Session 12D: ML Backdoors Authors, Creators & Presenters: Hanlei Zhang (Zhejiang University), Yijie Bai (Zhejiang University), Yanjiao Chen (Zhejiang University), Zhongming Ma (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER BARBIE: Robust Backdoor Detection Based On Latent Separability Backdoor attacks are…
Under the Hood of DynoWiper, (Thu, Feb 19th)
[This is a Guest Diary contributed by John Moutos] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Under the Hood of DynoWiper, (Thu, Feb 19th)
Ask Me Anything Cyber: Pursuing a Degree in Cybersecurity
A recording from CyberMaterial’s live video This article has been indexed from CyberMaterial Read the original article: Ask Me Anything Cyber: Pursuing a Degree in Cybersecurity
CryptoCore / UNC1069
North Korean financially motivated threat actors, AI-Enabled Social Engineering and the New Face of Crypto Intrusions. This article has been indexed from CyberMaterial Read the original article: CryptoCore / UNC1069
IT Security News Hourly Summary 2026-02-19 21h : 11 posts
11 posts were published in the last hour 19:34 : MCP Servers Expose a Hidden AI Attack Surface in Enterprise Environments 19:34 : Germany’s national rail operator Deutsche Bahn hit by a DDoS attack 19:34 : Why LLMs Make Terrible…
MCP Servers Expose a Hidden AI Attack Surface in Enterprise Environments
MCP servers can be exploited for code execution, data exfiltration and zero-click supply chain attacks in AI-driven environments. The post MCP Servers Expose a Hidden AI Attack Surface in Enterprise Environments appeared first on eSecurity Planet. This article has been…
Germany’s national rail operator Deutsche Bahn hit by a DDoS attack
Germany’s national rail operator, Deutsche Bahn, suffered a major DDoS attack that disrupted booking and information systems for several hours. Germany’s rail operator Deutsche Bahn was hit by a large-scale DDoS attack that disrupted information and booking systems for several…
Why LLMs Make Terrible Databases and Why That Matters for Trusted AI
Large language models (LLMs) are now embedded across the SDLC. They summarize documentation, generate code, explain vulnerabilities, and assist with architectural decisions. The post Why LLMs Make Terrible Databases and Why That Matters for Trusted AI appeared first on Security…
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 9, 2026 to February 15, 2026)
🔥🔥🔥 Triple Threat Bug Bounty Challenge 🔥🔥🔥 Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026, earn three stacked bonuses on all valid submissions from our ‘High Threat Vulnerabilities’ list: 💰 2x all high threat vulnerability bounties (excluding 5,000,000+ installs) 📈 +30% bonus for…
Using AI to defeat AI
In this week’s newsletter Martin considers how defenders can turn offensive AI tools against themselves. This article has been indexed from Cisco Talos Blog Read the original article: Using AI to defeat AI
OpenClaw’s Top Skill is a Malware that Stole SSH Keys and Opened Reverse Shells in 1,184 Packages
The most downloaded AI agent skill on OpenClaw’s ClawHub marketplace was functional malware, not a productivity tool. OpenClaw, an open-source AI agent platform, operates a public skill marketplace called ClawHub, where third-party developers can publish plugins, or “skills,” that extend…
Adidas Investigates Alleged Data Breach – 815,000 Records of Customer Data Stolen
Adidas has confirmed it is actively investigating a potential data breach involving one of its independent third-party partners after a threat actor operating under the alias “LAPSUS-GROUP” posted claims on BreachForums on February 16, 2026, alleging unauthorized access to the…
Crims hit a $20M jackpot via malware-stuffed ATMs
FBI warns these cyber-physical attacks are on the rise Thieves stole more than $20 million from compromised ATMs last year using a malware-assisted technique that the FBI says is on the uptick across the United States.… This article has been…
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and…
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took…
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware…
Automating Unix Security Across Hybrid Clouds
In modern DevOps, we automate deployments, testing, and infrastructure provisioning. Yet, in many organizations, server patching remains a manual, high-friction event. Admins log in late at night, run scripts, and hope services restart correctly. This manual approach is a security…
News alert: Link11’s ‘AI Management Dashboard’ makes AI traffic, AI access policies enforceable
FRANKFURT, Feb. 19, 2026, CyberNewswire — Link11 launches its new “AI Management Dashboard”, closing a critical gap in how companies manage AI traffic. Artificial intelligence is fundamentally changing internet traffic. But while many companies are already feeling the … (more…)…
Keeping Google Play & Android app ecosystems safe in 2025
Posted by Vijaya Kaza, VP and GM, App & Ecosystem Trust The Android ecosystem is a thriving global community built on trust, giving billions of users the confidence to download the latest apps. In order to maintain that trust, we’re…
better-auth Flaw Allows Unauthenticated API Key Creation
A better-auth flaw lets attackers create API keys for arbitrary users, risking account takeover and MFA bypass. The post better-auth Flaw Allows Unauthenticated API Key Creation appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Valmet DNA Engineering Web Tools
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access. The following versions of Valmet DNA Engineering Web Tools are affected: Valmet DNA Engineering…
Jinan USR IOT Technology Limited (PUSR) USR-W610
View CSAF Summary Successful exploitation of these vulnerabilities could result in authentication being disabled, a denial-of-service condition, or an attacker stealing valid user credentials, including administrator credentials. The following versions of Jinan USR IOT Technology Limited (PUSR) USR-W610 are affected:…
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller
View CSAF Summary Successful exploitation of this vulnerability could result in an over- or under-odorization event. The following versions of Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller are affected: OdorEyes EcoSystem Pulse Bypass System with XL4 Controller vers:all/*…
EnOcean SmartServer IoT
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and bypass ASLR. The following versions of EnOcean SmartServer IoT are affected: SmartServer IoT <=4.60.009 (CVE-2026-20761, CVE-2026-22885) CVSS Vendor Equipment Vulnerabilities v3 8.1…