Cybersecurity

• Side-Channel Attacks Against LLMs Here are three papers describing different side-channel attacks against LLMs. • ‘Remote Timing Attacks on Efficient Language Model Inference’: A

• IT worker tried to destroy SATA SSD with a drill, but missed the PCB. • The drive remained intact, data still accessible, posing a security risk. • SSDs have shorter PCBs; drilli

• Poland arrests suspect linked to Phobos ransomware operation February 17, 2026 06:31 AM 0 Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware

• My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (NDR) system. • My g

• Dragos 9th Annual Report reveals three new OT/ICS threat groups active in 2025. • Sylvanite rapidly weaponizes n‑day vulnerabilities, enabling Voltzite to infiltrate critical inf

• Ireland’s Data Protection Commission (DPC), the country’s data protection authority, has opened a formal investigation into X over the use of the platform’s Grok artificial intel

• Microsoft Finds ‘Summarize with AI’ Prompts Manipulating Chatbot Recommendations New research from Microsoft has revealed that legitimate businesses are gaming artificial intelli

• ETH Zurich researchers tested zero‑knowledge password managers against fully malicious servers. • Bitwarden, Dashlane, LastPass, and 1Password were evaluated. • Attacks targeted

• In April 2025, we reported on a then-new iteration of the Triada backdoor that had compromised the firmware of counterfeit Android devices sold across major marketplaces. • The m

• FeaturedCrowdStrike Named a Customers’ Choice in 2026 Gartner® Peer Insights™ Voice of the Customer for User AuthenticationFeb 12, 2026How to Scale SOC Automation with Falcon Fus

• FeaturedCrowdStrike Named a Customers’ Choice in 2026 Gartner® Peer Insights™ Voice of the Customer for User AuthenticationFeb 12, 2026How to Scale SOC Automation with Falcon Fus

• CrowdStrike expands Linux sensor to detect malicious web shells in real time. • New detection engine uses behavioral analytics and signature matching for zero‑day threats. • Prev

• CrowdStrike awarded Customer’s Choice in 2026 Gartner Peer Insights for user authentication. • Recognition reflects strong customer satisfaction and product performance across se

• OpenClaw automates threat detection and response across enterprise environments. • Seamless integration with CrowdStrike Falcon boosts SOC efficiency. • Human‑AI feedback loops r

• CrowdStrike earns Customers’ Choice award in 2026 Gartner Peer Insights Voice of the Customer for User Authentication. • The accolade reflects strong customer satisfaction and pr

• CrowdStrike’s new Agentic Security framework blends human oversight with AI‑driven threat detection. • The system uses a continuous feedback loop where analysts refine AI models

• CrowdStrike recognized as Customers’ Choice for User Authentication in Gartner Peer Insights. • Falcon Identity Security delivers zero‑trust authentication across web, mobile, an

• Falcon Fusion SOAR scales SOC automation by integrating AI‑driven playbooks and real‑time incident response. • The platform supports multi‑cloud environments, enabling consistent

• Fake Incident Report Used in Phishing Campaign This morning, I received an interesting phishing email. • I’ve a ’love & hate’ relation with such emails because I always have the

• Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption (

• ISC Stormcast For Tuesday, February 17th, 2026 https://isc.sans.edu/podcastdetail/9812 Handler on Duty: Jan Kopriva Threat Level: green My next class: Application Security: Secur

• Washington Hotel in Japan discloses ransomware infection incident February 16, 2026 04:10 PM 0 The Washington Hotel brand in Japan has announced that that its servers were compro

• Man arrested for demanding reward after accidental police data leak February 16, 2026 02:13 PM 1 Dutch authorities arrested a 40-year-old man after he downloaded confidential doc

• Infostealer variant of Vidar exfiltrated OpenClaw AI agent config files. • Stolen files include openclaw.json, device.json, soul.md with tokens, keys, operational principles. • T

• A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditi

• GS7 group exploits Fortune 500 brand trust, creating near‑perfect corporate portal replicas. • Targeted U.S. financial institutions, luring employees into credential theft. • Att

• Infostealer malware found stealing OpenClaw secrets for first time February 16, 2026 12:32 PM 0 With the massive adoption of the OpenClaw agentic AI assistant, information-steali

• South Korea’s Personal Information Protection Commission (PIPC) announced last week that it has issued significant fines to several major luxury brands over a recent hacker attac

• One morning, you wake up and realize that your business has grown to the point where you can no longer afford to get into that old, worn-out diesel subcompact. • Instead, you sch

• 30 copycat apps tricked users, and Google itself, into thinking they’re legitimate AI tools.

• Google announced the first beta version of Android 17, which includes several privacy and security enhancements.Android developers have described several improvements related to

• CISAwill remain operational during the DHS shutdown that commenced at 12:01 a.m. • on Saturday, February 14, 2026, although at a reduced capacity. • KEV is one area that remains.

• ClickFix uses fake CAPTCHAs and bogus updates to trick users into executing malicious commands. • Traditional mshta and PowerShell vectors are blocked, so attackers shifted to ns

• CISA gives feds 3 days to patch actively exploited BeyondTrust flaw February 16, 2026 07:33 AM 1 The U.S. • Cybersecurity and Infrastructure Security Agency (CISA) ordered federa

• The Promptware Kill Chain Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. • Yet discussions around these attacks a

• Microsoft has warned users that threat actors are leveraging a new variant of the ClickFix technique to deliver malware.TheClickFixattack method has been increasingly used in the

• Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud Technologies are evolving fast, reshaping economies, governance, and daily life. • Yet, as innova

• Amazon’s Ring ends partnership with police surveillance firm Flock Safety amid public backlash. • The decision follows a 30‑second Super Bowl ad featuring a lost dog and camera n

• Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that’s being advertised on Telegram as a way to grab sensitive data and facili

• Credential‑stealing Chrome extensions discovered; Malwarebytes Labs offers detection and removal guide. • Fake online shops target Winter Olympics 2026 fans, phishing for payment

• 2026 64-Bits Malware Trend In 2022 (time flies!), I wrote a diary about the 32-bits VS. • 64-bits malware landscape[1]. • It demonstrated that, despite the growing number of 64-b

• New Chrome Zero-Day (CVE-2026-2441) Under Active Attack - Patch Released Google on Friday released security updates for its Chrome browser to address a security flaw that it said

• Canada Goose investigating as hackers leak 600K customer records February 15, 2026 11:45 PM 0 ShinyHunters, a well-known data extortion group, claims to have stolen more than 600

• ISC Stormcast For Monday, February 16th, 2026 https://isc.sans.edu/podcastdetail/9810 Handler on Duty: Jan Kopriva Threat Level: green My next class: Application Security: Securi

• Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaign

• Windows 11 KB5077181 fixes boot failures linked to failed updates February 15, 2026 05:08 PM 0 Microsoft says it has resolved a Windows 11 bug that caused some commercial systems

• CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups February 15, 2026 11:30 AM 0 CTM360 reports that more than 4,000 malicious Google Groups and 3,500

• Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps February 15, 2026 10:17 AM 0 Threat actors are abusing Pastebin comments to distribute a new ClickFix-sty

• Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a

• Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking atOntario Tech Universityin Oshawa, Ontario, Canada, at 2 PM ET on Th

• One threat actor responsible for 83% of recent Ivanti RCE attacks February 14, 2026 11:02 AM 0 Update: The article initially listed the wrong CVEs. • This has now been corrected

• Snail mail letters target Trezor and Ledger users in crypto-theft attacks February 14, 2026 10:15 AM 1 Threat actors are sending physical letters pretending to be from Trezor and

• Security researchers have discovered more than 300 Chrome extensions that leak browser data, spy on their users, or outright steal users’ data.Research focused on the analysis of

• Executive Summary This article explores the misuse of QR codes in today’s threat landscape, covering three areas of concern: - QR codes using URL shorteners to disguise malicious

• Fake job recruiters hide malware in developer coding challenges February 13, 2026 05:35 PM 0 A new variation of the fake recruiter campaign from North Korean threat actors is tar

• Friday Squid Blogging: Do Squid Dream? • An exploration of the interesting question. • An exploration of the interesting question. • Clive Robinson • February 14, 2026 2:08 AM @

• Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organiz

• Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targete

• Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks.

• As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface.