-
Researchers at CyberProof have identified a new fake captcha campaign linked to the ClickFix operation. This stealthy infostealer targets over 25 browsers, cryptocurrency wallets like MetaMask, and gaming accounts by tricking users into executing malicious PowerShell commands.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That’s according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026. “No exploitation of FortiGate
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic has quietly flipped the script on application security. On February 20, the company launched Claude Code Security, a new capability baked directly into Claude Code on the web that automatically scans entire repositories for sophisticated vulnerabilities and delivers ready-to-review patch suggestions. Unlike legacy SAST tools that rely on rigid signature matching, Claude Code Security uses […]
The post Anthropic Debuts Claude Code Security – AI Now Scan Vulnerabilities in Your Entire Codebase appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user’s software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers. “It scans codebases for security vulnerabilities and suggests targeted
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-49113 (CVSS score: 9.9) – A deserialization of untrusted data vulnerability that allows remote code
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
·
With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4 help close the gap between AI adoption and workforce readiness. EC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite,¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new Army organization aims to meld service leaders’ mandates to cut bureaucracy and adopt a venture-capital mindset with their push to turn soldiers’ ideas into manufactured gear.
The Pathway for Innovation and Technology is another office, yes, but its director says it will bring together the Army’s innovation and rapid acquisition hubs at the service’s headquarters level, putting muscle behind what until now have been siloed efforts, and coordinating them with the Program Acquisition Executives, who have the funding and authority to turn ideas into programs.
“I sit at the table with the PAEs. I communicate directly with them to express what we are seeing. I also serve as a tech scout for them,” Col. Shermoan Daiyaan, PIT’s director, told reporters Friday. “What we've had is unit-driven innovation. We've had lab-driven innovation with [program managers] and PAEs. But in this case, the gloves are off and we can inject that capability.”
Within PIT sits the Army’s FUZE program, Joint Innovation Outpost and Global Tactical Edge Directorate, who through Daiyaan now have a direct line to the acquisition offices.
“What I think is really interesting here is these divisions and corps have had these innovation hubs or labs for a while now, and they would find ideas, but there was no path to go take it to scale,” said Chris Manning, the Army’s deputy assistant secretary for research and technology. “And so [members of the PIT organizations] are there on the ground and saying, ‘Hey, what are the most promising things coming out of there? And how do I connect this to the broader acquisition enterprise?’ ”
One of the top issues they’d like to tackle is power generation and integration, particularly for unmanned aerial systems, Daiyaan said.
“With us doing multiple vendors of UAS, multiple vendors of different capabilities, they all may have a different battery,” and it might be nice to have “one charger to charge them all,” he said.
Ideally, a PIT-lead program development might look like an xTech competition to get a bunch of companies working on a problem the Army wants to solve, select maybe 10 companies and award them prize money, get their prototypes in the field with soldiers for a 30 or 45 days, and then award Small Business Innovation Research contracts for another six months of development.
From there, they could use FUZE’s Tech Maturation Program to buy five, then 20, then maybe 100 pieces of equipment, while working on a Program Objective Memorandum that would lay out a five-year acquisition plan.
“All of that, in maybe a year now, we have moved the needle faster than we ever could, because we would have still been studying the problem” under the Army’s old acquisition model, Daiyaan said.
He couldn’t put a number on the number of different programs PIT is trying to get off the ground, he said, but there are hundreds.
“We're 90 days in—check back with us this time next year,” he said. “We probably should talk about what we transitioned into programs.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand’s real website, and then acts as a relay between the target and the legitimate site — forwarding the victim’s username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses.
There are countless phishing kits that would-be scammers can use to get started, but successfully wielding them requires some modicum of skill in configuring servers, domain names, certificates, proxy services, and other repetitive tech drudgery. Enter Starkiller, a new phishing service that dynamically loads a live copy of the target login page and records everything the user types, proxying the data to the legitimate site and back to the victim.
According to an analysis of Starkiller by the security firm Abnormal AI, the service lets customers select a brand to impersonate (e.g., Apple, Facebook, Google, Microsoft et. al.) and generates a deceptive URL that visually mimics the legitimate domain while routing traffic through the attacker’s infrastructure.
For example, a phishing link targeting Microsoft customers appears as “login.microsoft.com@[malicious/shortened URL here].” The “@” sign in the link trick is an oldie but goodie, because everything before the “@” in a URL is considered username data, and the real landing page is what comes after the “@” sign. Here’s what it looks like in the target’s browser:
Image: Abnormal AI. The actual malicious landing page is blurred out in this picture, but we can see it ends in .ru. The service also offers the ability to insert links from different URL-shortening services.
Once Starkiller customers select the URL to be phished, the service spins up a Docker container running a headless Chrome browser instance that loads the real login page, Abnormal found.
“The container then acts as a man-in-the-middle reverse proxy, forwarding the end user’s inputs to the legitimate site and returning the site’s responses,” Abnormal researchers Callie Baron and Piotr Wojtyla wrote in a blog post on Thursday. “Every keystroke, form submission, and session token passes through attacker-controlled infrastructure and is logged along the way.”
Starkiller in effect offers cybercriminals real-time session monitoring, allowing them to live-stream the target’s screen as they interact with the phishing page, the researchers said.
“The platform also includes keylogger capture for every keystroke, cookie and session token theft for direct account takeover, geo-tracking of targets, and automated Telegram alerts when new credentials come in,” they wrote. “Campaign analytics round out the operator experience with visit counts, conversion rates, and performance graphs—the same kind of metrics dashboard a legitimate SaaS [software-as-a-service] platform would offer.”
Abnormal said the service also deftly intercepts and relays the victim’s MFA credentials, since the recipient who clicks the link is actually authenticating with the real site through a proxy, and any authentication tokens submitted are then forwarded to the legitimate service in real time.
“The attacker captures the resulting session cookies and tokens, giving them authenticated access to the account,” the researchers wrote. “When attackers relay the entire authentication flow in real time, MFA protections can be effectively neutralized despite functioning exactly as designed.”
The “URL Masker” feature of the Starkiller phishing service features options for configuring the malicious link. Image: Abnormal.
Starkiller is just one of several cybercrime services offered by a threat group calling itself Jinkusu, which maintains an active user forum where customers can discuss techniques, request features and troubleshoot deployments. One a-la-carte feature will harvest email addresses and contact information from compromised sessions, and advises the data can be used to build target lists for follow-on phishing campaigns.
This service strikes me as a remarkable evolution in phishing, and its apparent success is likely to be copied by other enterprising cybercriminals (assuming the service performs as well as it claims). After all, phishing users this way avoids the upfront costs and constant hassles associated with juggling multiple phishing domains, and it throws a wrench in traditional phishing detection methods like domain blocklisting and static page analysis.
It also massively lowers the barrier to entry for novice cybercriminals, Abnormal researchers observed.
“Starkiller represents a significant escalation in phishing infrastructure, reflecting a broader trend toward commoditized, enterprise-style cybercrime tooling,” their report concludes. “Combined with URL masking, session hijacking, and MFA bypass, it gives low-skill cybercriminals access to attack capabilities that were previously out of reach.”
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MELBOURNE, Fla.—Brazilian aerospace giant Embraer is teaming up with Northrop Grumman to develop what could be the Air Force’s next tanker—and promises to spend a half-billion-dollars on infrastructure to make the KC-390 Millenium here.
“We have…almost 3,000 direct employees here in Melbourne,” said Bosco da Costa Junior, CEO of Embraer Defense & Security. “If we have the right business case, Embraer is eager to invest over $500 million to a dedicated facility for KC-390. By the way, the platform today is already compliant with [the] Buy American Act” and could be a “winning value proposition” for U.S. and international markets.
The companies are exploring options—and for Northrop, building on the company’s ongoing research and development in the area—to develop an autonomous boom that could be retrofitted for existing KC-390 aircraft.
“Key to this partnership is Northrop Grumman’s commitment to field a boom for the KC-390,” said Tim Walton, a senior fellow at Hudson Institute, told Defense One. “This commitment is bolstered by Northrop Grumman’s interest in also fielding fuel transfer systems for its other Next-Generation Air Refueling System offerings, an Northrop Grumman-designed low-observable aircraft and a Medium-sized Blended Wing Body design with JetZero.”
Northrop’s refueling technology efforts are part of a “metered investment” that could be demonstrated in the “low, single-digit years,” said Tom Jones, who leads the company’s aeronautics division.
KC-390s are already equipped with a probe-and-drogue refueling system, which is used for helicopters and some Navy aircraft. But adding a boom would allow it to refuel more types of aircraft, specifically U.S. Air Force planes.
“If Northrop is able to integrate a boom, the KC-390 would be able to refuel a broad range of receptacle receiver aircraft,” from the U.S. Air Force and worldwide, such as the F-35, Walton said.
KC-390s are already being flown by air forces in Brazil, Portugal, and Hungary with orders from Austria, the Czech Republic, Netherlands, Sweden, and South Korea, according to investor documents. It can seat about 80 troops, reconfigure for different missions—including stowing a folded Black Hawk—and does well with short runway takeoffs. And, for what it’s worth, the ride is better than a C-17.
The Embraer-Northrop deal comes as the Trump administration asks defense companies to produce weapons faster, spend their own money on developing new tech, and make products domestically.
It also follows Embraer’s failed partnership with L3Harris to develop aerial refueling capability. That coupling dissolved in 2024.
Still, Embraer has been persistent in its push to become a major player in the U.S. defense industry, even amid increased buy and build in America rhetoric since President Donald Trump took office in 2025. Other foreign-based defense contractors have also made known their interest in doing business with and in the U.S.
Embraer’s decadeslong presence in the U.S. is primarily with its executive jets—but the company wants to keep expanding its global defense business, which grew about 10 percent in 2025, according to an earnings release.
Last year, Air Force Special Operations Command agreed to buy three of Embraer’s A-29 Super Tucano, which are produced in a specialized facility in Jacksonville, Fla. Also, the Air Force is currently sketching out its Next Generation Air-refueling System program.
Executives wouldn’t say whether the new partnership hinged on U.S. Air Force buy-in, insisting instead there is enough demand regardless.
“Demand is there” for tankers globally, said Frederico Lemos, who leads Embraer’s international defense business. For example, nations with smaller air forces “want flexibility” and the ability to do “multiple missions” with a single aircraft, he said.
Editor’s note: This media trip was facilitated by Northrop Grumman and Embraer and included transportation via the KC-390.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
·
As the Pentagon prepares for war with Iran, the White House hasn’t yet decided what the purpose of such an attack would be, two major U.S. newspapers reported since Wednesday. According to the Wall Street Journal, “The U.S. is ready to take action against Iran, but President Trump hasn’t decided whether to order strikes or—if he does order them—whether the aim would be to halt Iran’s already-battered nuclear program, wipe out its missile force or try to topple the regime.”“Rarely in modern times has the United States prepared to conduct a major act of war with so little explanation and so little public debate,” David Sanger of the New York Times reports. “The president has given no speeches preparing the American public for a strike on a country of about 90 million people, and sought no approval from Congress. He has not explained why he has chosen this moment to confront Iran instead of, for example, North Korea, which in the years after Mr. Trump’s failed negotiations in the first term has expanded its nuclear arsenal to 60 or more warheads, by U.S. intelligence estimates, and is working to demonstrate they can reach the United States.”
Trump’s military planners have given him several paths for conflict, including “kill[ing] scores of Iranian political and military leaders, with the goal of overthrowing the government…as well as an air attack that would be limited to striking targets including nuclear and ballistic-missile facilities,” the Journal reports. “Both would involve a potentially weekslong operation.”
Trump says he wants to prevent Iran from obtaining a nuclear weapon. “They can't have a nuclear weapon and they've been told that very strongly,” he said Thursday. But in this regard, “he is in something of a diplomatic box,” Sanger writes. “He faces pressure to show that any new agreement he reached goes well beyond the 2015 deal” reached by President Obama. “But if he signs an agreement that does not address the [Iranian regime’s] missiles, he will appear to have sold out Israel.” And if the deal he agrees to doesn’t stop the regime from shooting protesters, “he will have abandoned a generation of Iranians who see the United States as their last chance to open the country up.” And on top of all this, Israeli Prime Minister Benjamin Netanyahu wants Trump to help kill all of Iran’s current leaders once and for all, at least in part to cement Bibi and Trump’s legacy throughout the region.
One important question: Is a U.S. attack on Iran legal? At this point, it certainly doesn’t seem so. For example, Iran poses no imminent threat to the U.S., and article 1(8) of the Constitution says only Congress has the power to “declare war.” But just as its decision to circumvent Congress and recast the Defense Department as the “War Department,” the Trump White House seems content to view war as more of a vibe than a legitimate endeavor sanctioned by American law and the courts. That’s partly why U.S. allies in Europe are especially concerned these days, and why its neighbor to the north appears to be the most concerned of all.
The U.S. won’t have the use of British airbases for an attack on Iran, the Times reported Thursday. “In a rift with Washington, the prime minister is understood to have told Trump that the UK would not allow the use of British facilities at Diego Garcia and RAF Fairford in Gloucestershire, which is home to America’s fleet of heavy bombers in Europe.”
Coupled with unpopular polling numbers, the White House’s war vibes are leading some academics to use the phrase “gambling for resurrection”: risky actions undertaken to reverse a leader’s declining political fortunes. Diversionary wars are among the most high-profile examples of this concept in political science.
Trump’s TV ally and Fox pundit Sean Hannity is helping to rattle sabers. “The mullahs should be very worried,” Hannity said Wednesday night on his show. “And I do have a little advice for the radical leaders in Iran. You may want to get on that plane to Russia sooner than you think. Sooner than later. Now would be a good time.”
Trump “is closer to a major war in the Middle East than most Americans realize,” Barak Ravid of Axios reported Wednesday, adding that “sources noted it would likely be a joint U.S.-Israeli campaign that's much broader in scope—and more existential for the regime—than the Israeli-led 12-day war last June.”
“With the attention of Congress and the public otherwise occupied, there is little public debate about what could be the most consequential U.S. military intervention in the Middle East in at least a decade,” Ravid warns. And “Such a war would have a dramatic influence on the entire region and major implications for the remaining three years of the Trump presidency.”
“The B-2 bombers are incredible. I never understood the B-2 bomber. I’d watch. It’s a wing, and I’ve never quite understood that,” Trump said Thursday in a meandering speech at the first meeting of his Board of Peace. “I'd look at it, I'd say it was beautiful, but what does it do? It carries very big bombs. And, uh, it went into Iran and it totally decimated the nuclear—nuclear potential. And when it did, when it decimated that, uh, all of a sudden, we had peace in the Middle East.” As for what’s next, “you're going to be finding out over the next probably 10 days,” he said.
Many traditional U.S. allies have rejected his invitation to join the Board of Peace, including Austria, France, Germany, Greece, Ireland, Italy, New Zealand, Norway, Poland, Slovenia, Sweden, the UK, Ukraine, and the Vatican. So far, the board’s membership consists “of largely oppressive and authoritarian world leaders,” the Guardian reported Thursday.
Nations that have joined include Albania, Argentina, Armenia, Azerbaijan, Bahrain, Belarus, Bulgaria, Cambodia, Egypt, El Salvador, Hungary, Indonesia, Israel, Jordan, Kazakhstan, Kuwait, Kosovo, Mongolia, Morocco, Pakistan, Paraguay, Qatar, Saudi Arabia, Turkey, United Arab Emirates, Uzbekistan, and Vietnam. “So far none appear to have tossed in the $1 billion that would give them permanent status,” historian Heather Cox Richardson noted Thursday.
The only one who has announced any money for the organization is Trump himself, who declared Thursday the U.S. will put $10 billion into the group. However, Richardson adds, “since Congress is the only body that can legally appropriate money in our system, it’s unclear how he intends to do this.”
Coverage continues below…
Welcome to this Friday edition of The D Brief, a newsletter focused on developments affecting the future of U.S. national security, brought to you by Ben Watson with Bradley Peniston. It’s more important than ever to stay informed, so we’d like to take a moment to thank you for reading. Share your tips and feedback here. And if you’re not already subscribed, you can do that here. On this day in 1944, the U.S. and British militaries launched a weeklong campaign of bombing Nazi aircraft factories in central and southern Germany.
New: The Supreme Court on Friday struck down Trump’s global tariffs, saying the president exceeded his authority by illegally circumventing Congress to carry out his wide-ranging economic campaign that affected many of America’s closest allies. Reuters described it as Trump’s “key economic and foreign policy tool” and “one that has alienated trading partners, affected financial markets and caused global economic uncertainty.”
The 6-3 decision will “force the government to unwind trade deals with other countries and potentially pay hefty refunds to importers,” the New York Times reports.
Additional reading: “US growth falls sharply to 1.4% rate in fourth quarter,” the Financial Times reported Friday, noting that figure is “far below Wall Street expectations, as the record federal shutdown hit government spending.”
Amid preparations for war, Trump just ordered the U.S. government to release information on alleged aliens and UFOs, the president announced on social media Thursday. “Based on the tremendous interest shown, I will be directing the Secretary of War, and other relevant Departments and Agencies, to begin the process of identifying and releasing Government files related to alien and extraterrestrial life, unidentified aerial phenomena (UAP), and unidentified flying objects (UFOs), and any and all other information connected to these highly complex, but extremely interesting and important, matters,” he said in an evening post.
Panning out: “Trump’s push to focus on aliens comes at the beginning of a hectic midterm election year, with a heavy public focus on information disclosed in files related to the disgraced financier Jeffrey Epstein—many of which mention Trump by name—as well as the issue of affordability, which has weighed on his popularity ratings,” Bloomberg reports.
Trump’s face is now on the Department of Justice building after workers unveiled a large vertical banner Thursday in a gesture the Associated Press described as “a striking symbol of the erosion of the department’s tradition of independence from White House control.”
“Similar banners were installed at other federal buildings last year, including the Agriculture Department and Labor Department,” adding to “a string of efforts by the administration to emblazon the president’s name and face on everything from coins to national park passes,” the New York Times reports.
“Such displays are more often a feature of countries run by dictators, not democratically elected leaders,” the Times notes. AP reminds readers as well that “The Trump administration has opened investigations into a number of the president’s perceived enemies, amplifying concerns that the agency is being used to exact revenge on his political foes.”
Trump also said Thursday that he wants to “test the law” and give himself the Congressional Medal of Honor for a visit to the Middle East in 2018. “I decided to go to Iraq and I flew to Iraq. I was extremely brave, in fact, so brave I wanted to give myself the Congressional Medal of Honor,” the president told a crowd Thursday at a rally in Georgia. “And I said, no, it's a little stretch if I gave myself one of them. But it's one of those things. Someday I'm going to try. I'm going to test the law.” He added, “Maybe I’ll win in court after everyone sues me.”
And lastly this week, the Army’s looking for the best drone pilots. You’ve probably heard of Best Ranger or Best Sapper: Army competitions that test the skills of teams of infantrymen and combat engineers. This year, the service added Best Drone Warfighter, Defense One’s Meghann Myers reported Thursday.
The inaugural battle kicked off Tuesday at the University of Alabama in Huntsville, bringing teams from across the active, Reserve, and National Guard components of the Army to test their skills and possibly win a slot on the service’s drone competition team. The three-day meet included two different lanes, plus a separate innovation competition where soldiers could submit white papers and custom drone builds, or demonstrate their piloting skills.
Why now? The Army is moving away from its previous drone operator model, which trained soldiers in its aviation branch to operate specific platforms. Instead, it’s likely that soldiers with additional training in operating UAS will be integrated into infantry, armor and other frontline units, where new doctrine will have them working alongside machine gunners, Abrams tanks, and howitzers. Continue reading, here.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶