCVE-2025-71162 dmaengine: tegra-adma: Fix use-after-freeInformation published.MSRC.MICROSOFT.COM
28 FebCVE-2026-22980 nfsd: provide locking for v4_end_graceInformation published.MSRC.MICROSOFT.COM
28 FebCVE-2026-23212 bonding: annotate data-races around slave->last_rxInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
28 FebCybersecurity Today Weekend with Carey Frey, VP and Chief Security Officer at TELUSIdentity, AI Agents, and the Session Token Time Bomb | Carey Frey (CSO, TELUS) on Cybersecurity Today In this Cybersecurity Today weekend edition, David Shipley interviews Carey Frey, Chief Security Officer at TELUS, about the evolution of identity security and why it's a growing…CYBERSECURITYTODAY.LIBSYN.COM
28 FebHackers Exploit Windows File Explorer and WebDAV to Distribute MalwareCybersecurity researchers at Cofense Intelligence have uncovered an ongoing campaign where threat actors abuse Windows File Explorer to distribute malware. By exploiting the legacy WebDAV protocol, attackers are tricking victims into downloading Remote Access Trojans (RATs) while…GBHACKERS.COM
28 FebWho is the Kimwolf Botmaster “Dort”?In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated …KREBSONSECURITY.COM
28 FebClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocketOpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. "Our vulnerability lives in the core system itself – no plugins, no …THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 2[−]
28 FebCompliant or Facing Federal FinesThe False Claims Act allows the U.S. government to pursue contractors that falsely certify compliance. In 2025, $6.8 billion in fines were collected across 1,297 whistleblower-driven cases. For defense contractors and others handling regulated data, frameworks like NIST 800-171 a…YOUTUBE.COM
28 FebThis month in security with Tony Anscombe – February 2026 editionIn this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI toolsWELIVESECURITY.COM
🔥 INCIDENT REPORTING 2[−]
28 FebCanadian Tire Data Breach Impacts 38 Million AccountsNames, addresses, email addresses, phone numbers, and encrypted passwords were compromised in the attack. The post Canadian Tire Data Breach Impacts 38 Million Accounts appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebQuickLens Chrome extension steals crypto, shows ClickFix attackA Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of users. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 3[−]
28 FebTrump Bans Anthropic AI in Federal Agencies Amid Growing Security ConcernsThe United States government has taken a massive step by banning federal agencies from using Anthropic, a domestic AI company known for its model, Claude. For the first time, a U.S. firm has been classified as a supply chain risk to national security, a label usually given to for…GBHACKERS.COM
28 FebFake Zoom and Google Meet Phishing Campaigns Deploy Teramind Surveillance SoftwareThreat actors are executing sophisticated phishing campaigns that impersonate Zoom and Google Meet to silently deploy Teramind onto Windows devices. While Teramind is a legitimate enterprise endpoint monitoring product, scammers are abusing its stealth features to conduct unautho…GBHACKERS.COM
28 FebMY TAKE: The Pentagon punished Anthropic for red lines it accepted from OpenAI hours laterKINGSTON, Wash. — On Friday afternoon, President Trump ordered every federal agency to stop using Anthropic’s AI technology. Defense Secretary Pete Hegseth followed by designating the company a “supply-chain risk to national security,” a label the government typically reserves fo…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
28 FebPentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeAnthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a "supply chain risk." "This action follows months of negotiations that reached an impasse over two exceptions we requested to …THEHACKERNEWS.COM
📡 INFOSEC NEWS 3[−]
28 FebIndia disrupts access to popular developer platform Supabase with blocking orderIndia, one of Supabase’s biggest markets, is seeing patchy access after a government block order.TECHCRUNCH.COM
28 FebThousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementNew research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Googl…THEHACKERNEWS.COM
28 Feb$4.8M in crypto stolen after Korean tax agency exposes wallet seedSouth Korea's National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet in an official press release, allowing hackers to steal 6.4 billion won ($4.8M) worth in cryptocurrency. [...]BLEEPINGCOMPUTER.COM