Hackers are abusing steganography in PNG images to smuggle a Pulsar Remote Access Trojan (RAT) into Windows systems through a malicious NPM package named buildrunner‑dev. The attack starts with a typosquatted NPM package, buildrunner‑dev, which impersonates the abandoned “buildrunner”/“build-runner” tools to catch…
LUKS Encryption Compromised on Linux ICS Devices via TPM Bus Sniffing Exploit
Security researchers Per Idenfeldt Okuyama and Sam Eizad have uncovered a critical physical attack vulnerability in the Moxa UC-1222A Secure Edition industrial computer, demonstrating that its LUKS full-disk encryption can be fully defeated by passively sniffing the SPI bus between…
Hackers Leverage DeepSeek and Claude to Attack FortiGate Devices Worldwide
In early February 2026, a significant cybersecurity threat emerged involving the sophisticated use of Large Language Models (LLMs) in active intrusion campaigns. A misconfigured server exposed a detailed software pipeline where threat actors integrated DeepSeek and Claude into their attack…
OpenClaw Releases 2026.2.23 Released With Security Updates and New AI features
OpenClaw, the open-source personal AI assistant with over 215,000 GitHub stars, has released version 2026.2.23, emphasizing robust security hardening alongside advanced AI integrations. This update addresses multiple vulnerabilities and introduces features like Claude Opus 4.6 support, making it a timely…
The Growing Risk of Malicious Apps in a Mobile-First Workplace
Malicious and risky mobile apps are exposing enterprise data. Learn why mobile-first workplaces need behavior-based app security visibility. The post The Growing Risk of Malicious Apps in a Mobile-First Workplace appeared first on Security Boulevard. This article has been indexed…
Master Your Passwordless Future: Introducing Thales Authenticator Lifecycle Manager
Master Your Passwordless Future: Introducing Thales Authenticator Lifecycle Manager madhav Tue, 02/24/2026 – 07:53 The move to passwordless authentication is no longer a distant goal; it’s a present-day necessity. Organizations are rapidly adopting FIDO2 authenticators to defend against phishing and…
IT Security News Hourly Summary 2026-02-24 09h : 5 posts
5 posts were published in the last hour 7:32 : Model Inversion Attacks: Growing AI Business Risk 7:32 : So You Think You Have Cyber Insurance? The Breach is Only the First Incident. The Claim is the Second. 7:32 :…
Model Inversion Attacks: Growing AI Business Risk
In an era where artificial intelligence (AI) and machine learning (ML) are driving unprecedented innovation and efficiency, a new class of cyber threats has emerged that puts sensitive data and entire business operations at serious risk. Among these threats, model…
So You Think You Have Cyber Insurance? The Breach is Only the First Incident. The Claim is the Second.
Explore the complexities of cyber insurance, including common claim denials, coverage disputes, and evolving risks like ransomware, AI fraud, and BEC. Learn how to navigate insurance ecosystems to secure reliable coverage that stands firm in loss situations. The post So…
Why CISOs should prioritize continuous controls monitoring in 2026
In a recent roundup of strategic initiatives for CISOs, I argued that continuous assurance is the 2026 operating model. Across all ten initiatives, the pattern was clear. Security is no longer being evaluated by effort, it’s being evaluated by outcomes.…
AI is becoming part of everyday criminal workflows
Underground forums include long threads about chatbots drafting phishing emails, generating code snippets, and coaching social engineering calls. A new study examined conversations captured between January 1, 2025 and July 31, 2025 across dozens of cybercrime forums to map how…
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude’s capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with its…
Fake Huorong Site Delivers ValleyRAT Backdoor in Targeted Malware Campaign
A typosquatted copy of the popular Huorong Security antivirus site is being used to deliver ValleyRAT, a modular remote access trojan (RAT) built on the Winos4.0 framework, to users who believe they are downloading legitimate protection software. The attackers registered…
Why SOCs are moving toward autonomous security operations in 2026
The modern security operations center faces a crisis of scale that human effort cannot fix. With alert volumes exponentially growing and threat actors automating their attacks, organizations must pivot to autonomous SOC strategies. This shift to AI-driven defense is the…
Odido Faces Alleged Data Breach as ShinyHunters Claims 21M Records Exposed
A notorious cybercriminal group, ShinyHunters, has claimed responsibility for a massive data breach involving Odido and BEN, exposing millions of customer records. The group asserts that Odido, a Dutch telecommunications provider, was not truthful in its initial disclosure of the…
Anthropic Facing Allegations from Musk Over Large‑Scale Data Misuse
Tech billionaire Elon Musk has publicly condemned the artificial intelligence firm Anthropic, accusing the company of massive data theft and hypocrisy. This confrontation follows Anthropic’s recent claims that competing Chinese artificial intelligence models unlawfully extracted training data from its flagship…
Security and complexity slow the next phase of enterprise AI agent adoption
Enterprise AI agents are embedded in routine business processes, particularly inside engineering and IT operations. Many organizations report active production deployments, and agent development ranks high on strategic agendas. A new study from Docker, The State of Agentic AI Report,…
ClickFix Infostealer Spreads via Fake CAPTCHA Traps, Targeting Unsuspecting Users
A new wave of the ClickFix Infostealer campaign that abuses fake CAPTCHA pages to deliver credential-stealing malware. Initially detected through late-stage Endpoint Detection and Response (EDR) alerts, the campaign shows strong similarities to the ClickFix operation targeting restaurant reservation systems in July 2025,…
Americans Lost Over $20 million in ATM “Jackpotting” Attacks
Malware-fuelled ATM “jackpotting” attacks are surging across the United States, with the FBI warning that incidents have spiked sharply in 2025. In a recent alert, the Bureau said it has recorded around 1,900 ATM jackpotting incidents since 2020. Alarmingly, more than…
PayPal Customer Data Exposed for Six Months in Breach
PayPal has disclosed a data breach that exposed some of its customers’ personal information and led to fraudulent transactions. The company said it happed due to an error in its PayPal Working Capital (“PPWC”) loan application, an offering that gives businesses a cash advance based on…
Binding Operational Directive 26-02 sets deadlines for edge device replacement
In this Help Net Security video, Jen Sovada, General Manager, Public Sector at Claroty, explains CISA’s Binding Operational Directive 26-02 and what it means for federal agencies. The directive requires agencies to inventory, report, decommission, and replace unsupported edge devices…
WhatsApp Rolls Out Optional Password Feature to Strengthen User Security
WhatsApp is developing a new feature to significantly strengthen account security by introducing optional account passwords. Currently available in the Google Play Beta Program through version 2.26.7.8, this functionality aims to add another robust layer of defense against unauthorized access…
$10K+ Bounty Offered to Hacker Who Can Disconnect Ring Video Doorbells from Amazon Cloud
A newly launched bug bounty program is offering nearly $18,000 to anyone who can successfully disconnect Ring Video Doorbells from Amazon’s cloud servers while keeping the devices fully functional. This initiative aims to address ongoing privacy concerns about Ring’s data-handling…
WhatsApp Introduces Optional Account Password Feature to Strengthen Login Security
WhatsApp has released a new Android update through the Google Play Beta Program, bringing the version up to 2.26.7.8. The update reveals that WhatsApp is actively developing an optional account password feature designed to add another layer of security on…