Cybersecurity

• CVE-2026-2329 allows unauthenticated root-level access to SMB phone infrastructure, so attackers can intercept calls, commit toll fraud, and impersonate users.

• Critical infra Honeywell CCTVs vulnerable to auth bypass flaw February 18, 2026 03:58 PM 0 The U.S. • Cybersecurity and Infrastructure Security Agency (CISA) is warning of a crit

• How I realized what I was taught to about threat intelligence was missing something crucial.

• A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware.

• AI platforms can be abused for stealthy malware communication February 18, 2026 03:18 PM 0 AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabi

• Cyber Risk Commentary Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry expe

• AI Unlocked challenge focuses on detecting and mitigating prompt injection attacks. • Participants learn to craft prompts that resist malicious manipulation by LLMs. • Interactiv

• Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody New research from the Citizen Lab has found signs that Kenyan authorities used a commercialfor

• Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 seri

• SmarterMail CVE-2026-24423 and CVE-2026-23760 enable remote code execution and auth bypass. • Attackers weaponized these flaws within days of disclosure, sharing exploits on Tele

• Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages February 18, 2026 11:26 AM 0 Microsoft says an Exchange Online issue that mistakenly quarantined legitima

• Researchers at Kaspersky have analyzed a recently discovered Android malware that enables its operators to remotely control compromised devices.DubbedKeenadu, the backdoor has be

• Cogent Security raises $42M Series A, total funding now $53M. • Funding led by Bain Capital Ventures, joined by Greylock, OpenAI execs, Datadog. • Company develops autonomous AI

• Hackers breached Figure Technology Solutions, stealing personal data of nearly 1 million accounts. • Attack was a social‑engineering phishing that tricked an employee into giving

• 16 critical, high, and medium‑severity vulnerabilities found in Foxit and Apryse PDF platforms. • Flaws include DOM XSS, SSRF, path traversal, and OS command injection. • Attacke

• AI Found Twelve New Vulnerabilities in OpenSSL The title of the post is’What AI Security Research Looks Like When It Works,’ and I agree: In the latest OpenSSL security release>

• Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies th

• In 2025, navigating the digital seas still felt like a matter of direction. • Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resi

• Glendale man gets 5 years in prison for role in darknet drug ring February 18, 2026 05:50 AM 0 ​A Glendale man was sentenced to nearly five years in federal prison for his role i

• 3 Ways to Start Your Intelligent Workflow Program Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock

• Palo Alto Networks announced on Tuesday that it has entered into a definitive agreement to acquire endpoint security company Koi.Financial details have not been disclosed by the

• Tracking Malware Campaigns With Reused Material A few days ago I wrote a diary called ‘Malicious Script Delivering More Maliciousness’[1]. • In the malware infection chain, there

• Notepad++ released 8.9.2 patch to fix hijacked update mechanism exploited by Chinese threat actor. • Introduces ‘double lock’ design, verifying signed installer and XML from upda

• Singapore’s CSA and four telcos launched ‘Cyber Guardian’ to counter China-linked UNC3886.\n• 100+ incident responders coordinated across government and M1, Singtel, StarHub, Sim

• Spanish court orders NordVPN and ProtonVPN to block 16 sites facilitating LaLiga match piracy. • Restrictions apply to a dynamic IP list in Spain, with no appeal rights for VPNs.

• Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge.

• Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant.

• Flaws in popular VSCode extensions expose developers to attacks February 17, 2026 04:27 PM 0 Vulnerabilities with high to critical severity ratings affecting popular Visual Studi

• RMM tools are increasingly used as primary attack vectors, replacing traditional malware. • Attackers leverage RMM’s remote access to maintain stealth and persistence. • RMM’s bu

• ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

• Executive Summary Two critical zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340) affecting Ivanti Endpoint Manager Mobile (EPMM) are being actively exploited in the wild

• Cloud attacks outpace traditional incident response, infrastructure vanishes in minutes. • Manual log stitching gives attackers advantage; automated, context-aware forensics need

• Notepad++ introduces a double‑lock update system, verifying signed installers from GitHub and XML from its domain. • The new design eliminates DLL side‑loading by removing libcur

• AI assistants like Copilot and Grok can be hijacked as stealthy C2 proxies, blending into legitimate traffic. • Check Point researchers demonstrated the technique using anonymous

• Share Link copied to clipboard! • Content types Industry trends Topics AI and agents Defending against advanced tactics Security management Security operations SIEM and XDR Secur

• Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remote

• Vulnerability intelligence company VulnCheck announced on Tuesday that it has raised $25 million to meet demand for its solutions.The Series B funding round, which brings the tot

• Microsoft Teams experiencing widespread outage across US and Europe, disrupting meetings and chat functionality. • Users report delays and failures when sending or receiving inli

• What 5 Million Apps Revealed About Secrets in JavaScript February 17, 2026 09:40 AM 0 Leaked API keys are nothing new, but the scale of the problem in front-end code has been lar

• Keenadu: sophisticated Android malware embedded in firmware across multiple device brands. • Distributes via OTA firmware, system apps, unofficial sources, and Google Play apps.

• Application Programming Interfaces (APIs) remain an attacker-favored exploit route. • Aggressors continuously target common failures in identity, access control and exposed inter

• SecurityWeek’s Cyber Insights 2026 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. • We spoke to

• A 47-year-old man arrested by police in Poland for allegedly being involved in cybercriminal activities has been linked to the Phobos ransomware operation.According to Poland’s C

• SmartLoader uses a trojanized Oura MCP server to deliver the StealC infostealer. • Threat actors cloned legitimate Oura MCP, creating fake forks to build credibility. • StealC st

• Side-Channel Attacks Against LLMs Here are three papers describing different side-channel attacks against LLMs. • ‘Remote Timing Attacks on Efficient Language Model Inference’: A

• Poland arrests suspect linked to Phobos ransomware operation February 17, 2026 06:31 AM 0 Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware

• My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (NDR) system. • My g

• Dragos 9th Annual Report reveals three new OT/ICS threat groups active in 2025. • Sylvanite rapidly weaponizes n‑day vulnerabilities, enabling Voltzite to infiltrate critical inf

• Ireland’s Data Protection Commission (DPC), the country’s data protection authority, has opened a formal investigation into X over the use of the platform’s Grok artificial intel

• Microsoft Finds ‘Summarize with AI’ Prompts Manipulating Chatbot Recommendations New research from Microsoft has revealed that legitimate businesses are gaming artificial intelli

• ETH Zurich researchers tested zero‑knowledge password managers against fully malicious servers. • Bitwarden, Dashlane, LastPass, and 1Password were evaluated. • Attacks targeted

• In April 2025, we reported on a then-new iteration of the Triada backdoor that had compromised the firmware of counterfeit Android devices sold across major marketplaces. • The m

• FeaturedCrowdStrike Named a Customers’ Choice in 2026 Gartner® Peer Insights™ Voice of the Customer for User AuthenticationFeb 12, 2026How to Scale SOC Automation with Falcon Fus

• FeaturedCrowdStrike Named a Customers’ Choice in 2026 Gartner® Peer Insights™ Voice of the Customer for User AuthenticationFeb 12, 2026How to Scale SOC Automation with Falcon Fus

• CrowdStrike expands Linux sensor to detect malicious web shells in real time. • New detection engine uses behavioral analytics and signature matching for zero‑day threats. • Prev

• CrowdStrike awarded Customer’s Choice in 2026 Gartner Peer Insights for user authentication. • Recognition reflects strong customer satisfaction and product performance across se

• OpenClaw automates threat detection and response across enterprise environments. • Seamless integration with CrowdStrike Falcon boosts SOC efficiency. • Human‑AI feedback loops r

• CrowdStrike earns Customers’ Choice award in 2026 Gartner Peer Insights Voice of the Customer for User Authentication. • The accolade reflects strong customer satisfaction and pr

• CrowdStrike’s new Agentic Security framework blends human oversight with AI‑driven threat detection. • The system uses a continuous feedback loop where analysts refine AI models

• CrowdStrike recognized as Customers’ Choice for User Authentication in Gartner Peer Insights. • Falcon Identity Security delivers zero‑trust authentication across web, mobile, an