-
A large-scale supply chain poisoning campaign dubbed ClawHavoc has hit OpenClaw’s official skill marketplace, ClawHub, with at least 1,184 malicious “Skills” historically published on the platform. The incident highlights how fast-growing AI agent ecos…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ClickFix is being weaponized against macOS developers by turning a trusted Homebrew workflow into a stealthy delivery channel for a new infostealer dubbed Cuckoo Stealer. The campaign shows how attackers can skip exploit chains entirely and instead rel…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Palo Alto Networks announced on February 17, 2026, that it has entered a definitive agreement to acquire Koi Security, a pioneer in Agentic Endpoint Security. The acquisition aims to address a critical security gap created by AI agents and tools that o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An aggressive malware campaign targeting IT professionals in cryptocurrency, Web3, and AI to steal sensitive data and live crypto funds from victim wallets. The attackers pose as recruiters and use trojanized coding tasks to deliver two core malware fa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new Linux malware sample that strongly aligns with the SysUpdate malware family used by APT27/Iron Tiger. Initially detected on a client’s system, the binary behaved like a system service and executed the GNU/Linux id command when run without specifi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog. This specific security flaw, identified as CVE-2008-0015, impact…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign is targeting MetaMask users with cleverly crafted emails designed to trick recipients into enabling a fake Two-Factor Authentication (2FA) setup. The lure includes a forged “security report” PDF meant to mimic a legitimate notif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Google Chromium engine to its Known Exploited Vulnerabilities (KEV) catalog. Tracking as CVE-2026-2441, this security flaw is curren…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware loader, dubbed Foxveil, that abuses trusted platforms such as Cloudflare Pages, Netlify, and Discord to stage and deliver malicious payloads while evading traditional detection methods. Active since at least August 2025, the loader is use…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
