Uphill Security

Updates every 30 minutes - Generated via RSS feed on: 2026-02-26 06:30:04 UTC Feedback and suggestions for other sources are welcome.

2026-02-26 #

• 06:13 UTC - [The Hacker News] Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
• 04:30 UTC - [Cyber Security News] Kali Linux Integrates Claude AI for Penetration Testing via Model Context Protocol
• 01:51 UTC - [Cyber Security News] Critical Cisco SD-WAN 0-Day Vulnerability Exploited Since 2023 to Gain Root Access
• 01:20 UTC - [Cyber Security News] Hacker Jailbreaks Claude AI to Write Exploit Code and Steal Government Data
• 00:16 UTC - [Graham Cluley] Smashing Security podcast #456: How to lose friends and DDoS people
• 00:00 UTC - [darkreading] Chinese Police Use ChatGPT to Smear Japan PM Takaichi
• 00:00 UTC - [Cisco Security Advisory] Cisco UCS Manager Software Privilege Escalation Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco UCS Manager Software Command Injection Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco FXOS and UCS Manager Software Command Injection Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco Catalyst SD-WAN Vulnerabilities
• 00:00 UTC - [Cisco Security Advisory] Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
• 00:00 UTC - [Cisco Security Advisory] Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability

2026-02-25 #

• 23:51 UTC - [CyberScoop] Governments issue warning over Cisco zero-day attacks dating back to 2023
• 23:20 UTC - [Latest from TechRadar in Security] AI and deepfakes are proving to be a security nightmare for businesses everywhere
• 23:02 UTC - [BleepingComputer] Medical device maker UFP Technologies warns of data stolen in cyberattack
• 22:03 UTC - [Rapid7 Cybersecurity Blog] Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127)
• 22:02 UTC - [darkreading] Flaws in Claude Code Put Developers' Machines at Risk
• 21:47 UTC - [BleepingComputer] Fake Next.js job interview tests backdoor developer's devices
• 21:14 UTC - [darkreading] RAMP Forum Seizure Fractures Ransomware Ecosystem
• 20:29 UTC - [Cisco Security Advisory] Cisco SD-WAN Software Privilege Escalation Vulnerabilities
• 20:07 UTC - [0day Fans] Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain
• 20:06 UTC - [watchTowr Labs] Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain(s))
• 19:59 UTC - [Cyber Security News] Hackers Can Abuse Cortex XDR Live Terminal Feature for C2 Communications
• 19:35 UTC - [Cyber Security News] Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details
• 19:15 UTC - [darkreading] PCI Council Says Threats to Payments Systems Are Speeding Up
• 18:26 UTC - [Cyber Security News] SURXRAT Android RAT Attacking Users Gain Complete Device-Control and Data Exfiltration
• 18:01 UTC - [BleepingComputer] Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
• 17:46 UTC - [The Hacker News] Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
• 17:10 UTC - [Latest from TechRadar in Security] Another top adult site reveals data leak - Frivol says around 479,000 users may be affected
• 17:06 UTC - [Cybersecurity Dive - Latest News] CISA orders agencies to patch Cisco devices now under attack
• 17:00 UTC - [BleepingComputer] Chinese cyberspies breached dozens of telecom firms, govt agencies
• 17:00 UTC - [The Hacker News] Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
• 16:42 UTC - [darkreading] Malicious Next.js Repos Target Developers Via Fake Job Interviews
• 16:26 UTC - [Cybersecurity Dive - Latest News] Software vulnerabilities are being weaponized faster than ever
• 16:21 UTC - [Rapid7 Cybersecurity Blog] Your MRI is Online: The Hidden Risks of Exposed DICOM Servers in UK Healthcare
• 16:16 UTC - [SecurityWeek] The Blast Radius Problem: Stolen Credentials are Weaponizing Agentic AI
• 16:16 UTC - [SecurityWeek] The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI
• 16:05 UTC - [Cyber Security News] One Identity Appoints Michael Henricks as Chief Financial and Operating Officer
• 16:01 UTC - [SecurityWeek] Google Disrupts Chinese Hackers Targeting Telecoms, Governments
• 16:01 UTC - [SecurityWeek] Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments
• 15:54 UTC - [BleepingComputer] Marquis sues SonicWall over backup breach that led to ransomware attack
• 15:40 UTC - [Cybersecurity Dive - Latest News] China-linked hackers breach dozens of telecoms, government agencies
• 15:30 UTC - [Latest from TechRadar in Security] This new cybercrime platform lets hackers run malicious Google Ads and hide from Google's screening process
• 15:30 UTC - [SecurityWeek] SolarWinds Patches Four Critical Serv-U Vulnerabilities
• 15:25 UTC - [Latest from TechRadar in Security] Why enterprise security now depends on independence, not upgrades
• 15:17 UTC - [Latest from TechRadar in Security] The rise of the Chief Trust Officer: A game changing new C-suite role
• 15:06 UTC - [The Hacker News] SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
• 15:01 UTC - [BleepingComputer] The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web
• 14:30 UTC - [The Hacker News] Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
• 14:24 UTC - [Cyber Security News] How SOC Analysts Can Save 28 Minutes Per Alert Review 
• 14:13 UTC - [Latest from TechRadar in Security] ‘This is an AI arms race’ — CrowdStrike warns attackers are moving through networks in under 30 minutes and ‘security teams must operate faster than the adversary to win’
• 14:13 UTC - [Latest from TechRadar in Security] CrowdStrike says attackers are moving through networks in under 30 minutes
• 14:00 UTC - [darkreading] Why 'Call This Number' TOAD Emails Beat Gateways
• 14:00 UTC - [Black Hills Information Security, Inc.] Malware Analysis: How to Analyze and Understand Malware
• 14:00 UTC - [All Fortinet Blog | Latest Posts] Unmasking Agent Tesla: A Deep Dive into a Multi-Stage Campaign
• 13:58 UTC - [0day Fans] Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
• 13:56 UTC - [Rapid7 Cybersecurity Blog] The Post-RAMP Era: Allegations, Fragmentation, and the Rebuilding of the Ransomware Underground
• 13:40 UTC - [SecurityWeek] Medical Device Maker UFP Technologies Hit by Cyberattack
• 13:30 UTC - [CyberScoop] Vulnerabilities grew like weeds in 2025, but only 1% were weaponized in attacks
• 13:05 UTC - [Latest from TechRadar in Security] 1Password is getting more expensive soon - says change is despite the fact ‘pricing has remained largely unchanged for many years’
• 13:00 UTC - [Cyber Security News] OAuth Attacks in Entra ID Can Leverage ChatGPT to Compromise User Email Accounts
• 13:00 UTC - [All Fortinet Blog | Latest Posts] New Fortinet OT Security Partnerships Help Secure Mobile and Fixed Cyber-Physical Systems
• 12:59 UTC - [SecurityWeek] Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia
• 12:53 UTC - [BleepingComputer] Zyxel warns of critical RCE flaw affecting over a dozen routers
• 12:43 UTC - [The Hacker News] Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
• 12:30 UTC - [SecurityWeek] Over 12 Million Users Impacted by CarGurus Data Breach
• 12:30 UTC - [SecurityWeek] CarGurus Data Breach Impacts Over 12 Million Users
• 12:08 UTC - [Cyber Security News] CISA Confirms Active Exploitation of FileZen Vulnerability
• 12:01 UTC - [Schneier on Security] Poisoning AI Training Data
• 12:00 UTC - [SecurityWeek] SecurityWeek Report: 426 Cybersecurity M&A Deals Announced in 2025
• 12:00 UTC - [darkreading] 'Richter Scale' Model Measures Magnitude of OT Cyber Incidents
• 11:39 UTC - [Cyber Security News] Microsoft to Extends DLP Support for Copilot to Prevent Sensitive File Processing
• 11:36 UTC - [Cyber Security News] SolarWinds Critical Serv-U Vulnerabilities Enables Root Access
• 11:35 UTC - [SecurityWeek] Wynn Resorts Confirms Data Breach After Hackers Remove It From Leak Site
• 11:00 UTC - [The Hacker News] Manual Processes Are Putting National Security at Risk
• 11:00 UTC - [CyberScoop] Across party lines and industry, the verdict is the same: CISA is in trouble
• 10:38 UTC - [SecurityWeek] Astelia Raises $35 Million for Exposure Management
• 10:34 UTC - [Latest from TechRadar in Security] SolarWinds Serv-U has some critical security flaws, so users should update now or face attack
• 10:31 UTC - [BleepingComputer] US sanctions Russian broker for buying stolen zero-day exploits
• 10:04 UTC - [SecurityWeek] Reddit Hit With $20 Million UK Data Privacy Fine Over Child Safety Failings
• 10:01 UTC - [Cyber Security News] Microsoft to Stop Support for Windows Server 2016 and Windows 10 2016
• 10:00 UTC - [CyberScoop] Chinese group’s ChatGPT use reveals worldwide harassment campaign against critics
• 09:44 UTC - [SecurityWeek] Claude’s New AI Vulnerability Scanner Sends Cybersecurity Shares Plunging
• 09:38 UTC - [Graham Cluley] $10,000 bounty offered if you can hack Ring cameras to stop them sharing your data with Amazon
• 08:49 UTC - [The Hacker News] Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
• 08:23 UTC - [SecurityWeek] Ad Tech Company Optimizely Targeted in Cyberattack
• 08:21 UTC - [BleepingComputer] Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker
• 08:00 UTC - [darkreading] Operation Red Card 2.0 Leads to 651 Arrests in Africa
• 07:51 UTC - [BleepingComputer] Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool
• 07:10 UTC - [Cyber Security News] Multiple Vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker Allow Root Access and Credential Theft
• 07:04 UTC - [The Hacker News] SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
• 07:02 UTC - [Cyber Security News] Microsoft Warns of Hackers Attacking Developers with Malicious Next.js Repositories
• 06:53 UTC - [Have I Been Pwned latest breaches] Canadian Tire - 38,306,562 breached accounts
• 06:36 UTC - [Cyber Security News] Microsoft Released Updates for Windows 11, Version 25H2 and 24H2 Systems
• 05:47 UTC - [Cyber Security News] Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware
• 05:23 UTC - [The Hacker News] CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
• 03:59 UTC - [Cyber Security News] GitHub Copilot Exploited to Perform Full Repository Takeover via Passive Prompt Injection
• 02:34 UTC - [Cyber Security News] US Sanctions Network of Exploit Brokers That Stole US Government Cyber Tools

2026-02-24 #

• 23:57 UTC - [BleepingComputer] Phishing campaign targets freight and logistics orgs in the US, Europe
• 21:51 UTC - [BleepingComputer] Wynn Resorts confirms employee data breach after extortion threat
• 21:45 UTC - [BleepingComputer] 1Campaign platform helps malicious Google ads evade detection
• 21:44 UTC - [CyberScoop] Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker
• 21:40 UTC - [Latest from TechRadar in Security] Apple users beware — this devious malware can hide its activity while it hijacks your camera and microphone
• 21:38 UTC - [darkreading] Attackers Now Need Just 29 Minutes to Own a Network
• 21:18 UTC - [darkreading] Lazarus Group Picks a New Poison: Medusa Ransomware
• 20:20 UTC - [Latest from TechRadar in Security] Microsoft says OpenClaw is "not appropriate to run on a standard personal or enterprise workstation" — so should you be worried?
• 19:35 UTC - [Latest from TechRadar in Security] Multiple mental health apps riddled with high severity security flaws — data of millions put at risk, so be on your guard
• 18:53 UTC - [Cyber Security News] Threat Actors Weaponized AI Tools to Gain Full Domain Access within 30 Minutes
• 18:52 UTC - [The Hacker News] RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
• 18:08 UTC - [BleepingComputer] CarGurus data breach exposes information of 12.4 million accounts
• 17:30 UTC - [BleepingComputer] Microsoft adds Copilot data controls to all storage locations
• 17:28 UTC - [Microsoft Security Blog] Developer-targeting campaign using malicious Next.js repositories
• 17:15 UTC - [Cyber Security News] 65% of Financial Organizations Targeted by Ransomware as Cybercriminals Escalate Attacks
• 17:01 UTC - [Cyber Security News] Malicious NuGet Packages Attacking ASP.NET Developers to Steal Login Credentials
• 16:37 UTC - [Cyber Security News] Reddit Fined £14.47 Million by UK Regulator for Children’s Privacy Failures
• 16:30 UTC - [Rapid7 Cybersecurity Blog] Multi-Tenant API Access: Centralize, Scale, and Secure Your Operations
• 16:25 UTC - [Cyber Security News] New Deserialization Vulnerability in Ruby Workers Could Enable Full System Compromise
• 16:05 UTC - [Latest from TechRadar in Security] Top ad tech firm Optimizely hit by data breach - around 10,000 companies possibly affected
• 16:00 UTC - [All Fortinet Blog | Latest Posts] Fortinet Achieves IEC 62443-4-1 ML2 Certification for Secure Product Development
• 15:58 UTC - [Cyber Security News] Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection
• 15:56 UTC - [Cybersecurity Dive - Latest News] In the AI era, CISOs worry about data leaks and doubt tech will solve skills gaps
• 15:49 UTC - [Cybersecurity Dive - Latest News] Threat groups move at record speeds, as AI helps scale attacks
• 15:39 UTC - [Latest from TechRadar in Security] Why enterprise AI ambitions are outpacing legacy modernization
• 15:34 UTC - [Cyber Security News] Sendmarc Releases DMARCbis Fireside Chat Featuring Co-Editor Todd Herr
• 15:20 UTC - [SecurityWeek] ‘Arkanix Stealer’ Malware Disappears Shortly After Debut
• 15:15 UTC - [Latest from TechRadar in Security] Russian hackers target European firms with new spear-phishing cyberattacks
• 15:08 UTC - [Latest from TechRadar in Security] The invisible supply chain inside every mobile app
• 15:02 UTC - [BleepingComputer] Identity-First AI Security: Why CISOs Must Add Intent to the Equation
• 15:00 UTC - [All Fortinet Blog | Latest Posts] When Cyber Conflict Targets Society
• 14:54 UTC - [BleepingComputer] UK fines Reddit $19 million for using children’s data unlawfully
• 14:39 UTC - [Cyber Security News] Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads
• 14:30 UTC - [SecurityWeek] VMware Aria Operations Vulnerability Could Allow Remote Code Execution
• 14:21 UTC - [The Hacker News] UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
• 14:05 UTC - [Latest from TechRadar in Security] NYC transit workers hit by Qilin ransomware - thousands of members possibly affected
• 14:00 UTC - [Unit 42] Bring the Fight to the Edge: Turning Time Into an Advantage in OT Security
• 14:00 UTC - [SecurityWeek] CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO
• 14:00 UTC - [Rapid7 Cybersecurity Blog] New Report: The Digital Footprints of Many Executives Can Leave Their Companies Seriously Exposed
• 13:40 UTC - [SecurityWeek] New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM
• 13:35 UTC - [Cyber Security News] Fake Huorong Download Site Used to Deploy ValleyRAT Backdoor in Targeted Malware Campaign
• 13:04 UTC - [darkreading] As Cybersecurity Firms Chase AI, VC Market Skyrockets
• 13:00 UTC - [BleepingComputer] Critical SolarWinds Serv-U flaws offer root access to servers
• 13:00 UTC - [Microsoft Security Blog] Scaling security operations with Microsoft Defender autonomous defense and expert-led services
• 12:43 UTC - [Latest from TechRadar in Security] 'Social advertising is being used to defraud at scale across some of the largest platforms.': Nearly one in three Meta ads reportedly point to a scam, phishing or malware
• 12:26 UTC - [SecurityWeek] GitHub Issues Abused in Copilot Attack Leading to Repository Takeover
• 12:06 UTC - [Schneier on Security] Is AI Good for Democracy?
• 12:03 UTC - [Cyber Security News] Diesel Vortex Russian Cybercrime Group Targets Global Logistics Sector and Steals 1,600+ Credentials
• 12:00 UTC - [SecurityWeek] Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs
• 11:58 UTC - [The Hacker News] Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem
• 11:52 UTC - [The Hacker News] Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
• 11:40 UTC - [BleepingComputer] ShinyHunters extortion gang claims Odido breach affecting millions
• 11:00 UTC - [BleepingComputer] North Korean Lazarus group linked to Medusa ransomware attacks
• 10:40 UTC - [Cyber Security News] ClickFix Infostealer Campaign Uses Fake CAPTCHA Lures to Compromise Victims
• 10:05 UTC - [SecurityWeek] Anonymous Fénix Members Arrested in Spain
• 09:57 UTC - [Cyber Security News] Multiple VMware Aria Vulnerabilities Allow Remote Code Execution Attacks
• 09:54 UTC - [The Hacker News] UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
• 09:22 UTC - [Cyber Security News] Elon Musk Accuses Anthropic of Stealing Data in a Massive Scale
• 08:55 UTC - [bellingcat] How Russia’s War Has Devastated Civilian Life in Ukraine
• 08:54 UTC - [Cyber Security News] ShinyHunters Allegedly Claim Breach of 21 Million Records from Odido
• 08:01 UTC - [CyberScoop] CrowdStrike says attackers are moving through networks in under 30 minutes
• 07:32 UTC - [Cyber Security News] OpenClaw Releases 2026.2.23 Released With Security Updates and New AI features
• 07:14 UTC - [Black Hills Information Security, Inc.] Linux Persistence Technique: The “P” in PAM is for Persistence
• 06:55 UTC - [Cyber Security News] Hackers Leverage DeepSeek and Claude to Attack FortiGate Devices Worldwide
• 06:04 UTC - [The Hacker News] Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
• 04:35 UTC - [Cyber Security News] WhatsApp Introduces Optional Account Password Feature to Strengthen Login Security
• 04:21 UTC - [Cyber Security News] $10K+ Bounty Offered to Hacker Who Can Disconnect Ring Video Doorbells from Amazon Cloud
• 02:15 UTC - [Cyber Security News] Google Chrome Emergency Security Update Patches Three High-Severity Vulnerabilities
• 00:00 UTC - [The GreyNoise Blog] 2026 GreyNoise State of the Edge Report: Where Attacks Concentrate and Defenses Fall Short

2026-02-23 #

• 23:59 UTC - [0day Fans] 2025 winter challenge writeup
• 23:00 UTC - [0day Fans] CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP
• 22:59 UTC - [BleepingComputer] Android mental health apps with 14.7M installs filled with security flaws
• 22:20 UTC - [darkreading] Spitting Cash: ATM Jackpotting Attacks Surged in 2025
• 22:18 UTC - [darkreading] More Than Dashboards: AI Decisions Must Be Provable
• 21:59 UTC - [BleepingComputer] Spain arrests suspected hacktivists for DDoSing govt sites
• 21:02 UTC - [CyberScoop] Anthropic accuses Chinese labs of trying to illicitly take Claude’s capabilities
• 20:35 UTC - [darkreading] Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
• 20:11 UTC - [darkreading] Enigma Cipher Device Still Holds Secrets for Cyber Pros
• 19:45 UTC - [Latest from TechRadar in Security] 'The AI model and prompt are predefined in the code and cannot be changed': Experts say PromptSpy is the first known Android malware to use Gemini to ensure infection
• 19:41 UTC - [The Hacker News] APT28 Targeted European Entities Using Webhook-Based Macro Malware
• 19:40 UTC - [BleepingComputer] Microsoft says bug in classic Outlook hides the mouse pointer
• 19:38 UTC - [Cyber Security News] GrayCharlie Injects Malicious JavaScript into WordPress Sites to Deliver NetSupport RAT and Stealc
• 19:37 UTC - [darkreading] 600+ FortiGate Devices Hacked by AI-Armed Amateur
• 19:35 UTC - [Cyber Security News] Anthropic Claude Under Large Scale Distillation Attacks By Chinese AI Labs with 13 Million Exchanges
• 18:48 UTC - [Cyber Security News] Conduent Data Breach – Largest Data Breach in U.S. History As Ransomware Group Stolen 8 TB of Data
• 18:04 UTC - [BleepingComputer] Ad tech firm Optimizely confirms data breach after vishing attack
• 17:59 UTC - [The Hacker News] Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
• 17:55 UTC - [Latest from TechRadar in Security] Major Japanese semiconductor supplier hit by ransomware attack
• 17:44 UTC - [Cyber Security News] New MIMICRAT Custom RAT Uncovered in Sophisticated Multi-Stage ClickFix Campaign
• 17:05 UTC - [Latest from TechRadar in Security] Top Las Vegas hotel is the latest ShinyHunters ransomware victim - hackers demand $1.5 million to not leak data
• 16:31 UTC - [Cyber Security News] Microsoft MFA Down – 504 Gateway Timeout Errors Disrupting MFA Access for U.S. Users
• 16:30 UTC - [Cybersecurity Dive - Latest News] Hackers target vulnerabilities in Roundcube Webmail
• 16:05 UTC - [Latest from TechRadar in Security] Wikipedia blacklists Archive.today after alleged DDoS attack
• 16:04 UTC - [Cyber Security News] New Phishing Framework Starkiller Proxies Real Login Pages to Bypass MFA
• 15:51 UTC - [Cybersecurity Dive - Latest News] AI helps novice threat actor compromise FortiGate devices in dozens of countries
• 15:38 UTC - [Cyber Security News] North Korean Threat Actors Leverage Fake IT Worker Campaigns and Contagious Interview Tactics
• 15:35 UTC - [SecurityWeek] US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach
• 15:26 UTC - [0day Fans] 2025: The Untold Stories of Check Point Research
• 15:20 UTC - [Latest from TechRadar in Security] Russian hacker uses multiple AI tools to break hundreds of firewalls
• 15:00 UTC - [BleepingComputer] When identity isn’t the weak link, access still is
• 14:09 UTC - [Rapid7 Cybersecurity Blog] Alert Fatigue Isn’t Going Away. Here’s How Modern SOCs Are Fighting Back
• 13:38 UTC - [SecurityWeek] Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
• 13:00 UTC - [The Hacker News] ⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More
• 12:46 UTC - [Cyber Security News] PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability
• 12:40 UTC - [Cyber Security News] jsPDF Vulnerability Exposes Millions of Developers to Object Injection Attacks
• 12:38 UTC - [Cyber Security News] HPE Telco Service Activator Vulnerability Let Attackers Bypass Access Restrictions
• 12:36 UTC - [Cyber Security News] Threat Actor Allegedly Claimed Leak of Wendy’s International Franchise Database
• 12:35 UTC - [Latest from TechRadar in Security] French government systems hacked - over 1.2 million private financial accounts hit
• 12:30 UTC - [SecurityWeek] Autonomous AI Agents Provide New Class of Supply Chain Attack
• 12:03 UTC - [Schneier on Security] On the Security of Password Managers
• 11:58 UTC - [The Hacker News] How Exposed Endpoints Increase Risk Across LLM Infrastructure
• 11:53 UTC - [SecurityWeek] Romanian Hacker Pleads Guilty to Selling Access to US State Network
• 11:47 UTC - [Cyber Security News] CISA Warns of Multiple Roundcube Vulnerabilities Exploited in Attacks
• 11:44 UTC - [BleepingComputer] CISA: Recently patched RoundCube flaws now exploited in attacks
• 11:34 UTC - [SecurityWeek] Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS
• 11:30 UTC - [Cyber Security News] OWASP Smart Contract Top 10 2026 — Security Risks and Vulnerabilities
• 11:29 UTC - [Latest from TechRadar in Security] How businesses can stop their AI agents from running amok
• 11:09 UTC - [Latest from TechRadar in Security] PayPal confirms data breach — user info may have been exposed for 6 months, here's what we know so far
• 10:47 UTC - [SecurityWeek] Recent RoundCube Webmail Vulnerability Exploited in Attacks
• 10:38 UTC - [Latest from TechRadar in Security] Data security is still the most pressing issue for many firms - so what can your business do?
• 10:29 UTC - [SecurityWeek] Mississippi Hospital System Closes All Clinics After Ransomware Attack
• 10:20 UTC - [The Hacker News] Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
• 10:00 UTC - [Cybersecurity Dive - Latest News] AI vs. AI: Why cybersecurity’s new front line is behavioral intelligence
• 09:13 UTC - [SecurityWeek] PayPal Data Breach Led to Fraudulent Transactions
• 09:13 UTC - [Cyber Security News] Google Suspends OpenClaw Users from Antigravity AI After OAuth Token Abuse
• 08:31 UTC - [Cyber Security News] DPRK Linked Operators Sustain Aggressive Crypto Targeting 12 Months After Bybit Breach
• 07:48 UTC - [Cyber Security News] Silver Fox APT Uses DLL Sideloading and BYOVD Techniques in Sophisticated Malware Attacks
• 07:25 UTC - [The Hacker News] MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
• 07:21 UTC - [Cyber Security News] Threat Actors Allegedly Selling WhatsApp Crash Exploit on Hacking Forums
• 01:59 UTC - [Cyber Security News] Google Blocked 1.75 Million Malicious Apps from Entering into the Play Store

2026-02-22 #

• 20:40 UTC - [Latest from TechRadar in Security] Don't trust AI to come up with a strong new password for you — LLMs are pretty poor at creating new logins, experts warn
• 17:00 UTC - [Cyber Security News] Cybersecurity News Weekly: PayPal Breach, Chrome 0-Day, BeyondTrust RCE Exploit, and More
• 15:33 UTC - [BleepingComputer] Arkanix Stealer pops up as short-lived AI info-stealer experiment
• 15:00 UTC - [Latest from TechRadar in Security] How a mature API management strategy can help eliminate agentic blind spots
• 01:18 UTC - [Cyber Security News] Multiple Hacking Groups Exploit OpenClaw Instances to Steal API key and Deploy Malware
• 00:56 UTC - [Cyber Security News] Cloudflare Down – 6 Hour of Massive Global Service Outage Cause Customers Unreachable From the Internet

2026-02-21 #

• 23:33 UTC - [Have I Been Pwned latest breaches] CarGurus - 12,461,887 breached accounts
• 16:13 UTC - [BleepingComputer] Predator spyware hooks iOS SpringBoard to hide mic, camera activity
• 16:00 UTC - [Cyber Security News] Hackers Leveraging Multiple AI Services to Compromise 600+ FortiGate Devices
• 15:36 UTC - [Cyber Security News] SuperClaw – Open-Source Framework to Red-Team AI Agents for Security Testing
• 14:49 UTC - [The Hacker News] AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
• 14:23 UTC - [Cyber Security News] SerpApi Files Suit Against SearchApi for Stealing Proprietary Technology
• 14:00 UTC - [Latest from TechRadar in Security] Keeping the human touch in tech: what over-automation gets wrong
• 13:50 UTC - [BleepingComputer] Amazon: AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks
• 13:50 UTC - [BleepingComputer] Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks
• 13:38 UTC - [Cyber Security News] Cybersecurity Companies’ Stocks Fall Sharply as Anthropic Releases Claude Security Tool
• 13:26 UTC - [Cyber Security News] New Shai-Hulud–like npm Worm Attack 19+ Packages to Steal dev/CI Secrets
• 12:00 UTC - [SecurityWeek] Critical Grandstream Phone Vulnerability Exposes Calls to Interception
• 09:00 UTC - [Latest from TechRadar in Security] Will 2026 be the year facial recognition becomes boring, and why does it matter?
• 08:33 UTC - [Cyber Security News] Anthropic Launches Claude Code Security to Scan Codebases for Security Vulnerabilities
• 07:58 UTC - [The Hacker News] Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
• 07:21 UTC - [The Hacker News] CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
• 04:30 UTC - [The Hacker News] EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

2026-02-20 #

• 22:54 UTC - [Graham Cluley] Spanish police say they have arrested hacker who booked luxury hotel rooms for just one cent
• 22:05 UTC - [Schneier on Security] Friday Squid Blogging: Squid Cartoon
• 22:00 UTC - [Rapid7 Cybersecurity Blog] Metasploit Wrap-Up 02/20/2026
• 21:40 UTC - [CyberScoop] Anthropic rolls out embedded security scanning for Claude 
• 21:07 UTC - [darkreading] Attackers Use New Tool to Scan for React2Shell Exposure
• 20:00 UTC - [Krebs on Security] ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
• 18:31 UTC - [darkreading] 'God-Like' Attack Machines: AI Agents Ignore Security Policies
• 18:30 UTC - [BleepingComputer] Japanese tech giant Advantest hit by ransomware attack
• 18:20 UTC - [Latest from TechRadar in Security] Top Android AI photo and video editor exposes nearly two million user images and videos
• 18:02 UTC - [darkreading] Lessons From AI Hacking: Every Model, Every Layer Is Risky
• 17:02 UTC - [BleepingComputer] CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
• 17:00 UTC - [All Fortinet Blog | Latest Posts] Bridging the Cyber Skills Divide: How Fortinet’s Global Partnerships Empower Local Talent
• 16:23 UTC - [Cybersecurity Dive - Latest News] BeyondTrust Remote Support exploitation ramps up with backdoors, remote tools
• 16:22 UTC - [Rapid7 Cybersecurity Blog] Hacktivism and the Winter Olympics 2026: What We’re Seeing and What it Signals
• 16:20 UTC - [BleepingComputer] Data breach at French bank registry impacts 1.2 million accounts
• 15:59 UTC - [Cybersecurity Dive - Latest News] US Treasury Department offers secure AI advice to financial services firms
• 15:48 UTC - [SecurityWeek] NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
• 15:45 UTC - [The Hacker News] BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
• 15:30 UTC - [SecurityWeek] In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI
• 15:15 UTC - [Latest from TechRadar in Security] FBI warns ATM "jackpotting" attacks are soaring - here's what you need to know
• 14:46 UTC - [Latest from TechRadar in Security] Friend or foe? AI: The new cybersecurity threat and solutions
• 14:45 UTC - [BleepingComputer] Why the shift left dream has become a nightmare for security and developers
• 14:43 UTC - [Cyber Security News] PayPal Data Breach Exposes SSNs and Business PII of Customers for Over Six Months
• 14:20 UTC - [Latest from TechRadar in Security] Google rejected nearly two million Android apps and blocked more than 80,000 developer accounts from Google Play in 2025
• 14:20 UTC - [The Hacker News] Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
• 14:04 UTC - [Latest from TechRadar in Security] Dangerous Massiv Android malware poses as IPTV app to infect devices and steal banking info
• 14:00 UTC - [darkreading] Latin America's Cyber Maturity Lags Threat Landscape
• 14:00 UTC - [All Fortinet Blog | Latest Posts] Massive Winos 4.0 Campaigns Target Taiwan
• 13:57 UTC - [Cyber Security News] Grandstream VoIP Phones Vulnerability Allows Attackers to Gain Root Privileges
• 13:12 UTC - [BleepingComputer] PayPal discloses data breach that exposed user info for 6 months
• 13:05 UTC - [Cyber Security News] CharlieKirk Grabber Stealer Attacking Windows Systems to Exfiltrate Login Credentials
• 12:36 UTC - [Cyber Security News] Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks
• 12:29 UTC - [SecurityWeek] BeyondTrust Vulnerability Exploited in Ransomware Attacks
• 12:20 UTC - [Latest from TechRadar in Security] Who's watching who? Experts reveal criminals using fake enterprise software to gain access to company systems
• 12:08 UTC - [Schneier on Security] Ring Cancels Its Partnership with Flock
• 12:06 UTC - [Cyber Security News] Apache Tomcat Vulnerabilities Let Attackers Bypass Security Constraints via HTTP/0.9 Requests
• 11:55 UTC - [The Hacker News] ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT
• 11:55 UTC - [The Hacker News] ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
• 11:53 UTC - [Cyber Security News] Critical Vulnerabilities in VS Code Extensions Threaten 128 Million Developer Environments
• 11:50 UTC - [BleepingComputer] Mississippi medical center closes all clinics after ransomware attack
• 11:41 UTC - [Cyber Security News] LLM-Generated Passwords Expose Major Security Flaws with Predictability, Repetition, and Weakness
• 11:21 UTC - [Cyber Security News] PoC Released for Critical Chrome 0-day Vulnerability Exploited in the Wild
• 11:17 UTC - [bellingcat] Viral Child Soldiers on TikTok: The ‘Disney Stars’ of Sudan’s Civil War
• 11:05 UTC - [SecurityWeek] FBI: $20 Million Losses Caused by 700 ATM Jackpotting Attacks in 2025
• 11:04 UTC - [Cyber Security News] Silicon Valley Engineers Charged With Stealing Trade Secrets From Google and Other Tech Companies
• 10:30 UTC - [The Hacker News] Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
• 10:20 UTC - [Cyber Security News] Ploutus Malware Drains U.S. ATMs Without a Card or Account — FBI Issues Emergency FLASH Alert
• 10:08 UTC - [BleepingComputer] FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
• 09:52 UTC - [The Hacker News] Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case
• 09:31 UTC - [SecurityWeek] Chip Testing Giant Advantest Hit by Ransomware
• 09:00 UTC - [BleepingComputer] Ukrainian gets 5 years for helping North Koreans infiltrate US firms
• 08:55 UTC - [Cyber Security News] PoC Released for Windows Notepad Vulnerability that Enables Malicious Command Execution
• 08:05 UTC - [The Hacker News] FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025
• 08:02 UTC - [Cyber Security News] Hackers Actively Exploiting Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT
• 07:54 UTC - [Cyber Security News] Hackers Using OAuth Apps in Microsoft Entra ID to Establish Persistence
• 07:30 UTC - [Cyber Security News] Ongoing Campaign Targets Microsoft 365 to Steal OAuth Tokens and Gain Persistent Access
• 07:06 UTC - [SecurityWeek] PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
• 06:39 UTC - [Cyber Security News] PentAGI – Automated AI-Powered Penetration Testing Tool that Integrates Security 20+ Tools
• 06:39 UTC - [Cyber Security News] PentAGI – Automated AI-Powered Penetration Testing Tool that Integrates 20+ Security Tools
• 06:21 UTC - [Cyber Security News] Google Issues Emergency Chrome Security Update to Address High-Severity PDFium and V8 Flaws
• 05:27 UTC - [The Hacker News] Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran
• 05:27 UTC - [The Hacker News] Former Google Engineers Indicted Over Trade Secret Transfers to Iran
• 03:48 UTC - [Have I Been Pwned latest breaches] CarMax - 431,371 breached accounts
• 02:36 UTC - [Cyber Security News] Splunk Enterprise for Windows Vulnerability Let Attackers Hijack DLLs and Gain SYSTEM Access
• 00:20 UTC - [Latest from TechRadar in Security] Major CarGurus data breach reportedly sees 1.7 million corporate records stolen

2026-02-19 #

• 23:17 UTC - [darkreading] Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
• 23:00 UTC - [Unit 42] VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)
• 22:59 UTC - [CyberScoop] Ukrainian sentenced to 5 years in prison for facilitating North Korean remote worker scheme
• 22:36 UTC - [BleepingComputer] PromptSpy is the first known Android malware to use generative AI at runtime
• 22:36 UTC - [BleepingComputer] PromptSpy is the first Android malware to use generative AI at runtime
• 22:33 UTC - [darkreading] Supply Chain Attack Secretly Installs OpenClaw for Cline Users
• 22:06 UTC - [darkreading] Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA
• 21:40 UTC - [Latest from TechRadar in Security] Honeywell CCTV cameras vulnerable to hijacking which allows hackers to crack passwords easily
• 21:24 UTC - [0day Fans] CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad
• 20:50 UTC - [darkreading] Abu Dhabi Finance Week Exposed VIP Passport Details
• 20:43 UTC - [CyberScoop] State Dept. official says post-quantum transition plans will outlive current leadership
• 18:44 UTC - [CyberScoop]  FBI: Threats from Salt Typhoon are ‘still very much ongoing’
• 18:44 UTC - [CyberScoop] FBI: Threats from Salt Typhoon are ‘still very much ongoing’
• 18:25 UTC - [Latest from TechRadar in Security] Massive global data breach sees over a billion records exposed - here's what we know so far
• 18:15 UTC - [CyberScoop] HHS burrows into identifying risks to health sector from third-party vendors
• 18:12 UTC - [CyberScoop] ONCD official says Trump administration aims to bolster AI use for defense without increasing risk
• 17:52 UTC - [The Hacker News] PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
• 17:50 UTC - [The Hacker News] INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
• 17:40 UTC - [The Hacker News] Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
• 17:30 UTC - [Cyber Security News] Adidas Investigates Alleged Data Breach – 815,000 Records of Customer Data Stolen
• 17:16 UTC - [BleepingComputer] Flaw in Grandstream VoIP phones allows stealthy eavesdropping
• 17:13 UTC - [Proofpoint Threat Insight] (Don't) TrustConnect: It's a RAT in an RMM hat
• 17:10 UTC - [Latest from TechRadar in Security] Hackers claim breach of Adidas systems - but it says a third-party is the real victim
• 17:00 UTC - [Microsoft Security Blog] New e-book: Establishing a proactive defense with Microsoft Security Exposure Management
• 17:00 UTC - [BleepingComputer] Google blocked over 1.75 million Play Store app submissions in 2025
• 16:55 UTC - [Cyber Security News] OpenClaw’s Top Skill is a Malware that Stole SSH Keys, and Opened Reverse Shells in 1,184 Packages
• 16:55 UTC - [Cyber Security News] OpenClaw’s Top Skill is a Malware that Stole SSH Keys and Opened Reverse Shells in 1,184 Packages
• 16:27 UTC - [Microsoft Security Blog] Running OpenClaw safely: identity, isolation, and runtime risk
• 16:10 UTC - [Cybersecurity Dive - Latest News] Palo Alto Networks CEO sees AI as demand driver, not a threat
• 16:09 UTC - [Cyber Security News] Beyond CVE China’s Dual Vulnerability Databases Reveal a Different Disclosure Timeline
• 16:01 UTC - [Cyber Security News] AI Under Control: Link11 Launches AI Management Dashboard for Clean Traffic
• 15:58 UTC - [Cybersecurity Dive - Latest News] The AI world’s ‘connective tissue’ is woefully insecure, Cisco warns
• 15:58 UTC - [Cybersecurity Dive - Latest News] AI’s ‘connective tissue’ is woefully insecure, Cisco warns
• 15:30 UTC - [BleepingComputer] CISA orders feds to patch actively exploited Dell flaw within 3 days
• 15:24 UTC - [Latest from TechRadar in Security] Championing data leadership: how can data strategy shape AI success?
• 15:19 UTC - [Latest from TechRadar in Security] Batten down the hatches - ransomware attacks are increasingly targeting firewalls, experts claim
• 15:18 UTC - [darkreading] Connected and Compromised: When IoT Devices Turn Into Threats
• 15:18 UTC - [darkreading] Connected & Compromised: When IoT Devices Turn Into Threats
• 15:06 UTC - [Cyber Security News] Selective Thread Emulation and Fuzzing Expose DoS Flaws in Socomec DIRIS M-70 IIoT Device
• 15:05 UTC - [BleepingComputer] How infostealers turn stolen credentials into real identities
• 15:02 UTC - [SecurityWeek] French Government Says 1.2 Million Bank Accounts Exposed in Breach
• 14:39 UTC - [Cyber Security News] PromptSpy – First Known Android AI Malware Uses Google’s Gemini for Decision-making
• 14:35 UTC - [The Hacker News] ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
• 14:30 UTC - [Cyber Security News] Threat Actors Using Fake Google Forms Site to Harvest Google Logins
• 14:05 UTC - [Latest from TechRadar in Security] Microsoft admits an Office bug exposed confidential user emails to Copilot
• 14:00 UTC - [Cyber Security News] CISA Warns of Honeywell CCTV Products Vulnerability Leads to Account Takeovers
• 14:00 UTC - [All Fortinet Blog | Latest Posts] INTERPOL Operation Red Card 2.0: Turning Collaboration into Real-World Cybercrime Disruption
• 13:51 UTC - [BleepingComputer] Nigerian man gets eight years in prison for hacking tax firms
• 13:44 UTC - [Cyber Security News] Hackers Leveraging nslookup.exe to Stage Payloads via DNS Using Clickfix Attack
• 13:19 UTC - [SecurityWeek] Nearly 1 Million User Records Compromised in Figure Data Breach
• 12:36 UTC - [BleepingComputer] Texas sues TP-Link over Chinese hacking risks, user deception
• 12:30 UTC - [BleepingComputer] Hackers target Microsoft Entra accounts in device code vishing attacks
• 12:23 UTC - [SecurityWeek] Venice Security Emerges From Stealth With $33M Funding for Privileged Access Management
• 12:05 UTC - [Schneier on Security] Malicious AI
• 11:56 UTC - [SecurityWeek] Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025
• 11:55 UTC - [Cyber Security News] XWorm Malware Delivered via Fake Financial Receipts Targeting Windows Systems to Steal Logins and Sessions
• 11:55 UTC - [The Hacker News] From Exposure to Exploitation: How AI Collapses Your Response Window
• 11:24 UTC - [BleepingComputer] Police arrests 651 suspects in African cybercrime crackdown
• 11:22 UTC - [Cyber Security News] Hackers Leveraging Emoji Code to Hide Malicious Code and Evade Security Detections
• 11:00 UTC - [SecurityWeek] OpenClaw Security Issues Continue as SecureClaw Open Source Tool Debuts
• 11:00 UTC - [CyberScoop] The Caracas operation suggests cyber was part of the plan – just not the whole operation
• 10:24 UTC - [The Hacker News] Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
• 10:00 UTC - [BleepingComputer] New 'Massiv' Android banking malware poses as an IPTV app
• 09:59 UTC - [Cyber Security News] Critical Authentication Bypass in better-auth API Keys Plugin Allows Unauthenticated Account Takeover
• 09:42 UTC - [Cyber Security News] AI Dev Tool Cline’s npm Token Hijacked by Hackers for 8 Hours
• 09:16 UTC - [SecurityWeek] German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack
• 08:56 UTC - [Cyber Security News] Advanced Crypto Mining Malware Spreads Through External Drives and Air-Gapped Systems
• 08:43 UTC - [Cyber Security News] Microsoft Defender Unveils Centralized Script Library with Copilot Analysis for Enhanced Live Response
• 08:25 UTC - [bellingcat] Shipwrecks, Sham Papers and False Flags: Tracking the Company Behind It All
• 08:13 UTC - [The Hacker News] CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
• 07:37 UTC - [Cyber Security News] Microsoft Teams to Prompt Mobile Users for Browser Choice with Non-Office and PDF Links
• 07:36 UTC - [Cyber Security News] MCP Servers can be Exploited to Execute Arbitrary Code and Exfiltrate Sensitive Data
• 07:00 UTC - [darkreading] More Than 40% of South Africans Were Scammed in 2025
• 03:33 UTC - [Cyber Security News] OpenAI Launches EVMbench to Detect, Patch, and Exploit Vulnerabilities in Blockchain Environments
• 03:05 UTC - [Cyber Security News] Guardian AI-Penetration Testing Tool Connects Gemini, GPT-4 with 19 Security Tools Including Nmap
• 02:03 UTC - [Cyber Security News] Hackers Can Leverage Grok and Copilot for Stealthy Malware Communication and Control
• 00:30 UTC - [Graham Cluley] Smashing Security podcast #455: Face off: Meta’s Glasses and America’s internet kill switch

2026-02-18 #

• 23:47 UTC - [CyberScoop] Nigerian man sentenced to 8 years in prison for running phony tax refund scheme
• 23:25 UTC - [Latest from TechRadar in Security] 'AI assistants are no longer just productivity tools; they are becoming part of the infrastructure that malware can abuse': Experts warn Copilot and Grok can be hijacked to spread malware
• 22:15 UTC - [Latest from TechRadar in Security] AI is helping hackers make new malware faster and more complex than ever - and things may only get tougher
• 21:47 UTC - [darkreading] Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
• 21:15 UTC - [darkreading] Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot
• 20:58 UTC - [BleepingComputer] Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
• 20:56 UTC - [darkreading] Threat Intelligence Has a Human-Shaped Blind Spot
• 20:49 UTC - [darkreading] Dell's Hard-Coded Flaw: A Nation-State Goldmine
• 20:18 UTC - [BleepingComputer] AI platforms can be abused for stealthy malware communication
• 19:20 UTC - [Cyber Security News] Cryptocurrency Scams Target Asia, Combining Malvertising and Pig Butchering with Losses Up to ¥10 Million
• 19:13 UTC - [darkreading] A CISO's Playbook for Defending Data Assets Against AI Scraping
• 18:49 UTC - [Cyber Security News] Critical Ivanti EPMM Zero-Day Vulnerabilities Exploited in The Wild Targeting Corporate Networks
• 18:30 UTC - [Cyber Security News] Fake CAPTCHA (ClickFix) Attack Chain Leads to Enterprise‑Wide Malware Infection in Organisations
• 18:14 UTC - [Cyber Security News] ClickFix Abuses Legitimate Homebrew Workflow to Deploy Cuckoo Stealer on macOS for Credential Harvesting
• 17:30 UTC - [The Hacker News] Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody
• 17:10 UTC - [Latest from TechRadar in Security] A dangerous new Android backdoor has been found - Keenadu lurks in firmware, here's what we know
• 17:08 UTC - [Cyber Security News] Microsoft 365 Copilot Flaw Allows AI Assistant to Summarize Sensitive Emails
• 16:59 UTC - [Cyber Security News] Microsoft 365 Exchange URL Filtering Update Quarantines Legitimate Emails as Phishing
• 16:35 UTC - [The Hacker News] Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
• 16:34 UTC - [Cyber Security News] Malware Campaign Delivers Remote Access Backdoor and Fake MetaMask Wallet to Steal Cryptocurrency Funds
• 16:27 UTC - [BleepingComputer] Telegram channels expose rapid weaponization of SmarterMail flaws
• 16:26 UTC - [BleepingComputer] Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages
• 16:19 UTC - [Cybersecurity Dive - Latest News] Identity and supply chain need more attention, risk intelligence firm says
• 16:10 UTC - [Latest from TechRadar in Security] Top Abu Dhabi finance summit exposes personal data, passport info of hundreds of major global figures
• 16:00 UTC - [All Fortinet Blog | Latest Posts] Voice of the Customer at Accelerate: Practical Lessons from Real-World Security and Networking Leaders
• 16:00 UTC - [All Fortinet Blog | Latest Posts] Cyber Risk Is a Board Responsibility and Training Is the Missing Link
• 15:59 UTC - [CyberScoop] Fulton County lawsuit claims feds used ‘gross mischaracterizations’ to justify raid
• 15:41 UTC - [SecurityWeek] New Keenadu Android Malware Found on Thousands of Devices
• 15:39 UTC - [Cybersecurity Dive - Latest News] Threat groups using AI to speed up and scale cyberattacks
• 15:39 UTC - [Cybersecurity Dive - Latest News] Threat groups use AI to speed up and scale cyberattacks
• 15:19 UTC - [Cyber Security News] New SysUpdate Variant Malware Discovered and Tool Developed to Decrypt Encrypted Linux C2 Traffic
• 15:05 UTC - [Cyber Security News] OpenClaw AI Framework v2026.2.17 Released with Anthropic Model Support and Security Fixes
• 14:58 UTC - [Latest from TechRadar in Security] Entering the post-speed era: when everyone can ship fast, control becomes the real advantage
• 14:47 UTC - [SecurityWeek] Cogent Security Raises $42 Million for AI-Driven Vulnerability Management
• 14:18 UTC - [Cyber Security News] ClawHavoc Poisoned OpenClaw’s ClawHub with 1,184 Malicious Skills, Enabling Data Theft and Backdoor Access
• 14:15 UTC - [Rapid7 Cybersecurity Blog] The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP
• 14:05 UTC - [Latest from TechRadar in Security] A worrying Dell zero-day flaw has reportedly gone unpatched for nearly two years - and Chinese hackers are taking advantage
• 14:01 UTC - [BleepingComputer] Data breach at fintech firm Figure affects nearly 1 million accounts
• 14:00 UTC - [Rapid7 Cybersecurity Blog] CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)
• 14:00 UTC - [Black Hills Information Security, Inc.] OSINT: How to Find, Use, and Control Open-Source Intelligence
• 13:56 UTC - [Cyber Security News] 16 Zero-Day Vulnerabilities in Popular PDF Platforms Enable Code Execution and Data Exfiltration
• 13:17 UTC - [Cyber Security News] MetaMask Users Targeted with Phishing Emails Containing Forged Security Report to Evade Detection
• 13:16 UTC - [SecurityWeek] Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration
• 13:16 UTC - [The Hacker News] Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
• 12:25 UTC - [Latest from TechRadar in Security] ‘An all-time high’: Number of ransomware groups exploded in 2025 as victim growth rate doubled - with Qilin dominating the landscape
• 12:14 UTC - [Cyber Security News] Paloalto to Acquire Koi Security for Establishing Agentic Endpoint security
• 12:03 UTC - [Schneier on Security] AI Found Twelve New Vulnerabilities in OpenSSL
• 12:03 UTC - [BleepingComputer] Microsoft says bug causes Copilot to summarize confidential emails
• 11:58 UTC - [The Hacker News] Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability
• 11:40 UTC - [Cyber Security News] Anthropic Releases Claude Sonnet 4.6 with Improved Coding, Computer Use, and 1M Token Context Window
• 11:19 UTC - [Cyber Security News] CISA Adds Windows Video ActiveX Control RCE Flaw to KEV Catalog Following Active Exploitation
• 10:59 UTC - [0day Fans] “Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities
• 10:52 UTC - [Graham Cluley] Dutch police arrest man for “hacking” after accidentally sending him confidential files
• 10:50 UTC - [BleepingComputer] Glendale man gets 5 years in prison for role in darknet drug ring
• 10:32 UTC - [The Hacker News] Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
• 10:30 UTC - [The Hacker News] 3 Ways to Start Your Intelligent Workflow Program
• 10:28 UTC - [Cyber Security News] Single-Character Typo of “&” Instead of “|” Leads to 0-Day RCE in Firefox
• 10:26 UTC - [SecurityWeek] CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5
• 09:23 UTC - [Cyber Security News] New Phishing Campaign Targets Booking.com Partners and Customers in Multi-Stage Financial Fraud Scheme
• 08:57 UTC - [Cyber Security News] CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in Attacks
• 08:43 UTC - [Cyber Security News] Microsoft VS Code Extension with 11M Downloads Expose Developers to One-Click XSS Attacks
• 08:24 UTC - [SecurityWeek] Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction
• 07:40 UTC - [The Hacker News] Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
• 07:28 UTC - [Cyber Security News] Notepad++ v8.9.2 Released with “Double-Lock” Update Mechanism Following Recent Hack
• 07:21 UTC - [Cyber Security News] New ‘Foxveil’ Malware Loader Leverages Cloudflare, Netlify, and Discord to Evade Detection
• 07:09 UTC - [SecurityWeek] Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group
• 07:02 UTC - [Cyber Security News] Critical Windows Admin Center Vulnerability Allows Privilege Escalation
• 06:52 UTC - [The Hacker News] CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update