AI is giving online romance scammers even more ways to hide and accelerate their schemes while making it more difficult for people to detect fraud operations that are resulting in billions of dollars being stolen every year from millions of…
Black Duck expands Polaris platform with unified, automated security across all major SCMs
Black Duck has announced the availability of a set of enhanced Black Duck Polaris Platform integrations across all major source code management (SCM) platforms, including GitHub, GitLab, Azure DevOps, and Bitbucket. The Polaris Platform is an integrated, software-as-a-service application security…
Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be exploited by attackers to achieve remote code execution on targets’ Windows system. About CVE-2026-20841…
Why Certification Has Become a Strategic Control for CISOs
Cybersecurity certifications have moved beyond compliance. For CISOs, they are now a strategic control that demonstrates how security is designed, governed, and enforced across products, industries, and regions. This article has been indexed from CISO Collective Read the original…
Emerging AI Built Malware Used in Targeted Attacks on Blockchain Engineers
In the shadows of geopolitics, KONNI has been operating quietly for more than a decade, building on its playbook of carefully staged spear-phishing campaigns and political lures targeted at South Korean institutions. In the past, KONNI’s operations followed the fault…
NowSecure AI-Navigator cuts mobile app testing time by automating authentication
NowSecure announced the launch of AI-Navigator, new functionality that streamlines and improves mobile application security testing. By automating authentication workflows, NowSecure enables security teams to dynamically test mobile apps for vulnerabilities and privacy leaks up to 90% faster. “Mobile apps…
1Password open sources a benchmark to stop AI agents from leaking credentials
Research has shown that some AI models can identify phishing websites with near-perfect accuracy when asked. When those same models are used as autonomous agents with access to tools like email, web browsers, and password vaults, they can still carry…
North Ferry Payment System Hit By Cyberattack
The North Ferry company has suspended online payments following a ransomware attack on its payment processor that occurred on February 6. This article has been indexed from CyberMaterial Read the original article: North Ferry Payment System Hit By Cyberattack
Carolina Beach Loses $488K In Hacks
Officials reported that hackers stole nearly $500,000 from Carolina Beach through two cyberattacks occurring between late December and early January. This article has been indexed from CyberMaterial Read the original article: Carolina Beach Loses $488K In Hacks
Google Recovers Deleted Nest Video
Google Nest cameras typically require a monthly subscription for long-term storage, otherwise videos are generally deleted after three hours. This article has been indexed from CyberMaterial Read the original article: Google Recovers Deleted Nest Video
Police Arrest Seller Of JokerOTP Tool
Authorities in the Netherlands have arrested a 21-year-old man from Dordrecht suspected of selling license keys for JokerOTP, a sophisticated phishing automation tool used to bypass multi-factor authentication. This article has been indexed from CyberMaterial Read the original article: Police…
Thailand Moves To Seize Scam Assets
Thailand is moving to permanently confiscate approximately 420 million dollars in luxury assets linked to a massive international cybercrime and fraud network. This article has been indexed from CyberMaterial Read the original article: Thailand Moves To Seize Scam Assets
287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million Users
A new security investigation has uncovered 287 Chrome extensions that appear to secretly send users’ browsing data to remote servers, impacting an estimated 37.4 million installs. That is roughly 1%1% of the global Chrome user base, based on the researchers’ estimate. The researchers built…
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these…
Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware
Flaw abused ”in an extremely sophisticated attack against specific targeted individuals’ Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an “extremely sophisticated attack” against targeted individuals.… This article has been indexed…
Viral AI Caricatures Highlight Shadow AI Dangers
A viral AI caricature trend is spotlighting shadow AI risks, exposing how public LLM use can lead to data leakage and targeted attacks. The post Viral AI Caricatures Highlight Shadow AI Dangers appeared first on eSecurity Planet. This article has…
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Exploits GitHub, npm, and PyPI to Distribute Malware
The North Korean state-sponsored hacking team, Lazarus Group, has launched a sophisticated fake recruiter campaign targeting cryptocurrency developers through a malicious operation called “graphalgo.” Active since May 2025, this coordinated attack uses fraudulent job offers to distribute remote access trojans…
Google Warns of Hackers Leveraging Gemini AI for All Stages of Cyberattacks
Threat actors have begun leveraging Google’s Gemini API to dynamically generate C# code for multi-stage malware, evading traditional detection methods. The Google Threat Intelligence Group (GTIG) detailed this in its February 2026 AI Threat Tracker report, spotlighting the HONESTCUE framework…
Sophisticated ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
A dangerous malware campaign has emerged on the NPM package registry, putting thousands of developers and Windows users at risk. The malicious package, known as “duer-js,” was published by a user named “luizaearlyx” and disguised itself as a legitimate console…
Chrome Security Update – Patch for Vulnerabilities that Enables Code Execution Attacks
Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux, addressing 11 security vulnerabilities that could enable attackers to execute malicious code on user systems. The update, rolling out over the coming weeks, includes several high-severity…
North Korea–Linked Hackers Use AI Lures
The North Korea-linked group UNC1069 is targeting the cryptocurrency industry through elaborate social engineering tactics on platforms like Telegram to steal data from Windows and macOS users. This article has been indexed from CyberMaterial Read the original article: North Korea–Linked…
Windows 10 KB5075912 Extended Update
Microsoft has launched the KB5075912 extended security update for Windows 10 to address numerous vulnerabilities, including six actively exploited zero-day flaws. This article has been indexed from CyberMaterial Read the original article: Windows 10 KB5075912 Extended Update
Georgia Healthcare Data Breach Exposes
A major data breach at a Georgia healthcare provider has exposed the sensitive personal and medical information of over 620,000 individuals. This article has been indexed from CyberMaterial Read the original article: Georgia Healthcare Data Breach Exposes
IT Security News Hourly Summary 2026-02-12 15h : 8 posts
8 posts were published in the last hour 13:32 : DragonForce Ransomware Group Targets 363 Companies, Expands Cartel-Like Operations Since 2023 13:32 : Crypto-Funded Human Trafficking Is Exploding 13:31 : Stanley Malware Service Bypasses Chrome Web Store Safeguards 13:31 :…