-
WhatsApp is developing a new feature to significantly strengthen account security by introducing optional account passwords. Currently available in the Google Play Beta Program through version 2.26.7.8, this functionality aims to add another robust lay…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are using commercial AI models DeepSeek and Claude to automate attacks against FortiGate firewalls worldwide, turning basic misconfigurations into a high‑volume intrusion campaign. In early February 2026, a misconfigured SimpleHTTP server runni…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has rolled out an emergency security update for its Chrome browser, addressing three high-severity vulnerabilities. This update targets users on Windows, Mac, and Linux platforms, aiming to patch critical flaws that could compromise system secur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GrayCharlie is abusing compromised WordPress sites to silently load malicious JavaScript that pushes NetSupport RAT, often followed by Stealc and SectopRAT, via fake browser updates and ClickFix lures. Insikt Group tracks GrayCharlie as a financially m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New phishing framework Starkiller is enabling more convincing, scalable credential theft by proxying real login pages and bypassing multi-factor authentication (MFA), significantly raising the bar for defenders. Traditional phishing kits typically serv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in Roundcube Webmail. These vulnerabilities, CVE-2025-49113 and CVE-2025-68461, are…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious security flaw in jsPDF, a widely used JavaScript library for generating PDFs in web browsers, puts millions of developers and their users at risk. CVE-2026-25755 allows attackers to perform PDF Object Injection through the library’s add…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hewlett Packard Enterprise (HPE) has issued a security bulletin warning customers of a serious vulnerability in its Telco Service Activator product that could allow attackers to remotely bypass access restrictions. The vulnerability, identified as CVE-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean state-backed hackers are running large-scale fake IT worker and “Contagious Interview” campaigns that abuse developer hiring workflows to deliver JavaScript-based malware, steal code and credentials, and covertly generate revenue for the r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DPRK-linked operators are maintaining a relentless focus on the crypto sector, with activity accelerating rather than slowing in the year since the record-breaking Bybit breach. On 21 February 2025, threat actors linked to North Korea stole around 1.46…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
