Cybercriminals have discovered a new attack surface in the world of personal AI assistants. Recent investigations show that infostealers now target OpenClaw configuration files to steal sensitive authentication credentials and personal data. This marks a dangerous evolution in malware behavior,…
Critical “Log Poisoning” Vulnerability in OpenClaw AI Agent Allows Malicious Content Injection
OpenClaw, a fast-rising open-source AI assistant designed to connect to messaging, cloud services, and local system tools, has patched a “log poisoning” weakness that could let remote attackers inject malicious, user-controlled content into logs that the agent may later ingest.…
EU Parliament Blocks AI features on Corporate Devices Over Cybersecurity Concerns
The European Parliament has disabled built‑in artificial intelligence (AI) features on corporate devices used by lawmakers and staff, citing unresolved cybersecurity and data protection risks. The decision targets AI tools embedded in tablets and phones, while leaving essential apps such…
India’s Largest Pharmacy Exposes Customer Personal Details and Access to Internal Systems
A major vulnerability discovered on the platform of a division of Zota Healthcare exposed sensitive customer and internal system data due to insecure “super admin” APIs. The issue, uncovered by Eaton–Works, allowed anyone to create a privileged super admin account and take full…
Washington Hotel Located in Japan Suffers Ransomware Attack
The hotel confirmed that several of its servers were compromised in a ransomware attack, disrupting parts of its internal network and triggering an ongoing investigation into possible data exposure. According to the Washington Hotel Corporation official statement, the incident was…
US lawyers fire up privacy class action accusing Lenovo of bulk data transfers to China
Keep behavioral tracking American? PC giant says the claim is ‘false’ A US law firm has accused Lenovo of violating Justice Department strictures about the bulk transfer of data to foreign adversaries, namely China.… This article has been indexed from…
API Threats Grow in Scale as AI Expands the Blast Radius
New research shows attackers increasingly abusing APIs at machine speed as AI-driven systems widen exposure and amplify impact. The post API Threats Grow in Scale as AI Expands the Blast Radius appeared first on SecurityWeek. This article has been indexed…
Cybersecurity Excellence Awards Reveal Nomination Shift from AI Hype to Governance Execution
Washington DC, USA, 17th February 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Cybersecurity Excellence Awards Reveal Nomination Shift from AI Hype to Governance Execution
OT teams are losing the time advantage against industrial threat actors
In many industrial environments, internet-facing gateways, remote access appliances, and boundary systems sit close enough to production networks that attackers can move from IT intrusion to operational disruption with limited resistance. Dragos’ 2026 OT/ICS Year in Review describes a threat…
Webinar: Power up your exam prep!
Ready to get certified but not sure where to start? Get insider tips and tricks on what to do from day one to test day. Join ISC2-certified instructors and an audience of your peers for this live interactive webinar on…
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC. “The threat actors cloned a…
Low-Skilled Cybercriminals Use AI to Perform “Vibe Extortion” Attacks
Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: Low-Skilled Cybercriminals Use AI to Perform…
IT Security News Hourly Summary 2026-02-17 15h : 15 posts
15 posts were published in the last hour 13:34 : Poorly crafted phishing campaign leverages bogus security incident report 13:34 : Securing the Agentic Endpoint 13:34 : Polish cops nab 47-year-old man in Phobos ransomware raid 13:34 : Infostealer Breach…
Poorly crafted phishing campaign leverages bogus security incident report
Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phishing campaign using a fake PDF security incident report hosted on AWS…
Securing the Agentic Endpoint
Secure the Agentic Endpoint. Traditional security misses the risk of AI agents. Learn how Palo Alto Networks and the Koi acquisition bring new protection. The post Securing the Agentic Endpoint appeared first on Palo Alto Networks Blog. This article has…
Polish cops nab 47-year-old man in Phobos ransomware raid
Police say seized kit contained logins, passwords, and server IP addresses Polish police have arrested and charged a man over ties to the Phobos ransomware group following a property raid.… This article has been indexed from The Register – Security…
Infostealer Breach Exposes OpenClaw AI Agent Configurations in Emerging Cyber Threat
Cybersecurity experts have uncovered a new incident in which an information-stealing malware successfully extracted sensitive configuration data from OpenClaw, an AI agent platform previously known as Clawdbot and Moltbot. The breach signals a notable expansion in the capabilities of…
HaystackID delivers audit-ready AI governance for high-risk, regulated environments
HaystackID has released HaystackID AI Governance Services, a new portfolio designed to help organizations move from AI principles and policies to an execution-ready governance operating model. The launch comes as organizations face converging regulatory timelines. EU AI Act obligations have…
Pressure builds on Grok AI, Ireland launches investigation
The Irish Data Protection Commission (DPC) opened an investigation into X over concerns that its Grok AI chatbot was used to generate sexualized deepfakes. The investigation focuses on the apparent creation and publication of potentially harmful, non-consensual intimate or sexualised…
Russia Set to Block Telegram Access Nationwide from April 1
Russia is preparing to implement a nationwide block on Telegram starting April 1, 2026, according to reports from the Russian insider channel Baza. The move would make the messaging platform completely inaccessible without VPN technology, mirroring previous restrictions imposed on…
Cybercriminals Exploit Atlassian Cloud to Launch Spam Campaigns Promoting Fraudulent Investments
Cybercriminals abused Atlassian Cloud’s trusted infrastructure to run a burst of highly automated spam campaigns that redirected victims to fraudulent investment schemes and online casinos, highlighting the growing risk of SaaS-powered email abuse. By riding on Atlassian Jira Cloud’s strong…
Update Chrome now: Zero-day bug allows code execution via malicious webpages
Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year. This article has been indexed from Malwarebytes Read the original article: Update Chrome now: Zero-day bug allows code execution via malicious webpages
Man Linked to Phobos Ransomware Arrested in Poland
Polish police said they found evidence of cybercrime on the 47-year-old suspect’s devices. The post Man Linked to Phobos Ransomware Arrested in Poland appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Man Linked…
80% of Att&Ck® Mitre Techniques Now Dedicated to Evasion and Persistence
The Red Report 2026 on the Top 10 Most Prevalent Att&Ck® Mitre Techniques shows a shift by bad actors from disruption to long-lived access. The post 80% of Att&Ck® Mitre Techniques Now Dedicated to Evasion and Persistence appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original…