A serious security incident has recently emerged involving Feiniu (fnOS) Network Attached Storage devices. These systems are being actively targeted and infected by the Netdragon botnet, a malware strain that first appeared in October 2024. The attackers are leveraging undisclosed…
DShield Sensor Captures Self-Propagating SSH Worm Exploit Using Credential Stuffing and Multi-Stage Malware
A sophisticated self-spreading worm has emerged that can completely compromise Linux systems through SSH brute-force attacks in just four seconds. This new threat combines traditional credential stuffing techniques with modern cryptographic command verification, creating a fast-moving botnet that specifically targets…
DragonForce Ransomware Group Expands Its Influence with Cartel-like Operations and Targeting 363 Companies Since 2023
DragonForce has established itself as a formidable entity in the cybercrime landscape, having been active since December 2023. Operating under a sophisticated Ransomware-as-a-Service (RaaS) model, the group aggressively brands itself as a “cartel” to consolidate power and influence. This strategic…
ORB Networks Mask Cyberattacks Using Compromised IoT Devices and SOHO Routers
Operational Relay Box networks have emerged as one of the most sophisticated tools used by threat actors to hide their cyberattacks from security teams worldwide. These obfuscated mesh networks consist of compromised Internet-of-Things devices, Small Office/Home Office routers, and Virtual…
287 Chrome Extensions Exfiltrate Browsing History From 37.4 Million Users
A massive data exfiltration operation involving 287 Chrome extensions that secretly steal browsing history from approximately 37.4 million users worldwide. According to research with alias qcontinuum1, the discovery represents roughly one percent of the global Chrome user base, highlighting a…
Constella Intelligence Unveils 2026 Identity Breach Report: The Industrialization of Identity
New research reveals a 1-trillion-attribute threat landscape driven by machine speed and scale, and high-density credential consolidation. LOS ALTOS, CA — February 12, 2026 — Constella, the leader in Identity Risk Intelligence, today announced the release of its flagship 2026 Identity Breach…
NDSS 2025 – Revisiting Concept Drift In Windows Malware Detection
Session 12B: Malware Authors, Creators & Presenters: Adrian Shuai Li (Purdue University), Arun Iyengar (Intelligent Data Management and Analytics, LLC), Ashish Kundu (Cisco Research), Elisa Bertino (Purdue University) PAPER Revisiting Concept Drift in Windows Malware Detection: Adaptation to Real Drifted…
Model Context Protocol Security Crisis Deepens as Exposed AI Agents Create Massive Attack Surface
The Model Context Protocol (MCP) continues to face mounting security concerns that show no signs of fading. When vulnerabilities were first highlighted last October, early research already pointed to serious risks. Findings from Pynt indicated that installing just 10…
Exposed Training Opens the Gap for Crypto Mining in Cloud Enviornments
Purposely flawed training apps are largely used for security education, product demonstrations, and internal testing. Tools like bWAPP, OWASP Juice Shop, and DVWA are built to be unsafe by default, making them useful to learn how common attack tactics work…
More U.S. investors sue South Korean government over handling of Coupang data breach
Coupang’s massive data breach has sparked U.S. investor lawsuits against the South Korean government over alleged discrimination This article has been indexed from Security News | TechCrunch Read the original article: More U.S. investors sue South Korean government over handling…
The Evolving Role of The CISO In Today’s Security Landscape
Introduction Over the past decade, few corporate roles have transformed as rapidly or as profoundly as the Chief Information Security Officer (CISO). Once regarded as a deeply technical position responsible for firewalls,… The post The Evolving Role of The CISO In Today’s…
Is Your Small Business Truly Protected from Cybersecurity Threats?
Cybersecurity threats are increasing at a sobering rate, with 600 million cyberattacks occurring every day worldwide. It is estimated a cyberattack is taking place against a small business every 11 seconds and average losses… The post Is Your Small Business Truly Protected from Cybersecurity…
Israel’s Cybersecurity Machine: Inside the Playbook Powering Tel Aviv’s Exit Factory
If you’ve been in cybersecurity for more than five minutes, you already know the script: some ex–Unit 8200 founders spin out of an Israeli startup, raise a monster round from… The post Israel’s Cybersecurity Machine: Inside the Playbook Powering Tel…
The Unknown Present: Why Safety Fails the Moment, We Need It Most
Modern disasters rarely occur because safety standards were absent. They occur because, at the moment of need, no one could evidence whether safety still existed. This distinction is uncomfortable, because… The post The Unknown Present: Why Safety Fails the Moment,…
Prioritizing Control of Unmanaged Identities for The Modern Enterprise
As organizations accelerate digital transformation through cloud migration and rapid AI integration, a growing risk is emerging in the form of unmanaged identities. These include both human and machine identities,… The post Prioritizing Control of Unmanaged Identities for The Modern…
IT Security News Hourly Summary 2026-02-12 18h : 8 posts
8 posts were published in the last hour 16:32 : How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development 16:32 : 42,900 OpenClaw Exposed Control Panels and Why You Should Care 16:31 : Malicious Outlook Add-In Hijack Steals…
How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development
Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. The post How to Eliminate the Technical Debt of Insecure AI-Assisted Software…
42,900 OpenClaw Exposed Control Panels and Why You Should Care
Over the past two weeks, most coverage around Moltbot and OpenClaw has chased the flashy angle. One-click exploits, remote code execution, APT chatter, scary screenshots. Meanwhile, security teams are doing… The post 42,900 OpenClaw Exposed Control Panels and Why You…
Malicious Outlook Add-In Hijack Steals 4,000 Microsoft Credentials
A breach transformed the AgreeTo plug-in for Microsoft Outlook – once meant for organizing meetings – into a weapon that harvested over four thousand login details. Though built by a third-party developer and offered through the official Office Add-in…
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 2, 2026 to February 8, 2026)
📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…
Golden Paths for AI Workloads – Standardizing Deployment, Observability, and Trust
As AI workloads mature from experimental prototypes into business-critical systems, organizations are discovering a familiar problem: inconsistency at scale. Each team deploys models differently, observability varies widely, and operational maturity depends heavily on individual expertise. This is where Golden Paths…
How CISOs can balance AI innovation and security risk
<p paraeid=”{c5710b6e-dc97-4ab0-979a-93ab83745677}{25}” paraid=”736753854″><span xml:lang=”EN-US” data-contrast=”auto”>The tradeoff between embracing innovation and protecting the organization is one of the most daunting decisions security leaders face. With AI emerging as such a powerful utility for both threat actors and cybersecurity defenders, organizations must…
Apple Patches Actively Exploited Zero-Day Flaw
Apple patched an exploited zero-day enabling code execution and urges immediate updates. The post Apple Patches Actively Exploited Zero-Day Flaw appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Apple Patches Actively…
When Security Becomes an Afterthought
As AI deployment races ahead, security scrambles to keep up. Nikesh Arora on why AI’s biggest risk is treating security as an afterthought. The post When Security Becomes an Afterthought appeared first on Palo Alto Networks Blog. This article has…