Smug faces across all those who opposed the WordPad-ification of Microsoft’s humble text editor Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).… This article has…
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat (IRC) communication protocol for command-and-control (C2) purposes. “The toolset blends stealth helpers with legacy-era Linux exploitation: Alongside log cleaners (utmp/wtmp/lastlog tampering)…
Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days
Microsoft on Tuesday released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild. Of the 59 flaws, five are rated Critical, 52 are rated Important,…
GTIG Warns of Rising Espionage and Supply Chain Cyber Threats Targeting Defense Sector
The defense industry is facing an intense, multi-front cyber onslaught as espionage, personnel targeting, and supply chain attacks converge into a persistent, strategic risk to national security. Recent analysis from Google’s Threat Intelligence Group (GTIG) shows that state-backed actors and…
Malwarebytes earns PCMag Best Tech Brand spot, scores 100% with MRG Effitas
Malwarebytes is not only one of PCMag’s Best Tech Brands for 2026, it also scored 100% on the MRG Effitas consumer security product test. This article has been indexed from Malwarebytes Read the original article: Malwarebytes earns PCMag Best Tech…
Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMD
More than two dozen advisories have been published by the chip giants for vulnerabilities found recently in their products. The post Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMD appeared first on SecurityWeek. This article has been…
Google Search introduces new ways to remove sensitive personal information and explicit images
Google expanded its “Results about you” tool to give users more control over sensitive personal information and added a way to request removal of non-consensual explicit images from Search. Manage and limit sensitive personal information in Search Users can request…
IT Security News Hourly Summary 2026-02-11 12h : 10 posts
10 posts were published in the last hour 10:32 : SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning 10:32 : Sophisticated Cyber Attack Targets Wedding Industry With Teams-Based Malware Delivery 10:32 : Windows Remote Access Connection Manager…
SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning
A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botnet dubbed SSHStalker, observed via SSH honeypots over two months. Researchers ran an SSH…
Sophisticated Cyber Attack Targets Wedding Industry With Teams-Based Malware Delivery
A sophisticated phishing campaign targets wedding planners and vendors with stealer malware disguised as Microsoft Teams meetings. Security researchers highlight the use of compromised legitimate emails to build trust before delivering payloads. Threat actors impersonate legal professionals in emails from…
Windows Remote Access Connection Manager 0-Day Vulnerability Let Attackers Trigger DoS Attack
Microsoft has patched a zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service, tracked as CVE-2026-21525, which allowed attackers to trigger denial-of-service (DoS) conditions on unpatched systems. The flaw, stemming from a NULL pointer dereference (CWE-476), was actively…
Coinbase Cartel Targets High-Value Sectors with Data-Theft-First Extortion Strategy
The ransomware landscape continues to evolve with new threat actors adopting unconventional tactics. Coinbase Cartel emerged in September 2025, quickly claiming 14 victims in its first month of operation. Unlike traditional ransomware groups, this threat actor focuses exclusively on data…
CISA Adds Six Microsoft 0-Day Vulnerabilities to KEV Catalog Following Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urgently expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding six zero-day vulnerabilities, all affecting Microsoft products. This move underscores escalating threats from nation-state actors and cybercriminals actively exploiting these flaws…
RU-APT-ChainReaver-L Hijacks Trusted Sites and GitHub in Sweeping Cross-Platform Supply Chain Attack
A newly exposed advanced persistent threat (APT) campaign, tracked as RU-APT-ChainReaver-L, is hijacking trusted file-hosting sites and long-standing GitHub accounts to deliver stealthy malware to Windows, macOS, and iOS users at scale. The campaign abuses popular mirror and file-distribution portals…
Spam and phishing in 2025
The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lures and others. This article has been indexed from Securelist Read the original article: Spam and phishing…
Fortinet Patches High-Severity Vulnerabilities
The bugs could be exploited without authentication for command execution and authentication bypass. The post Fortinet Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Fortinet Patches High-Severity Vulnerabilities
Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday
Six actively exploited zero-day bug have been patched by Microsoft This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday
Google gets EU Wiz approval, Microsoft secures Secure Boot certificates, North Korean hackers target crypto exec
EU grants Google approval for Wiz Microsoft rolls out Secure Boot certificates before expiration North Korean hackers target crypto exec Get the show notes here: Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World…
Blackstone Boosts Stake In Anthropic
World’s largest alternative asset manager reportedly looking to increase stake in AI start-up to around $1bn, amid ongoing funding round This article has been indexed from Silicon UK Read the original article: Blackstone Boosts Stake In Anthropic
Legacy systems blamed as ministers promise no repeat of Afghan breach
UK government grilled over progress made to prevent a second life-threatening leak Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.… This article has been indexed from The Register –…
Pony.ai, Toyota Start Robotaxi Mass-Production
Mass production begins for robotaxi co-developed with Toyota, as Pony.ai seeks to expand availability of autonomous vehicles This article has been indexed from Silicon UK Read the original article: Pony.ai, Toyota Start Robotaxi Mass-Production
Ivanti Endpoint Manager Flaw Enables Remote Data Exposure
Ivanti has issued a high-security update for its Endpoint Manager (EPM) solution to address two significant vulnerabilities that could put organisational data at risk. The advisory, released on February 9, 2026, highlights a high-severity flaw that allows attackers to bypass…
The Top Pentesting Platforms of 2026: What You Need to Know
What to Look for in a Pentesting Platform? Pen testing is increasingly becoming the way companies prove compliance with data privacy laws and battle-test their defenses. As the primary way of finding and exploiting vulnerabilities (before attackers do), pen testing…
Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise
Dozens of vulnerabilities, bugs, and potential improvements have been identified by the tech giants’ security teams. The post Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…