Threat actors are abusing shareable ChatGPT and Grok conversations and pushing them with Google Search ads to trick macOS users into running Terminal commands that install the Atomic macOS Stealer (AMOS). This campaign shows how attackers now blend social engineering…
Windows Shell Zero-Day Vulnerability Allows Attackers to Bypass Authentication
Microsoft has issued an urgent security warning following the discovery of a zero-day vulnerability in the Windows Shell, now tracked as CVE-2026-21510. This critical flaw, which carries a high severity score of 8.8, is currently being exploited in the wild, forcing a…
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. “The intrusion relied on a social engineering scheme…
Legacy IRC Botnet Leverages Automated SSH Exploit Pipeline to Mass-Enroll Linux Hosts
Identified through data captured by our SSH honeypots over two months, this campaign represents a sophisticated blend of eras. It merges “old-school” Internet Relay Chat (IRC) botnet tactics from the late 2000s with modern, automated mass-compromise techniques. While the infrastructure…
GitLab Patches Multiple Vulnerabilities That Enables DoS and Cross-site Scripting Attacks
A critical security update has been released for both the Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, available in versions 18.8.4, 18.7.4, and 18.6.6, fix flaws that could allow attackers to crash servers,…
Cisco enhances security for enterprise AI adoption
Cisco announced a suite of capabilities to help enterprises adopt agentic AI with confidence, combining agent protection, interaction governance, and resilient connectivity for AI-driven workflows. As organizations move from AI assistants to autonomous agents that use tools and data across…
Cephalus Ransomware Emerges as Go-Based Double-Extortion Threat Exploiting Exposed RDP Access
A sophisticated ransomware operation known as Cephalus has emerged as a significant cybersecurity threat since mid-2025, exploiting exposed Remote Desktop Protocol (RDP) services to breach organizations worldwide. Developed in the Go programming language, this malware represents a growing trend of…
FortiOS Vulnerability Enables LDAP Authentication Bypass
Fortinet has issued a high-severity security advisory regarding a vulnerability in specific versions of its FortiOS operating system. The flaw, identified as CVE-2026-22153, could allow unauthorized attackers to bypass authentication mechanisms, potentially granting them access to critical network resources. The vulnerability…
Trellix SecondSight identifies subtle indicators of an active breach
Trellix announced Trellix SecondSight, a threat hunting service designed to proactively identify low-noise advanced threats often undetected, reducing organizational risk for Trellix customers. “Threat actors’ use of AI has significantly increased alert fatigue for security analysts,” said John Fokker, VP…
Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy
Global retail and beauty brands manage a unique cybersecurity balancing act. They depend on consumer trust, massive volumes of personal data, and a sprawling network of vendors, while also managing thousands of physical locations and dynamic digital growth. In this…
AI-Generated Text and the Detection Arms Race
In 2023, the science fiction literary magazine Clarkesworld stopped accepting new submissions because so many were generated by artificial intelligence. Near as the editors could tell, many submitters pasted the magazine’s detailed story guidelines into an AI and sent in…
Windows Notepad Vulnerability Allows Attackers to Execute Code Remotely
Microsoft has patched a critical remote code execution (RCE) flaw in the Windows Notepad app, tracked as CVE-2026-20841, which could let attackers run malicious code on victims’ machines. Disclosed on February 10, 2026, Microsoft Patch Tuesday updates, the vulnerability stems…
Zen-AI-Pentest: Open-source AI-powered penetration testing framework
Zen-AI-Pentest provides an open-source framework for scanning and exercising systems using a combination of autonomous agents and standard security utilities. The project aims to let users run an orchestrated sequence of reconnaissance, vulnerability scanning, exploitation, and reporting using AI guidance…
GitLab Patches Multiple Vulnerabilities Enabling DoS and Cross-Site Scripting Attacks
GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. These patches, detailed in the release notes for versions 18.8.4, 18.7.4, and 18.6.6, resolve flaws that could allow attackers to…
UK Construction Company’s Windows Server Infiltrated by Prometei Botnet
In January 2026, a construction company in the United Kingdom found an unwelcome presence inside one of its Windows servers. Cybersecurity analysts from eSentire’s Threat Response Unit (TRU) determined that the intruder was a long-running malware network known as…
Product showcase: PCAPdroid analyzes Android app network activity
PCAPdroid is a free, open-source Android app that allows inspection of network traffic. Installation is straightforward and does not require creating an account. To begin capturing traffic, a VPN request must be accepted, which allows the app to monitor network…
Unsupported Edge Devices Present Global Threat, OpenClaw Threats Continue – Cybersecurity Today
In this episode of Cybersecurity Today, host Jim Love discusses the increasing risks posed by unsupported edge devices in global infrastructure. Highlighted by a recent cyber incident in Poland’s energy sector, edge devices are becoming critical vulnerabilities due to their…
Microsoft Patch Tuesday February 2026 Fixes 54 Flaws, 6 Zero-Days Under Active Exploitation
Microsoft’s February 2026 Patch Tuesday update has arrived with critical urgency, addressing 54 security vulnerabilities across its ecosystem. This month’s release is particularly severe due to the inclusion of six zero-day vulnerabilities that are currently being exploited in the wild. Security teams are urged…
Coinbase Cartel Shifts to Data-Theft-First Tactics, Targeting High-Value Industries
A ransomware threat actor calling itself Coinbase Cartel has quickly become one to watch, not because it locks files, but because it often doesn’t. First seen in September 2025, the group claimed 14 victims in that single month and later…
Security teams are paying for sprawl in more ways than one
Most enterprises run security programs across sprawling environments that include mobile devices, SaaS applications, cloud infrastructure, and telecom networks. Spend control in these areas often sits outside the security organization, even when the operational consequences land directly on security teams.…
IT Security News Hourly Summary 2026-02-11 06h : 1 posts
1 posts were published in the last hour 4:15 : The Cyberattack That Exposed the Fragility of Digital Heritage
The Cyberattack That Exposed the Fragility of Digital Heritage
Saturday 28 October 2023 is a date that will live long in the memory of staff at the British Library. As they arrived for work that day, they encountered chaos taking place. Servers were no longer online. Crucial systems were…
Taxing times: Top IRS scams to look out for in 2026
It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy. This article has been indexed from WeLiveSecurity Read the original article: Taxing times: Top IRS scams to look out for…
Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild to Escalate Privileges
Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are exploiting in the wild to gain SYSTEM-level access. The flaw stems from improper privilege management and was addressed in the February…