Author: PulauWin

The Hacker News

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

February 26, 2026 add comment
Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could... Read more »
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

February 25, 2026 add comment
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials.... Read more »
Internet Security

Untrusted repositories turn Claude code into an attack vector

February 25, 2026 add comment
Flaws in Anthropic’s Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories. Check Point Research team found multiple vulnerabilities in Anthropic’s... Read more »
Internet Security

Critical Zyxel router flaw exposed devices to remote attacks

February 25, 2026 add comment
Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a critical remote code execution vulnerability, tracked as CVE-2025-13942... Read more »
Internet Security

Critical Zyxel router flaw exposed devices to remote attacks

February 25, 2026 add comment
Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a critical remote code execution vulnerability, tracked as CVE-2025-13942... Read more »

Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries

February 25, 2026 add comment
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53... Read more »
Security of TechRepublic

ShinyHunters Leak 12.4 Million CarGurus Records in Massive Data Dump

February 25, 2026 add comment
ShinyHunters allegedly leaked 12.4 million CarGurus records, exposing personal and financing data and raising risks of phishing and data extortion attacks. The post ShinyHunters Leak 12.4 Million CarGurus Records... Read more »
The Hacker News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

February 25, 2026 add comment
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. “Analysis of... Read more »

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

February 25, 2026 add comment
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has... Read more »
Help Net Security

Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)

February 25, 2026 add comment
A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was... Read more »
Subscribe to our Newsletter