Cybersecurity

• Introduction In October 2025, we discovered a series of forum posts advertising a previously unknown stealer, dubbed ‘Arkanix Stealer’ by its authors. • It operated under a MaaS

• OpenClaw is rarely out of the news, but not necessarily under that name. • This ‘autonomous personal assistant’ started life as Clawdbot, changed its name to Moltbot, and is now

• Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users Cybersecurity researchers have disclosed details of a new Android trojan calledMassivthat’s designed t

• New ‘Massiv’ Android banking malware poses as an IPTV app February 19, 2026 05:00 AM 0 A new Android banking malware, which researchers named Massiv, is posing as an IPTV app to

• Deutsche Bahn, Germany’s national rail operator, has been dealing with a large-scale distributed denial-of-service (DDoS) attack that has disrupted some of its IT systems.Regular

• CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware Cybersecurity researchers have disclosed details of a new campaign dubbedCRESCENTHARVEST, likely targeti

• Patch Tuesday 2026 fixed 59 CVEs, including six critical zero‑days. • CVE‑2026‑21533: Windows Remote Desktop elevation of privilege, CVSS 7.8. • Exploit modifies service config k

• Survey underscores the reality that scammers follow ‘scalable opportunities and low friction,’ rather than rich targets that tend to be better protected.

• ISC Stormcast For Thursday, February 19th, 2026 https://isc.sans.edu/podcastdetail/9816 Handler on Duty: Johannes Ullrich Threat Level: green My next class: Application Security:

• How to start consolidating your cybersecurity tools Jackson Connell, Mitch Pronschinske Optimize operations Risk & compliance Culture & collaboration Jan 12, 2026 Jackson Connell

• The risks of cybersecurity tool sprawl: Why consolidation is a strategic priority Jackson Connell, Mitch Pronschinske Optimize operations Risk & compliance Culture & collaboratio

• Insider threats pose a growing risk to organizations. • Whether insiders take malicious actions, exhibit negligent behavior, or make accidental errors, they have the potential to

• A convincing presale site for phony ‘Google Coin’ features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers.

• CVE-2026-2329 allows unauthenticated root-level access to SMB phone infrastructure, so attackers can intercept calls, commit toll fraud, and impersonate users.

• Critical infra Honeywell CCTVs vulnerable to auth bypass flaw February 18, 2026 03:58 PM 0 The U.S. • Cybersecurity and Infrastructure Security Agency (CISA) is warning of a crit

• How I realized what I was taught to about threat intelligence was missing something crucial.

• A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware.

• AI platforms can be abused for stealthy malware communication February 18, 2026 03:18 PM 0 AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabi

• Cyber Risk Commentary Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry expe

• AI Unlocked challenge focuses on detecting and mitigating prompt injection attacks. • Participants learn to craft prompts that resist malicious manipulation by LLMs. • Interactiv

• Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody New research from the Citizen Lab has found signs that Kenyan authorities used a commercialfor

• Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 seri

• SmarterMail CVE-2026-24423 and CVE-2026-23760 enable remote code execution and auth bypass. • Attackers weaponized these flaws within days of disclosure, sharing exploits on Tele

• Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages February 18, 2026 11:26 AM 0 Microsoft says an Exchange Online issue that mistakenly quarantined legitima

• Researchers at Kaspersky have analyzed a recently discovered Android malware that enables its operators to remotely control compromised devices.DubbedKeenadu, the backdoor has be

• Cogent Security raises $42M Series A, total funding now $53M. • Funding led by Bain Capital Ventures, joined by Greylock, OpenAI execs, Datadog. • Company develops autonomous AI

• Hackers breached Figure Technology Solutions, stealing personal data of nearly 1 million accounts. • Attack was a social‑engineering phishing that tricked an employee into giving

• 16 critical, high, and medium‑severity vulnerabilities found in Foxit and Apryse PDF platforms. • Flaws include DOM XSS, SSRF, path traversal, and OS command injection. • Attacke

• Lenovo sued by Almeida Law Group for alleged data transfer to China. • Lawsuit claims violation of DOJ Data Security Program, preventing large data exports to ‘countries of conce

• AI Found Twelve New Vulnerabilities in OpenSSL The title of the post is’What AI Security Research Looks Like When It Works,’ and I agree: In the latest OpenSSL security release>

• Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies th

• In 2025, navigating the digital seas still felt like a matter of direction. • Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resi

• Glendale man gets 5 years in prison for role in darknet drug ring February 18, 2026 05:50 AM 0 ​A Glendale man was sentenced to nearly five years in federal prison for his role i

• 3 Ways to Start Your Intelligent Workflow Program Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock

• Palo Alto Networks announced on Tuesday that it has entered into a definitive agreement to acquire endpoint security company Koi.Financial details have not been disclosed by the

• Tracking Malware Campaigns With Reused Material A few days ago I wrote a diary called ‘Malicious Script Delivering More Maliciousness’[1]. • In the malware infection chain, there

• Notepad++ released 8.9.2 patch to fix hijacked update mechanism exploited by Chinese threat actor. • Introduces ‘double lock’ design, verifying signed installer and XML from upda

• AI language models can erode our creative capacity, making original idea generation harder. • Other AI types enhance critical thinking, providing analytical tools for better deci

• Singapore’s CSA and four telcos launched ‘Cyber Guardian’ to counter China-linked UNC3886.\n• 100+ incident responders coordinated across government and M1, Singtel, StarHub, Sim

• Spanish court orders NordVPN and ProtonVPN to block 16 sites facilitating LaLiga match piracy. • Restrictions apply to a dynamic IP list in Spain, with no appeal rights for VPNs.

• Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge.

• Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant.

• Flaws in popular VSCode extensions expose developers to attacks February 17, 2026 04:27 PM 0 Vulnerabilities with high to critical severity ratings affecting popular Visual Studi

• RMM tools are increasingly used as primary attack vectors, replacing traditional malware. • Attackers leverage RMM’s remote access to maintain stealth and persistence. • RMM’s bu

• ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

• Executive Summary Two critical zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340) affecting Ivanti Endpoint Manager Mobile (EPMM) are being actively exploited in the wild

• Google highlighted MSC 2026’s focus on integrated security amid multi-front cyber threats. • AI-driven attacks now automate reconnaissance, phishing, and supply‑chain sabotage. •

• Cloud attacks outpace traditional incident response, infrastructure vanishes in minutes. • Manual log stitching gives attackers advantage; automated, context-aware forensics need

• Notepad++ introduces a double‑lock update system, verifying signed installers from GitHub and XML from its domain. • The new design eliminates DLL side‑loading by removing libcur

• AI assistants like Copilot and Grok can be hijacked as stealthy C2 proxies, blending into legitimate traffic. • Check Point researchers demonstrated the technique using anonymous

• Share Link copied to clipboard! • Content types Industry trends Topics AI and agents Defending against advanced tactics Security management Security operations SIEM and XDR Secur

• Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remote

• Vulnerability intelligence company VulnCheck announced on Tuesday that it has raised $25 million to meet demand for its solutions.The Series B funding round, which brings the tot

• Microsoft Teams experiencing widespread outage across US and Europe, disrupting meetings and chat functionality. • Users report delays and failures when sending or receiving inli

• What 5 Million Apps Revealed About Secrets in JavaScript February 17, 2026 09:40 AM 0 Leaked API keys are nothing new, but the scale of the problem in front-end code has been lar

• Keenadu: sophisticated Android malware embedded in firmware across multiple device brands. • Distributes via OTA firmware, system apps, unofficial sources, and Google Play apps.

• Application Programming Interfaces (APIs) remain an attacker-favored exploit route. • Aggressors continuously target common failures in identity, access control and exposed inter

• SecurityWeek’s Cyber Insights 2026 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. • We spoke to

• A 47-year-old man arrested by police in Poland for allegedly being involved in cybercriminal activities has been linked to the Phobos ransomware operation.According to Poland’s C

• SmartLoader uses a trojanized Oura MCP server to deliver the StealC infostealer. • Threat actors cloned legitimate Oura MCP, creating fake forks to build credibility. • StealC st