-
Silver Fox APT is running a new wave of targeted attacks in Taiwan that combine DLL sideloading and Bring Your Own Vulnerable Driver (BYOVD) techniques to deploy Winos 4.0 (ValleyRat) while aggressively disabling security tools. The campaigns rely on h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Serious vulnerabilities in four popular Visual Studio Code (VS Code) extensions, affecting over 128 million downloads. These flaws, including three assigned CVEs CVE-2025-65715, CVE-2025-65716, and CVE-2025-65717, highlight IDEs as the weakest link in …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A cache deception vulnerability in SvelteKit apps deployed on Vercel exposes sensitive user data to attackers. The flaw allows publicly cached responses to be authenticated. SvelteKit, a full-stack JavaScript framework, often pairs with Vercel for depl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Feb. 20, 2026 – Advantest Corporation, a top supplier of semiconductor test equipment, revealed it is battling a ransomware attack that struck its network last weekend. The incident, detected on February 15 (JST), has disrupted multiple systems and rai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious flaw in Splunk Enterprise for Windows that lets low-privileged users hijack DLL loading and escalate to SYSTEM-level access. Tracked as CVE-2026-20140, this local privilege escalation (LPE) vulnerability stems from DLL search-order hijacking …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic has quietly flipped the script on application security. On February 20, the company launched Claude Code Security, a new capability baked directly into Claude Code on the web that automatically scans entire repositories for sophisticated vuln…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for nearly six months due to a software error in its PayPal Working Capital (PPWC) lo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Federal authorities arrested three Silicon Valley engineers on Thursday, charging them with conspiring to steal trade secrets from Google and other tech giants. The case highlights growing insider threats in the chip design sector, where foreign advers…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A popular open-source automation server used by developers worldwide to build, test, and deploy software faces serious security risks from recent flaws. On February 18, 2026, two vulnerabilities were detailed in the core Jenkins software. The most crit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has revealed that it blocked more than 1.75 million malicious or policy‑violating Android apps from reaching users through the Play Store in 2025, highlighting a major AI‑driven push to secure the mobile ecosystem against malware, fraud, and pri…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
