A major data breach at business services provider Conduent has spiraled into a large-scale security incident affecting at least 25 million people across the United States, with Volvo Group North America among the latest victims. The breach, originally disclosed…
Microsoft Uncovers DNS-Based ClickFix Variant as Stealer Campaigns Escalate Across Windows and macOS
Microsoft has revealed a new evolution of the ClickFix social engineering technique, where attackers manipulate users into executing commands that initiate a Domain Name System (DNS) lookup to fetch a secondary malicious payload. In this updated approach, threat actors…
Cyber Briefing: 2026.02.16
Microsoft flags ClickFix DNS RAT delivery, Lazarus spreads malicious npm/PyPI packages, ZeroDayRAT enables mobile spying, major breaches and ransomware payments disclosed. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.16
Automating the DFIR Triage Loop With Memory Forensics and LLMs
Most modern security operations centers (SOCs) face a problem of speed and volume of data collection. While collecting data is no longer the issue in many cases, analyzing it is — especially during high-priority incidents. To collect forensic evidence in…
Open source registries don’t have enough money to implement basic security
Free beer is great. Securing the keg costs money fosdem 2026 Open source registries are in financial peril, a co-founder of an open source security foundation warned after inspecting their books. And it’s not just the bandwidth costs that are…
Palo Alto Networks Completed Acquisition of Identity Security Firm CyberArk
Palo Alto Networks has finalized its acquisition of CyberArk, a leading identity security firm, in a landmark $25 billion deal. This completion, announced on February 11, 2026, positions identity security as a foundational element of the company’s platform strategy amid…
LockBit’s New 5.0 Version Attacking Windows, Linux and ESXI Systems
A dangerous new version of LockBit ransomware has emerged, targeting multiple operating systems and threatening businesses worldwide. LockBit 5.0, released in September 2025, represents a major upgrade to one of the most active ransomware families in recent years. This version…
New Clickfix Variant ‘Matryoshka’ Attacking Users to Deploy macOS Stealer Malware
A sophisticated social engineering campaign targeting macOS users has emerged, deploying a dangerous stealer malware through an evolved version of the ClickFix attack technique. Named “Matryoshka” after the Russian nesting dolls, this variant uses nested obfuscation layers to hide malicious…
Meta Business Admins Exposed by 2FA-Harvesting Chrome Extension
A fake Meta Business Chrome extension stole 2FA secrets to hijack accounts. The post Meta Business Admins Exposed by 2FA-Harvesting Chrome Extension appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Meta…
ClickFix Campaign Uses Fake CAPTCHA Pages to Deliver StealC Malware on Windows
A ClickFix campaign uses fake CAPTCHA pages to trick Windows users into launching StealC malware. The post ClickFix Campaign Uses Fake CAPTCHA Pages to Deliver StealC Malware on Windows appeared first on eSecurity Planet. This article has been indexed from…
ClawBands GitHub Project Looks to Put Human Controls on OpenClaw AI Agents
A software developer has created ClawBands, a project on GItHub that is designed to put human-in-the-loop controls on OpenClaw, the highly popular personal AI assistant that comes with a range of security risks. At the same time, OpenClaw developer Peter…
Microsoft equips CISOs and AI risk leaders with a new security tool
Microsoft released Security Dashboard for AI in public preview for enterprise environments. The dashboard aggregates posture and real-time risk signals from Microsoft Defender, Microsoft Entra, and Microsoft Purview into a single view within security tools. Security Dashboard for AI in…
Passwork 7.4 enhances enterprise security with centralized User vault restrictions
Passwork has released version 7.4, introducing restrictive settings for User vaults along with enhancements to improve security and user experience. The update enables administrators to enforce stricter controls over password sharing and distribution, reducing data breach risks and supporting compliance…
LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi
The Acronis Threat Research Unit (TRU) has identified a new and significantly enhanced version of the LockBit ransomware, LockBit 5.0, currently being deployed in active campaigns. The latest variant demonstrates expanded cross-platform capabilities, enabling attackers to target Windows, Linux, and…
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and…
Tenga Says Hacker Stole Customer Data
Tenga recently alerted customers that an unauthorized individual gained access to an employee’s professional email account, exposing personal data like names and order histories. This article has been indexed from CyberMaterial Read the original article: Tenga Says Hacker Stole Customer…
York City Cyberattack Led to $500K Ransom
York City paid a $500,000 ransom to regain control of its computer systems following a major cyberattack that occurred last summer. This article has been indexed from CyberMaterial Read the original article: York City Cyberattack Led to $500K Ransom
Amazon Ends Surveillance Firm Partnership
Amazon has ended its partnership with Flock Safety, a license-plate surveillance firm, following public outcry over a Ring Super Bowl advertisement that showcased AI-powered tracking capabilities. This article has been indexed from CyberMaterial Read the original article: Amazon Ends Surveillance…
California AG Announces $2.75M Disney Deal
California Attorney General Rob Bonta has reached a 2.75 million dollar settlement with the Walt Disney Company following allegations that it failed to honor consumer requests to opt out of data sharing. This article has been indexed from CyberMaterial Read…
Google Links Russian Actor to CANFAIL
A newly discovered hacking group linked to Russian intelligence is actively targeting Ukrainian infrastructure with a specialized malware strain called CANFAIL. This article has been indexed from CyberMaterial Read the original article: Google Links Russian Actor to CANFAIL
CISA Navigates DHS Shutdown With Reduced Staff
CISA is currently operating at roughly 38% capacity (888 out of 2,341 staff) due to the DHS shutdown that began February 14, 2026. The post CISA Navigates DHS Shutdown With Reduced Staff appeared first on SecurityWeek. This article has been…
Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security
The latest Android version continues to improve security and privacy, according to its developers. The post Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
New ClickFix Campaign Uses Nslookup to Fetch Malicious PowerShell Script
According to Microsoft, the ClickFix social engineering technique has evolved in a refined manner, emphasizing that even the most common software applications can be repurposed into covert channels for malware distribution. Using this latest iteration, hackers are no longer…
IT Security News Hourly Summary 2026-02-16 15h : 9 posts
9 posts were published in the last hour 13:32 : Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics 13:32 : Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices 13:32 : Microsoft alerts…