RoundCube and BeyondTrust flaws exploited in the wild
CISA has flagged the BeyondTrust vulnerability as actively exploited in ransomware attacks.
Cybersecurity News - Page 24
Shai-Hulud-style npm attack hijacks CI workflows and poisons AI toolchains
The attack resembles earlier “Shai-Hulud” waves, embedding malicious code into npm packages.
Russian-speaking threat actor uses AI toolkits to breach 600+ Fortinet firewalls
The documentation found by the team mentions multiple CVEs across various targets, but it appears that the attackers largely failed while attempting to exploit weaknesses.
Cyber Security Week in Review: February 20, 2026
In brief: Chinese hackers exploit a zero-day flaw in Dell software, Google has patched the first Chrome zero-day of the year, and more.
GrayCharlie’s WordPress malware campaign hijacks sites via supply chain attack
GrayCharlie, which has been active since mid-2023, injects malicious scripts into compromised WordPress sites.
Notepad++ releases security update after targeted supply chain attack
the latest release introduces a “double lock” design intended to make the update process "robust and effectively unexploitable."
AI as a C2 Proxy technique turns AI assistants into C&C relays
The method was tested against platforms including Microsoft Copilot and Grok.
China-linked UNC6201 deploys Grimbolt backdoor via Dell RecoverPoint zero-day
Versions of RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contain hardcoded credentials that could allow hackers gain root access.
Polish authorities arrest suspected Phobos ransomware affiliate
US authorities have linked the group to attacks on more than 1,000 public and private organizations worldwide.
New study finds password recovery issues in major cloud-based password managers
The issues span a wide spectrum, from targeted vault integrity violations to the potential compromise of all vaults within an organization.
Showing elements 231 - 240