Internet Security

Notepad++ patches flaw used to hijack update system

February 18, 2026 add comment
Notepad++ patched a vulnerability that attackers used to hijack its update system and deliver malware to targeted users. Notepad++ fixed a vulnerability that allowed a China-linked APT group to... Read more »

VS Code extensions with 125M+ installs expose users to cyberattacks

February 18, 2026 add comment
Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four... Read more »

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

February 18, 2026 add comment
A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked... Read more »

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

February 18, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

February 18, 2026 add comment
Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can... Read more »

SmartLoader hackers clone Oura MCP project to spread StealC malware

February 17, 2026 add comment
Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker’s AI Research (STAR) Labs team uncovered a SmartLoader campaign in... Read more »

Polish cybercrime Police arrest man linked to Phobos ransomware operation

February 17, 2026 add comment
Officers from Poland’s Central Bureau of Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities arrested a 47-year-old man suspected of involvement... Read more »

Poorly crafted phishing campaign leverages bogus security incident report

February 17, 2026 add comment
Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phishing... Read more »

South Korea slaps $25M fine on Dior, Louis Vuitton, Tiffany over Salesforce breach

February 17, 2026 add comment
South Korea fined Dior, Louis Vuitton, and Tiffany $25M after hackers breached their Salesforce systems, exposing customer data. South Korea’s Personal Information Protection Commission fined luxury brands including Dior,... Read more »

Encrypted RCS messaging support lands in Apple’s iOS 26.4 developer build

February 17, 2026 add comment
Apple is testing end-to-end encrypted Rich Communications Services (RCS) messaging in the iOS 26.4 developer beta. Apple has added end-to-end encrypted RCS messaging to the iOS and iPadOS 26.4... Read more »
Subscribe to our Newsletter