InfoSecRadar InfoSecRadar
  • Home
    • Vulnerabilities & Exploits
    • Malware & Ransomware
    • Data Breaches & Leaks
    • Threat Actors & Campaigns
    • Policy & Regulation
    • Industry & Career
    • Tools & Techniques
    • Cloud & Infrastructure
    • AI & Cybersecurity
    • Privacy & Surveillance
    • Signal School
  • Friend
  • Foe
  • Archive
  • About

Archive: February 2026

837 stories.

← March 2026 All months January 2026 →
FOE Feb 28 Bleeping Computer
QuickLens Chrome extension steals crypto, shows ClickFix attack
FOE Feb 28 The Hacker News
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
FOE Feb 28 Bleeping Computer
$4.8M in crypto stolen after Korean tax agency exposes wallet seed
FOE Feb 28 Krebs on Security
Who is the Kimwolf Botmaster “Dort”?
FOE Feb 28 SecurityWeek
Canadian Tire Data Breach Impacts 38 Million Accounts
FRIEND Feb 28 The Register (Security)
Denizens of DEF CON are 'fed up with government'
FOE Feb 28 The Hacker News
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
FOE Feb 28 The Hacker News
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
FRIEND Feb 28 Ars Technica (Security)
Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space
FOE Feb 27 The Register (Security)
Double whammy: Steaelite RAT bundles data theft, ransomware in one evil tool
FRIEND Feb 27 EPIC
Connecticut AG Issues Report on How Existing State Law Applies to AI
FRIEND Feb 27 Schneier on Security
Friday Squid Blogging: Squid Fishing in Peru
FOE Feb 27 CSO Online
Security hole could let hackers take over Juniper Networks PTX core routers
FOE Feb 27 SecurityWeek
Trump Orders All Federal Agencies to Phase Out Use of Anthropic Technology
FOE Feb 27 Dark Reading
Life Mirrors Art: Ransomware Hits Hospitals on TV & IRL
FOE Feb 27 CSO Online
‘Silent’ Google API key change exposed Gemini AI data
FRIEND Feb 27 Dark Reading
Cities Hosting Major Events Need More Focus on Wireless, Drone Defense
FOE Feb 27 Dark Reading
Flaw-Finding AI Assistants Face Criticism for Speed, Accuracy
FRIEND Feb 27 Bleeping Computer
Microsoft testing Windows 11 batch file security improvements
FOE Feb 27 The Register (Security)
Suspected Nork digital intruders caught breaking into US healthcare, education orgs
FOE Feb 27 Bleeping Computer
APT37 hackers use new malware to breach air-gapped networks
FRIEND Feb 27 Bleeping Computer
Europol-led crackdown on The Com hackers leads to 30 arrests
FRIEND Feb 27 The Hacker News
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
FOE Feb 27 The Hacker News
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
FOE Feb 27 Dark Reading
The Case for Why Better Breach Transparency Matters
FOE Feb 27 The Register (Security)
Ransomware payments cratered in 2025, but attacks surged to record highs
FOE Feb 27 Bleeping Computer
CISA warns that RESURGE malware can be dormant on Ivanti devices
FOE Feb 27 The Hacker News
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
FOE Feb 27 SecurityWeek
In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators
FOE Feb 27 The Register (Security)
French DIY etailer ManoMano admits customer data stolen
FRIEND Feb 27 Bleeping Computer
Third-Party Patching and the Business Footprint We All Share
FOE Feb 27 Privacy International
The Anthropic and US Government conflict is larger than you think
FOE Feb 27 Dark Reading
Claude Code Security Shows Promise, Not Perfection
FOE Feb 27 The Register (Security)
Cops back Dutch telco Odido after second wave of ShinyHunters leaks
FOE Feb 27 SecurityWeek
38 Million Allegedly Impacted by ManoMano Data Breach
FOE Feb 27 CSO Online
One of the ‘most influential cybersecurity’ roles will pay under $175,000
FOE Feb 27 SecurityWeek
900 Sangoma FreePBX Instances Infected With Web Shells
FOE Feb 27 The Hacker News
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
FRIEND Feb 27 SecurityWeek
Chilean Carding Shop Operator Extradited to US
FRIEND Feb 27 SecurityWeek
Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline
FOE Feb 27 Bleeping Computer
Ukrainian man pleads guilty to running AI-powered fake ID site
FOE Feb 27 SANS Internet Storm Center
Fake Fedex Email Delivers Donuts!, (Fri, Feb 27th)
FOE Feb 27 Schneier on Security
Why Tehran’s Two-Tiered Internet Is So Dangerous
FOE Feb 27 Schneier on Security
Phishing Attacks Against People Seeking Programming Jobs
FOE Feb 27 SecurityWeek
Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience
FOE Feb 27 CSO Online
Your personal OpenClaw agent may also be taking orders from malicious websites
FRIEND Feb 27 CSO Online
US authorities punish sellers of malware and spyware
FRIEND Feb 27 CSO Online
Why application security must start at the load balancer
FOE Feb 27 SecurityWeek
Juniper Networks PTX Routers Affected by Critical Vulnerability
FOE Feb 27 The Hacker News
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
FRIEND Feb 27 CSO Online
How to make LLMs a defensive advantage without creating a new attack surface
FRIEND Feb 27 The Hacker News
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
FOE Feb 27 SecurityWeek
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking
FRIEND Feb 27 CSO Online
The CSO guide to top security conferences
FOE Feb 27 CSO Online
Ransomware groups switch to stealthy attacks and long-term access
FRIEND Feb 27 EFF Deeplinks
Victory! Tenth Circuit Finds Fourth Amendment Doesn’t Support Broad Search of Protesters’ Devices and Digital Data
FRIEND Feb 27 EFF Deeplinks
Victory! Tenth Circuit Finds Fourth Amendment Doesn’t Support Broad Search of Protesters’ Devices and Digital Data
FOE Feb 27 Risky Business News
Risky Bulletin: Russian man investigated for extorting Conti ransomware group
FOE Feb 26 EPIC
The Verge: FTC declines to enforce a kids privacy law for data collected to verify users’ ages
FOE Feb 26 Dark Reading
Marquis v. SonicWall Lawsuit Ups the Breach Blame Game
FOE Feb 26 Dark Reading
Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
FOE Feb 26 Bleeping Computer
Previously harmless Google API keys now expose Gemini AI data
FRIEND Feb 26 EPIC
EPIC, OTI Urge FTC Not to Ignore Full Scope of Data-Driven Harms
FRIEND Feb 26 SecurityWeek
Apple iPhone and iPad Cleared for Classified NATO Use
FOE Feb 26 The Hacker News
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
FOE Feb 26 Bleeping Computer
Trend Micro warns of critical Apex One code execution flaws
FOE Feb 26 Bleeping Computer
European DYI chain ManoMano data breach impacts 38 million customers
FRIEND Feb 26 SecurityWeek
Four Risks Boards Cannot Treat as Background Noise
FOE Feb 26 Bleeping Computer
Critical Juniper Networks PTX flaw allows full router takeover
FOE Feb 26 The Intercept (Privacy)
Zohran Mamdani Kept Columbia Student in New York — Then Phoned With Trump to Secure Her Release
FOE Feb 26 Bleeping Computer
Olympique Marseille confirms 'attempted' cyberattack after data leak
FOE Feb 26 Ars Technica (Security)
New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises
FOE Feb 26 The Register (Security)
Rapid AI-driven development makes security unattainable, warns Veracode
FOE Feb 26 The Hacker News
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
FOE Feb 26 The Hacker News
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
FRIEND Feb 26 Bleeping Computer
Ransomware payment rate drops to record low as attacks surge
FOE Feb 26 SecurityWeek
Claude Code Flaws Exposed Developer Devices to Silent Hacking
FRIEND Feb 26 Bleeping Computer
Microsoft expands Windows restore to more enterprise devices
FRIEND Feb 26 SecurityWeek
Gambit Security Emerges From Stealth With $61 Million in Funding
FOE Feb 26 The Register (Security)
Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering
FOE Feb 26 CSO Online
Hackers Compromise Networks Faster and Faster [DE]
FOE Feb 26 SecurityWeek
Zyxel Patches Critical Vulnerability in Many Device Models
FOE Feb 26 Schneier on Security
LLMs Generate Predictable Passwords
FOE Feb 26 The Hacker News
Expert Recommends: Prepare for PQC Right Now
FOE Feb 26 CISA Alerts
Pelco, Inc. Sarix Pro 3 Series IP Cameras
FOE Feb 26 CISA Alerts
EV2GO ev2go.io
FOE Feb 26 CISA Alerts
EV Energy ev.energy
FOE Feb 26 CISA Alerts
Chargemap chargemap.com
FOE Feb 26 CISA Alerts
Mobility46 mobility46.se
FOE Feb 26 CISA Alerts
SWITCH EV swtchenergy.com
FOE Feb 26 CISA Alerts
CloudCharge cloudcharge.se
FOE Feb 26 CISA Alerts
Yokogawa CENTUM VP R6, R7
FOE Feb 26 CISA Alerts
Johnson Controls, Inc. Frick Controls Quantum HD
FOE Feb 26 CISA Alerts
Copeland XWEB and XWEB Pro
FOE Feb 26 Bleeping Computer
New York sues Valve for promoting illegal gambling via game loot boxes
FOE Feb 26 The Register (Security)
Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover
FOE Feb 26 CSO Online
China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries
FOE Feb 26 The Intercept (Privacy)
Florida Might Make Its Own Spy Squad. Muslims Think They Have a Pretty Good Idea Who’ll Be Targeted.
FOE Feb 26 The Hacker News
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
FOE Feb 26 SecurityWeek
US Sanctions Russian Exploit Broker Operation Zero
FOE Feb 26 The Hacker News
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
FOE Feb 26 CSO Online
The farmers and the mercenaries: Rethinking the ‘human layer’ in security
FRIEND Feb 26 SecurityWeek
Trend Micro Patches Critical Apex One Vulnerabilities
FOE Feb 26 SecurityWeek
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers
FOE Feb 26 Google Project Zero
A Deep Dive into the GetProcessHandleFromHwnd API
FOE Feb 26 CSO Online
5 trends that should top CISO’s RSA 2026 agendas
FOE Feb 26 The Hacker News
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
FRIEND Feb 26 CSO Online
9 Essential Open Source Security Tools [DE]
FRIEND Feb 26 CSO Online
How to Justify Your Security Investments [DE]
FRIEND Feb 26 SANS Internet Storm Center
Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary], (Tue, Feb 24th)
FOE Feb 26 Risky Business News
Srsly Risky Biz: Is Claude Too Woke For War?
FOE Feb 26 The Register (Security)
Claude collaboration tools left the door wide open to remote code execution
FOE Feb 26 CSO Online
Steaelite RAT combines data theft and ransomware management capability in one tool
FOE Feb 26 Sophos News
Cisco SD-WAN vulnerabilities (CVE-2026-20127, CVE-2022-20775) in active exploitation
FRIEND Feb 26 Sophos News
Sophos Workspace Protection is Now Available
FRIEND Feb 26 Recorded Future Blog
Recorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from CYBERA
FOE Feb 26 Dark Reading
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
FOE Feb 25 Bleeping Computer
Medical device maker UFP Technologies warns of data stolen in cyberattack
FOE Feb 25 CSO Online
Five Eyes issue emergency directive on exploited Cisco SD-WAN zero-day
FOE Feb 25 Dark Reading
Flaws in Claude Code Put Developers' Machines at Risk
FOE Feb 25 Bleeping Computer
Fake Next.js job interview tests backdoor developer's devices
FRIEND Feb 25 Dark Reading
RAMP Forum Seizure Fractures Ransomware Ecosystem
FRIEND Feb 25 SANS Internet Storm Center
The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary], (Wed, Feb 25th)
FOE Feb 25 The Register (Security)
Google catches Beijing spies using Sheets to spread espionage across 4 continents
FOE Feb 25 Dark Reading
PCI Council Says Threats to Payments Systems Are Speeding Up
FOE Feb 25 EFF Deeplinks
☺️ Trust Us With Your Face | EFFector 38.4
FOE Feb 25 EFF Deeplinks
☺️ Trust Us With Your Face | EFFector 38.4
FOE Feb 25 Bleeping Computer
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
FRIEND Feb 25 The Hacker News
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
FRIEND Feb 25 EFF Deeplinks
How to Pick Your Password Manager
FRIEND Feb 25 EFF Deeplinks
How to Pick Your Password Manager
FRIEND Feb 25 EFF Deeplinks
How to Pick Your Password Manager
FOE Feb 25 Bleeping Computer
Chinese cyberspies breached dozens of telecom firms, govt agencies
FOE Feb 25 The Hacker News
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
FOE Feb 25 The Register (Security)
Fake 'interview' repos lure Next.js devs into running secret-stealing malware
FOE Feb 25 Dark Reading
Malicious Next.js Repos Target Developers Via Fake Job Interviews
FOE Feb 25 SecurityWeek
The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI
FOE Feb 25 Privacy International
Analysis of the Disclosures following the ICO Enforcement Notice on GPS Tagging of Migrants
FRIEND Feb 25 SecurityWeek
Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments
FOE Feb 25 Bleeping Computer
Marquis sues SonicWall over backup breach that led to ransomware attack
FOE Feb 25 SecurityWeek
SolarWinds Patches Four Critical Serv-U Vulnerabilities
FRIEND Feb 25 Privacy International
Discord pushes back age verification after security risks revealed
FOE Feb 25 The Hacker News
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
FRIEND Feb 25 Bleeping Computer
The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web
FOE Feb 25 The Hacker News
Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
FOE Feb 25 Privacy International
Nowhere to Hide? Privacy Risks and Policy Implications of AI Geolocation
FRIEND Feb 25 Black Hills Information Security
Malware Analysis: How to Analyze and Understand Malware
FOE Feb 25 Dark Reading
Why 'Call This Number' TOAD Emails Beat Gateways
FOE Feb 25 The Register (Security)
Ex-L3Harris exec jailed 7 years for selling exploits to Russia
FOE Feb 25 SecurityWeek
Medical Device Maker UFP Technologies Hit by Cyberattack
FOE Feb 25 SecurityWeek
Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia
FOE Feb 25 Bleeping Computer
Zyxel warns of critical RCE flaw affecting over a dozen routers
FOE Feb 25 The Hacker News
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
FOE Feb 25 The Register (Security)
Wynn Resorts takes attacker's word for it that stolen staff data was deleted
FOE Feb 25 SecurityWeek
Over 12 Million Users Impacted by CarGurus Data Breach
FOE Feb 25 Schneier on Security
Poisoning AI Training Data
FOE Feb 25 CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE Feb 25 CISA Alerts
CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems
FRIEND Feb 25 Dark Reading
'Richter Scale' Model Measures Magnitude of OT Cyber Incidents
FRIEND Feb 25 SecurityWeek
SecurityWeek Report: 426 Cybersecurity M&A Deals Announced in 2025
FOE Feb 25 SecurityWeek
Wynn Resorts Confirms Data Breach After Hackers Remove It From Leak Site
FOE Feb 25 CSO Online
Microsoft warns of job‑themed repo lures targeting developers with multi‑stage backdoors
FOE Feb 25 The Hacker News
Manual Processes Are Putting National Security at Risk
FRIEND Feb 25 SecurityWeek
Astelia Raises $35 Million for Exposure Management
FOE Feb 25 Bleeping Computer
US sanctions Russian broker for buying stolen zero-day exploits
FOE Feb 25 SecurityWeek
Reddit Hit With $20 Million UK Data Privacy Fine Over Child Safety Failings
FOE Feb 25 The Register (Security)
OpenAI says Chinese cops used ChatGPT to plan and track smear ops against opponents
FOE Feb 25 SecurityWeek
Claude’s New AI Vulnerability Scanner Sends Cybersecurity Shares Plunging
FOE Feb 25 CSO Online
Ukrainian convicted for helping fake North Korean IT workers
FOE Feb 25 The Hacker News
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
FOE Feb 25 SecurityWeek
Ad Tech Company Optimizely Targeted in Cyberattack
FOE Feb 25 Bleeping Computer
Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker
FRIEND Feb 25 Dark Reading
Operation Red Card 2.0 Leads to 651 Arrests in Africa
FRIEND Feb 25 Bleeping Computer
Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool
FOE Feb 25 The Hacker News
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
FRIEND Feb 25 CSO Online
Boards don’t need cyber metrics — they need risk signals
FOE Feb 25 The Register (Security)
Threat intelligence supply chain is full of weak links, researchers find
FOE Feb 25 The Hacker News
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
FOE Feb 25 CSO Online
Hacker cracks 600 firewalls in one month - with AI [DE]
FOE Feb 25 CSO Online
How AI is Changing Your GRC Strategy [DE]
FOE Feb 25 CSO Online
New Serv-U bugs extend SolarWinds’ run of high-severity disclosures
FOE Feb 25 CSO Online
Fake Zoom meeting silently installs surveillance software, says Malwarebytes
FOE Feb 25 Risky Business News
Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov
FOE Feb 25 CSO Online
VMware fixes command injection flaw in Aria Operations
FOE Feb 24 Bleeping Computer
Phishing campaign targets freight and logistics orgs in the US, Europe
FOE Feb 24 EFF Deeplinks
Tech Companies Shouldn’t Be Bullied Into Doing Surveillance
FOE Feb 24 EFF Deeplinks
Tech Companies Shouldn’t Be Bullied Into Doing Surveillance
FOE Feb 24 The Register (Security)
AI has gotten good at finding bugs, not so good at swatting them
FOE Feb 24 CSO Online
What does business email compromise look like?
FOE Feb 24 CSO Online
What are the types of ransomware attacks?
FOE Feb 24 Bleeping Computer
Wynn Resorts confirms employee data breach after extortion threat
FOE Feb 24 CSO Online
Take control: Locking down common endpoint vulnerabilities
FOE Feb 24 Bleeping Computer
1Campaign platform helps malicious Google ads evade detection
FOE Feb 24 Dark Reading
Attackers Now Need Just 29 Minutes to Own a Network
FOE Feb 24 CSO Online
How to prevent business email compromise
FOE Feb 24 CSO Online
Know the red flags: Business email compromise signs to look out for
FOE Feb 24 Dark Reading
Lazarus Group Picks a New Poison: Medusa Ransomware
FRIEND Feb 24 Sophos News
Sophos Workspace Protection is Now Available
FRIEND Feb 24 EPIC
EPIC Joins Groups Urging FTC to Crack Down on Hidden Surveillance Pricing
FOE Feb 24 The Register (Security)
Patch these 4 critical, make-me-root SolarWinds bugs ASAP
FRIEND Feb 24 CSO Online
Cyber defense: From reactive to proactive
FOE Feb 24 The Hacker News
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
FOE Feb 24 The Register (Security)
North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware
FOE Feb 24 Bleeping Computer
CarGurus data breach exposes information of 12.4 million accounts
FOE Feb 24 SANS Internet Storm Center
Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)
FRIEND Feb 24 Bleeping Computer
Microsoft adds Copilot data controls to all storage locations
FOE Feb 24 The Register (Security)
Go library maintainer brands GitHub's Dependabot a 'noise machine'
FOE Feb 24 Sophos News
Nowhere, man: The 2026 Active Adversary Report
FOE Feb 24 SecurityWeek
‘Arkanix Stealer’ Malware Disappears Shortly After Debut
FRIEND Feb 24 Bleeping Computer
Identity-First AI Security: Why CISOs Must Add Intent to the Equation
FOE Feb 24 Bleeping Computer
UK fines Reddit $19 million for using children’s data unlawfully
FOE Feb 24 SecurityWeek
VMware Aria Operations Vulnerability Could Allow Remote Code Execution
FOE Feb 24 The Hacker News
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
FRIEND Feb 24 SecurityWeek
CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO
FOE Feb 24 SecurityWeek
New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM
FOE Feb 24 The Register (Security)
UK data watchdog fines Reddit £14.47M for letting kids slip past the gate
FRIEND Feb 24 Dark Reading
As Cybersecurity Firms Chase AI, VC Market Skyrockets
FOE Feb 24 Bleeping Computer
Critical SolarWinds Serv-U flaws offer root access to servers
FOE Feb 24 SecurityWeek
GitHub Issues Abused in Copilot Attack Leading to Repository Takeover
FOE Feb 24 Schneier on Security
Is AI Good for Democracy?
FOE Feb 24 SecurityWeek
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs
FOE Feb 24 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Feb 24 CISA Alerts
InSAT MasterSCADA BUK-TS
FOE Feb 24 CISA Alerts
Gardyn Home Kit
FOE Feb 24 CISA Alerts
Schneider Electric EcoStruxure Building Operation Workstation
FRIEND Feb 24 NIST Cybersecurity Insights
Celebrating Two Years of CSF 2.0!
FRIEND Feb 24 The Hacker News
Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem
FOE Feb 24 The Register (Security)
Korean cops charge teens over bike hire breach that exposed data on 4.62M riders
FOE Feb 24 The Hacker News
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
FOE Feb 24 CSO Online
Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools
FOE Feb 24 Bleeping Computer
ShinyHunters extortion gang claims Odido breach affecting millions
FOE Feb 24 Bleeping Computer
North Korean Lazarus group linked to Medusa ransomware attacks
FOE Feb 24 The Register (Security)
UK tech hit by double trouble: Fewer foreign techies amid skills squeeze
FRIEND Feb 24 SecurityWeek
Anonymous Fénix Members Arrested in Spain
FOE Feb 24 The Hacker News
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
FRIEND Feb 24 CSO Online
Billions in Bitcoin from Pirated Content Portal Targeted by Justice System [DE]
FRIEND Feb 24 The Register (Security)
Euro allies aiming to rapidly build low-cost air defense weapons
FOE Feb 24 Privacy International
Dual-use tech: the Elbit example
FOE Feb 24 Privacy International
Dual-use tech: the Skydio example
FOE Feb 24 Privacy International
Dual-use tech: the Leonardo example
FOE Feb 24 Privacy International
Dual-use tech: the Thales example
FRIEND Feb 24 CSO Online
It’s time to rethink CISO reporting lines
FOE Feb 24 CSO Online
The rise of the evasive adversary
FRIEND Feb 24 CSO Online
Anthropic’s Claude Code Security rollout is an industry wakeup call
FOE Feb 24 The Hacker News
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
FRIEND Feb 24 CSO Online
OT-Security: Why it's worth taking a look at Open Source [DE]
FOE Feb 24 CSO Online
Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon
FOE Feb 24 Sophos News
The Active Adversary Report: Safety in numbers
FOE Feb 24 Recorded Future Blog
January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day
FOE Feb 24 Sophos News
The Active Adversary Report: Safety in numbers
FRIEND Feb 24 Sophos News
Stopping real-world attacks: Lessons for business leaders from the 2026 cyber frontline
FOE Feb 24 Recorded Future Blog
Preparing for Russia’s New Generation Warfare in Europe
FOE Feb 23 Bleeping Computer
Android mental health apps with 14.7M installs filled with security flaws
FOE Feb 23 Dark Reading
Spitting Cash: ATM Jackpotting Attacks Surged in 2025
FRIEND Feb 23 Dark Reading
More Than Dashboards: AI Decisions Must Be Provable
FOE Feb 23 Bleeping Computer
Spain arrests suspected hacktivists for DDoSing govt sites
FRIEND Feb 23 EPIC
EPIC Model Platform Design Legislation Introduced in Kentucky
FOE Feb 23 Dark Reading
Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
FRIEND Feb 23 Dark Reading
Enigma Cipher Device Still Holds Secrets for Cyber Pros
FOE Feb 23 The Register (Security)
Infosec community panics as Anthropic rolls out Claude code security checker
FOE Feb 23 The Hacker News
APT28 Targeted European Entities Using Webhook-Based Macro Malware
FRIEND Feb 23 Bleeping Computer
Microsoft says bug in classic Outlook hides the mouse pointer
FOE Feb 23 Dark Reading
600+ FortiGate Devices Hacked by AI-Armed Amateur
FRIEND Feb 23 EPIC
EPIC Testifies in Support of Ban on Sale of Precise Location Data in Virginia
FOE Feb 23 Bleeping Computer
Ad tech firm Optimizely confirms data breach after vishing attack
FOE Feb 23 The Hacker News
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
FRIEND Feb 23 Sophos News
Stopping real-world attacks: Lessons for business leaders from the 2026 cyber frontline
FOE Feb 23 The Intercept (Privacy)
Nonprofit Coalition Asks Courts to Prevent Coercive Federal Investigation Tactics
FOE Feb 23 The Register (Security)
Global regulators say AI image tools don't get a free pass on privacy rules
FOE Feb 23 SecurityWeek
US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach
FRIEND Feb 23 The Register (Security)
Break free of Ring's servers, earn a five-figure bounty
FOE Feb 23 Bleeping Computer
When identity isn’t the weak link, access still is
FOE Feb 23 SecurityWeek
Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
FOE Feb 23 SANS Internet Storm Center
Another day, another malicious JPEG, (Mon, Feb 23rd)
FOE Feb 23 The Hacker News
⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More
FOE Feb 23 SecurityWeek
Autonomous AI Agents Provide New Class of Supply Chain Attack
FOE Feb 23 The Register (Security)
Suspected Anonymous members detained in Spain over post-flood DDoS blitz
FOE Feb 23 Schneier on Security
On the Security of Password Managers
FOE Feb 23 CSO Online
Hacker steals data from thousands of RTL employees [DE]
FOE Feb 23 The Hacker News
How Exposed Endpoints Increase Risk Across LLM Infrastructure
FOE Feb 23 CSO Online
New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads
FOE Feb 23 SecurityWeek
Romanian Hacker Pleads Guilty to Selling Access to US State Network
FOE Feb 23 Bleeping Computer
CISA: Recently patched RoundCube flaws now exploited in attacks
FOE Feb 23 The Register (Security)
AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
FOE Feb 23 SecurityWeek
Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS
FOE Feb 23 SecurityWeek
Recent RoundCube Webmail Vulnerability Exploited in Attacks
FOE Feb 23 CSO Online
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
FOE Feb 23 SecurityWeek
Mississippi Hospital System Closes All Clinics After Ransomware Attack
FOE Feb 23 The Hacker News
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
FOE Feb 23 The Register (Security)
Every day in every way, passwords are getting worse and worse
FOE Feb 23 SecurityWeek
PayPal Data Breach Led to Fraudulent Transactions
FOE Feb 23 The Hacker News
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
FOE Feb 23 CSO Online
13 ways attackers use generative AI to exploit your systems
FOE Feb 23 EPIC
The Verge: America desperately needs new privacy laws
FOE Feb 23 Risky Business News
Risky Bulletin: AI-driven hacking campaign breaches 600+ Fortinet devices
FRIEND Feb 23 Sophos News
Nowhere, man: The 2026 Active Adversary Report
FRIEND Feb 23 Sophos News
Sophos Workspace Protection Enables Secure Access for Contractors and Guests
FOE Feb 22 The Register (Security)
Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records
FOE Feb 22 Bleeping Computer
Arkanix Stealer pops up as short-lived AI info-stealer experiment
FOE Feb 22 The Register (Security)
UK council faces data breach claim after mishandling trans complaints
FOE Feb 21 Bleeping Computer
Predator spyware hooks iOS SpringBoard to hide mic, camera activity
FOE Feb 21 The Hacker News
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
FOE Feb 21 Bleeping Computer
Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks
FOE Feb 21 SecurityWeek
Critical Grandstream Phone Vulnerability Exposes Calls to Interception
FRIEND Feb 21 The Hacker News
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
FOE Feb 21 The Hacker News
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
FOE Feb 21 SANS Internet Storm Center
Japanese-Language Phishing Emails, (Sat, Feb 21st)
FRIEND Feb 21 The Hacker News
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
FOE Feb 21 CSO Online
Compromised npm package silently installs OpenClaw on developer machines
FRIEND Feb 21 EPIC
Law360: State Privacy Watch: 4 Legislative Developments To Know
FOE Feb 21 EPIC
Biometric Update: FTC asked to investigate Meta facial recognition smart glasses plan
FOE Feb 21 EPIC
The Verge: Smart glasses in court are a privacy nightmare
FOE Feb 20 The Register (Security)
PayPal app code error leaked personal info and a 'few' unauthorized transactions
FRIEND Feb 20 Schneier on Security
Friday Squid Blogging: Squid Cartoon
FOE Feb 20 Dark Reading
Attackers Use New Tool to Scan for React2Shell Exposure
FOE Feb 20 The Register (Security)
AI coding assistant Cline compromised to create more OpenClaw chaos
FOE Feb 20 Krebs on Security
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
FRIEND Feb 20 EPIC
EPIC Testifies in Support of New Jersey Age-Appropriate Design Code
FOE Feb 20 Dark Reading
'God-Like' Attack Machines: AI Agents Ignore Security Policies
FOE Feb 20 Bleeping Computer
Japanese tech giant Advantest hit by ransomware attack
FOE Feb 20 The Register (Security)
ShinyHunters demands $1.5M not to leak Vegas casino and resort chain data
FRIEND Feb 20 Dark Reading
Lessons From AI Hacking: Every Model, Every Layer Is Risky
FOE Feb 20 Bleeping Computer
CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
FOE Feb 20 CSO Online
Don’t trust TrustConnect: This fake remote support tool only helps hackers
FOE Feb 20 Bleeping Computer
Data breach at French bank registry impacts 1.2 million accounts
FRIEND Feb 20 SecurityWeek
NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
FOE Feb 20 The Hacker News
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
FOE Feb 20 SecurityWeek
In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI
FOE Feb 20 Bleeping Computer
Why the shift left dream has become a nightmare for security and developers
FOE Feb 20 The Register (Security)
Ukrainian gets five years for helping North Koreans secure US tech jobs
FOE Feb 20 The Hacker News
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
FOE Feb 20 The Register (Security)
Founder ditches AWS for Euro stack, finds sovereignty isn't plug-and-play
FOE Feb 20 Dark Reading
Latin America's Cyber Maturity Lags Threat Landscape
FOE Feb 20 Bleeping Computer
PayPal discloses data breach that exposed user info for 6 months
FOE Feb 20 CSO Online
AI and complexity as accelerators for cybercriminals [DE]
FOE Feb 20 SecurityWeek
BeyondTrust Vulnerability Exploited in Ransomware Attacks
FOE Feb 20 The Register (Security)
CISA gives federal agencies three days to patch actively exploited Dell bug
FRIEND Feb 20 Schneier on Security
Ring Cancels Its Partnership with Flock
FOE Feb 20 CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE Feb 20 The Hacker News
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT
FOE Feb 20 Bleeping Computer
Mississippi medical center closes all clinics after ransomware attack
FOE Feb 20 SecurityWeek
FBI: $20 Million Losses Caused by 700 ATM Jackpotting Attacks in 2025
FOE Feb 20 The Register (Security)
Ex-Google engineers accused of helping themselves to chip security secrets
FRIEND Feb 20 The Hacker News
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
FOE Feb 20 The Register (Security)
Attackers have 16-digit card numbers, expiry dates, but not names. Should org get £500k fine?
FOE Feb 20 Bleeping Computer
FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
FOE Feb 20 The Hacker News
Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case
FOE Feb 20 SecurityWeek
Chip Testing Giant Advantest Hit by Ransomware
FOE Feb 20 Bleeping Computer
Ukrainian gets 5 years for helping North Koreans infiltrate US firms
FOE Feb 20 CSO Online
Special Commission Investigates Cyberattack on Dresden Art Collections [DE]
FOE Feb 20 The Hacker News
FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025
FOE Feb 20 SecurityWeek
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
FRIEND Feb 20 CSO Online
PayPal launches latest struggle to get rid of SMS for MFA
FOE Feb 20 The Hacker News
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran
FOE Feb 20 The Register (Security)
Snyk CEO bails, wants someone with more AI experience to replace him
FRIEND Feb 20 CSO Online
10 Passwordless Options for Businesses [DE]
FOE Feb 20 Risky Business News
Risky Bulletin: RPKI infrastructure sits on shaky ground
FOE Feb 20 The Register (Security)
AI agents abound, unbound by rules or safety disclosures
FRIEND Feb 20 EFF Deeplinks
EFF’s Policy on LLM-Assisted Contributions to Our Open-Source Projects
FRIEND Feb 20 EFF Deeplinks
EFF’s Policy on LLM-Assisted Contributions to Our Open-Source Projects
FOE Feb 20 CSO Online
New phishing campaign tricks employees into bypassing Microsoft 365 MFA
FOE Feb 19 The Register (Security)
Crims create fake remote management vendor that actually sells a RAT
FOE Feb 19 Dark Reading
Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
FOE Feb 19 Bleeping Computer
PromptSpy is the first known Android malware to use generative AI at runtime
FOE Feb 19 Dark Reading
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
FOE Feb 19 Dark Reading
Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA
FOE Feb 19 CSO Online
US dominance of agentic AI at the heart of new NIST initiative
FOE Feb 19 EPIC
Washington Supreme Court Allows “Suicide Kit” Lawsuit Against Amazon to Proceed
FRIEND Feb 19 EPIC
Representative Trahan Drops EPIC-Backed Blueprint for Updating the Privacy Act
FOE Feb 19 Dark Reading
Abu Dhabi Finance Week Exposed VIP Passport Details
FOE Feb 19 SANS Internet Storm Center
Under the Hood of DynoWiper, (Thu, Feb 19th)
FRIEND Feb 19 EPIC
EPIC Testifies in Support of Maryland Bill That Would Ban Surveillance Pricing in Grocery Stores
FOE Feb 19 The Register (Security)
Crims hit a $20M jackpot via malware-stuffed ATMs
FOE Feb 19 The Hacker News
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
FRIEND Feb 19 The Hacker News
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
FOE Feb 19 The Hacker News
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
FOE Feb 19 Bleeping Computer
Flaw in Grandstream VoIP phones allows stealthy eavesdropping
FRIEND Feb 19 Bleeping Computer
Google blocked over 1.75 million Play Store app submissions in 2025
FOE Feb 19 The Register (Security)
Android malware taps Gemini to navigate infected devices
FOE Feb 19 Bleeping Computer
CISA orders feds to patch actively exploited Dell flaw within 3 days
FOE Feb 19 Dark Reading
Connected and Compromised: When IoT Devices Turn Into Threats
FOE Feb 19 Bleeping Computer
How infostealers turn stolen credentials into real identities
FOE Feb 19 SecurityWeek
French Government Says 1.2 Million Bank Accounts Exposed in Breach
FOE Feb 19 The Hacker News
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
FOE Feb 19 Bleeping Computer
Nigerian man gets eight years in prison for hacking tax firms
FRIEND Feb 19 The Register (Security)
DEF CON bans three Epstein-linked men from future events
FOE Feb 19 SecurityWeek
Nearly 1 Million User Records Compromised in Figure Data Breach
FOE Feb 19 Bleeping Computer
Texas sues TP-Link over Chinese hacking risks, user deception
FOE Feb 19 Bleeping Computer
Hackers target Microsoft Entra accounts in device code vishing attacks
FRIEND Feb 19 SecurityWeek
Venice Security Emerges From Stealth With $33M Funding for Privileged Access Management
FOE Feb 19 CSO Online
Six flaws found hiding in OpenClaw’s plumbing
FOE Feb 19 Schneier on Security
Malicious AI
FOE Feb 19 CISA Alerts
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller
FOE Feb 19 CISA Alerts
Valmet DNA Engineering Web Tools
FOE Feb 19 CISA Alerts
EnOcean SmartServer IoT
FOE Feb 19 CISA Alerts
Jinan USR IOT Technology Limited (PUSR) USR-W610
FOE Feb 19 Privacy International
What does Prosus's buyout mean for JustEat drivers?
FOE Feb 19 SecurityWeek
Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025
FOE Feb 19 The Hacker News
From Exposure to Exploitation: How AI Collapses Your Response Window
FRIEND Feb 19 The Register (Security)
UK to demand social platforms take down abusive intimate images within 48 hours
FRIEND Feb 19 Bleeping Computer
Police arrests 651 suspects in African cybercrime crackdown
FOE Feb 19 The Register (Security)
Healthcare security: Write login details on whiteboard, hope for the best
FOE Feb 19 SecurityWeek
OpenClaw Security Issues Continue as SecureClaw Open Source Tool Debuts
FOE Feb 19 The Hacker News
Fake IPTV Apps Spread Massive Android Malware Targeting Mobile Banking Users [DE]
FOE Feb 19 CSO Online
Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn
FOE Feb 19 Bleeping Computer
New 'Massiv' Android banking malware poses as an IPTV app
FOE Feb 19 CSO Online
Cybersecurity needs maturity and not checklists [DE]
FOE Feb 19 SecurityWeek
German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack
FOE Feb 19 The Hacker News
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
FOE Feb 19 Dark Reading
More Than 40% of South Africans Were Scammed in 2025
FRIEND Feb 19 CSO Online
From in-house CISO to consultant. What you need to know before making the leap
FOE Feb 19 The Register (Security)
Poland bans camera-packing cars made in China cars from military bases
FOE Feb 19 Risky Business News
Srsly Risky Biz: Europe's Cyber Bullets Can't Replace Political Will
FRIEND Feb 19 SANS Internet Storm Center
ISC Stormcast For Thursday, February 19th, 2026 https://isc.sans.edu/podcastdetail/9816, (Thu, Feb 19th)
FOE Feb 19 Recorded Future Blog
2025 Cloud Threat Hunting and Defense Landscape
FOE Feb 18 The Register (Security)
Adidas investigates third-party data breach after criminals claim they pwned the sportswear giant
FRIEND Feb 18 CSO Online
Notepad++ author says fixes make update mechanism ‘effectively unexploitable’
FOE Feb 18 Dark Reading
Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
FOE Feb 18 CSO Online
Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years
FOE Feb 18 Dark Reading
Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot
FOE Feb 18 Bleeping Computer
Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
FRIEND Feb 18 Dark Reading
Threat Intelligence Has a Human-Shaped Blind Spot
FOE Feb 18 Dark Reading
Dell's Hard-Coded Flaw: A Nation-State Goldmine
FOE Feb 18 The Register (Security)
ShinyHunters allegedly drove off with 1.7M CarGurus records
FRIEND Feb 18 EPIC
EPIC Urges Second Circuit to Recognize Constitutionality of Surveillance Pricing Transparency Law
FOE Feb 18 Bleeping Computer
AI platforms can be abused for stealthy malware communication
FOE Feb 18 Dark Reading
A CISO's Playbook for Defending Data Assets Against AI Scraping
FOE Feb 18 The Register (Security)
Fraudster hacked hotel system, paid 1 cent for luxury rooms, Spanish cops say
FRIEND Feb 18 BrightTALK InfoSec
How to Enhance Threat Hunting Through Enterprise-Wide Collaboration
FOE Feb 18 The Hacker News
Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody
FOE Feb 18 The Register (Security)
Texas sues TP-Link over China links and security vulnerabilities
FOE Feb 18 The Register (Security)
German train line back on track after DDoS yanks the brakes
FOE Feb 18 The Hacker News
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
FOE Feb 18 Bleeping Computer
Telegram channels expose rapid weaponization of SmarterMail flaws
FRIEND Feb 18 Bleeping Computer
Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages
FRIEND Feb 18 BrightTALK InfoSec
Threat Intelligence: Will AI Make Human Analysts Obsolete?
FOE Feb 18 SecurityWeek
New Keenadu Android Malware Found on Thousands of Devices
FOE Feb 18 CSO Online
Millions of Chrome extensions reveal browsing history [DE]
FRIEND Feb 18 BrightTALK InfoSec
Securing DevOps Pipelines with Real-Time Threat Intelligence
FRIEND Feb 18 BrightTALK InfoSec
Anticipate Attacks Before They Strike: Harness Predictive Threat Intelligence
FRIEND Feb 18 BrightTALK InfoSec
Mastering Threat Hunting: Aligning with Adversary Tactics in 2026
FOE Feb 18 BrightTALK InfoSec
Browser Extensions Under Siege: Advanced Detection Tactics for Enterprises
FRIEND Feb 18 BrightTALK InfoSec
Scaling Security Governance with Platform Engineering: A Proactive Approach for Workloads
FRIEND Feb 18 BrightTALK InfoSec
Driving Security Culture Evolution for Business Growth
FRIEND Feb 18 SecurityWeek
Cogent Security Raises $42 Million for AI-Driven Vulnerability Management
FOE Feb 18 The Register (Security)
Your AI-generated password isn't random, it just looks that way
FOE Feb 18 Bleeping Computer
Data breach at fintech firm Figure affects nearly 1 million accounts
FRIEND Feb 18 The Intercept (Privacy)
Philadelphia Could Elect Its First Muslim Congressman. He’s Not Sure Where He Stands on Israel.
FRIEND Feb 18 EFF Deeplinks
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
FOE Feb 18 Schneier on Security
AI Found Twelve New Vulnerabilities in OpenSSL
FOE Feb 18 CSO Online
Keenadu: Android malware that comes preinstalled and can’t be removed by users
FOE Feb 18 CSO Online
Flaws in four popular VS Code extensions left 128 million installs open to attack
FOE Feb 18 SecurityWeek
Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration
FOE Feb 18 The Register (Security)
You can jailbreak an F-35 just like an iPhone, says Dutch defense chief
FRIEND Feb 18 The Register (Security)
Notepad++ declares hardened update process 'effectively unexploitable'
FOE Feb 18 The Hacker News
Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability
FOE Feb 18 The Hacker News
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
FOE Feb 18 Bleeping Computer
Microsoft says bug causes Copilot to summarize confidential emails
FRIEND Feb 18 Black Hills Information Security
OSINT: How to Find, Use, and Control Open-Source Intelligence
FRIEND Feb 18 CSO Online
A new approach for GenAI risk protection
FRIEND Feb 18 CSO Online
Discipline is the new power move in cybersecurity leadership
FRIEND Feb 18 CSO Online
Cyberattack on railway disrupts information systems [DE]
FOE Feb 18 SecurityWeek
CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5
FRIEND Feb 18 The Register (Security)
HackerOne 'updating' Ts&Cs after bug hunters question if they're training AI
FRIEND Feb 18 The Hacker News
3 Ways to Start Your Intelligent Workflow Program
FOE Feb 18 The Hacker News
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
FOE Feb 18 Bleeping Computer
Glendale man gets 5 years in prison for role in darknet drug ring
FOE Feb 18 CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FRIEND Feb 18 CSO Online
CredShields Leads OWASP Smart Contract Top 10 2026 as Governance and Access Failures Drive Onchain Risk
FOE Feb 18 SANS Internet Storm Center
Tracking Malware Campaigns With Reused Material, (Wed, Feb 18th)
FRIEND Feb 18 SecurityWeek
Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction
FRIEND Feb 18 The Hacker News
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
FOE Feb 18 CSO Online
The new paradigm for raising up secure software engineers
FOE Feb 18 SecurityWeek
Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group
FOE Feb 18 The Hacker News
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
FRIEND Feb 18 CSO Online
13 Questions to Address Third-Party Risks [DE]
FRIEND Feb 18 The Register (Security)
Palo Alto CEO says AI isn’t great for business, yet
FOE Feb 18 SANS Internet Storm Center
ISC Stormcast For Wednesday, February 18th, 2026 https://isc.sans.edu/podcastdetail/9814, (Wed, Feb 18th)
FOE Feb 18 Risky Business News
Risky Bulletin: Supply chain attack plants backdoor on Android tablets
FRIEND Feb 18 Dark Reading
[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses
FOE Feb 18 The Register (Security)
China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection
FRIEND Feb 18 Dark Reading
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
FOE Feb 18 Sophos News
The OpenClaw experiment is a warning shot for enterprise AI security
FRIEND Feb 18 EFF Deeplinks
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
FOE Feb 18 Recorded Future Blog
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
FRIEND Feb 17 Bleeping Computer
Spain orders NordVPN, ProtonVPN to block LaLiga piracy sites
FOE Feb 17 Dark Reading
Supply Chain Attack Embeds Malware in Android Devices
FOE Feb 17 The Register (Security)
China remains embedded in US energy networks 'for the purpose of taking it down'
FOE Feb 17 Dark Reading
Poland Energy Survives Attack on Wind, Solar Infrastructure
FOE Feb 17 Bleeping Computer
Flaws in popular VSCode extensions expose developers to attacks
FRIEND Feb 17 CSO Online
Cyber attacks enabled by basic failings, Palo Alto analysis finds
FOE Feb 17 Dark Reading
RMM Abuse Explodes as Hackers Ditch Malware
FOE Feb 17 Dark Reading
ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT
FOE Feb 17 Ars Technica (Security)
Password managers' promise that they can't see your vaults isn't always true
FOE Feb 17 Bleeping Computer
Chinese hackers exploiting Dell zero-day flaw since mid-2024
FRIEND Feb 17 The Intercept (Privacy)
Can Trump’s Plan for Warehouse Immigrant Detention Camps Be Stopped?
FOE Feb 17 The Hacker News
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster
NEUTRAL Feb 17 The Intercept (Privacy)
It’s Correct and Moral to Use the Olympics to Speak Out About Politics
FOE Feb 17 EFF Deeplinks
San Jose Can Protect Immigrants by Ending Flock Surveillance System
FOE Feb 17 EFF Deeplinks
San Jose Can Protect Immigrants by Ending Flock Surveillance System
FRIEND Feb 17 Bleeping Computer
Notepad++ boosts update security with ‘double-lock’ mechanism
FOE Feb 17 The Hacker News
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
FOE Feb 17 EFF Deeplinks
New Report Helps Journalists Dig Deeper Into Police Surveillance Technology
FRIEND Feb 17 EFF Deeplinks
New Report Helps Journalists Dig Deeper Into Police Surveillance Technology
FOE Feb 17 The Hacker News
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates
FRIEND Feb 17 SecurityWeek
VulnCheck Raises $25 Million in Series B Funding to Scale Vulnerability Intelligence
FOE Feb 17 Bleeping Computer
Microsoft Teams outage affects users in United States, Europe
FOE Feb 17 SecurityWeek
Hackers Offer to Sell Millions of Eurail User Records
FRIEND Feb 17 CSO Online
MCSC 2026: "Politics and Business Must Work Together" [DE]
FOE Feb 17 Bleeping Computer
What 5 Million Apps Revealed About Secrets in JavaScript
FOE Feb 17 Bleeping Computer
New Keenadu backdoor found in Android firmware, Google Play apps
FOE Feb 17 SecurityWeek
API Threats Grow in Scale as AI Expands the Blast Radius
FOE Feb 17 SecurityWeek
Cyber Insights 2026: The Ongoing Fight to Secure Industrial Control Systems
FOE Feb 17 The Register (Security)
US lawyers fire up privacy class action accusing Lenovo of bulk data transfers to China
FRIEND Feb 17 The Register (Security)
Polish cops nab 47-year-old man in Phobos ransomware raid
FRIEND Feb 17 SecurityWeek
Man Linked to Phobos Ransomware Arrested in Poland
FOE Feb 17 The Hacker News
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
FOE Feb 17 CSO Online
ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit
FOE Feb 17 Schneier on Security
Side-Channel Attacks Against LLMs
FOE Feb 17 CISA Alerts
CISA Adds Four Known Exploited Vulnerabilities to Catalog
FOE Feb 17 CISA Alerts
Honeywell CCTV Products
FOE Feb 17 CISA Alerts
Delta Electronics ASDA-Soft
FOE Feb 17 CISA Alerts
GE Vernova Enervista UR Setup
FOE Feb 17 CISA Alerts
Siemens Simcenter Femap and Nastran
FRIEND Feb 17 Bleeping Computer
Poland arrests suspect linked to Phobos ransomware operation
FOE Feb 17 The Register (Security)
UK.gov launches cyber 'lockdown' campaign as 80% of orgs still leave door open
FRIEND Feb 17 The Hacker News
My Day Getting My Hands Dirty with an NDR System
FOE Feb 17 The Register (Security)
Ireland joins regulator smackdown after X's Grok AI accused of undressing people
FOE Feb 17 SecurityWeek
3 Threat Groups Started Targeting ICS/OT in 2025: Dragos
FRIEND Feb 17 The Intercept (Privacy)
U.S. Sent a Rescue Plane for Boat Strike Survivors. It Took 45 Hours to Arrive.
FOE Feb 17 Bleeping Computer
Ireland now also investigating X over Grok-made sexual images
FOE Feb 17 CSO Online
With CISOs stretched thin, re-envisioning enterprise risk may be the only fix
FRIEND Feb 17 The Intercept (Privacy)
Air Force Maintenance Staff Can’t Stop Buying Fancy Knives With Tax Dollars
FOE Feb 17 CSO Online
Why 2025’s agentic AI boom is a CISO’s worst nightmare
FOE Feb 17 The Hacker News
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations
FOE Feb 17 SecurityWeek
Password Managers Vulnerable to Vault Compromise Under Malicious Server
FRIEND Feb 17 The Register (Security)
MoD ticks shopping list as PM considers weapons budget boost
FOE Feb 17 SANS Internet Storm Center
Fake Incident Report Used in Phishing Campaign, (Tue, Feb 17th)
FRIEND Feb 17 The Hacker News
Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta
FRIEND Feb 17 SANS Internet Storm Center
ISC Stormcast For Tuesday, February 17th, 2026 https://isc.sans.edu/podcastdetail/9812, (Tue, Feb 17th)
FOE Feb 17 CSO Online
Exploit available for new Chrome zero-day vulnerability, says Google
FRIEND Feb 17 Sophos News
Sophos Workspace Protection Enables Secure SaaS App Control
FOE Feb 16 Bleeping Computer
Washington Hotel in Japan discloses ransomware infection incident
FOE Feb 16 CSO Online
What CISOs Should Know About OpenClaw [DE]
FOE Feb 16 CSO Online
Open source maintainers being targeted by AI agent as part of ‘reputation farming’
FOE Feb 16 Bleeping Computer
Eurail says stolen traveler data now up for sale on dark web
FOE Feb 16 Bleeping Computer
Man arrested for demanding reward after accidental police data leak
FOE Feb 16 The Hacker News
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
FOE Feb 16 The Hacker News
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers
FOE Feb 16 Dark Reading
Operation DoppelBrand: Weaponizing Fortune 500 Brands
FOE Feb 16 The Register (Security)
Canada Goose ruffles feathers over 600K record dump, says leak is old news
FOE Feb 16 Bleeping Computer
Infostealer malware found stealing OpenClaw secrets for first time
FOE Feb 16 The Register (Security)
Dutch cops arrest man after sending him confidential files by mistake
FOE Feb 16 The Register (Security)
You probably can't trust your password manager if it's compromised
FOE Feb 16 SecurityWeek
Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches
FRIEND Feb 16 Bleeping Computer
Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era
FOE Feb 16 The Register (Security)
Open source registries don't have enough money to implement basic security
FOE Feb 16 Dark Reading
260K+ Chrome Users Duped by Fake AI Browser Extensions
FRIEND Feb 16 SecurityWeek
Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security
FOE Feb 16 SecurityWeek
CISA Navigates DHS Shutdown With Reduced Staff
FOE Feb 16 The Hacker News
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
FOE Feb 16 The Register (Security)
Google patches Chrome zero-day as in-the-wild exploits surface
FOE Feb 16 Bleeping Computer
CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
FOE Feb 16 Schneier on Security
The Promptware Kill Chain
FOE Feb 16 The Hacker News
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud
FOE Feb 16 CSO Online
Leaky Chrome extensions with 37M installs caught divulging your browsing history
FOE Feb 16 The Intercept (Privacy)
Prison-Style Free Speech Censorship Is Coming for the Rest of Us
FOE Feb 16 The Hacker News
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
FRIEND Feb 16 CSO Online
Finding a common language around risk
FRIEND Feb 16 CSO Online
New cooperation to bring sovereign cloud solutions [DE]
FRIEND Feb 16 CSO Online
CISO Julie Chatman offers insights for you to take control of your security leadership role
FOE Feb 16 SANS Internet Storm Center
2026 64-Bits Malware Trend, (Mon, Feb 16th)
FOE Feb 16 CSO Online
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
FOE Feb 16 The Hacker News
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
FOE Feb 16 The Register (Security)
US appears open to reversing some China tech bans
FRIEND Feb 16 CSO Online
SIEM Buying Guide [DE]
FRIEND Feb 16 Risky Business News
Risky Bulletin: Cambodia promises to dismantle scam networks by April
NEUTRAL Feb 16 SANS Internet Storm Center
ISC Stormcast For Monday, February 16th, 2026 https://isc.sans.edu/podcastdetail/9810, (Mon, Feb 16th)
FRIEND Feb 16 Recorded Future Blog
Network Intelligence: Your Questions, Global Answers
FOE Feb 15 The Register (Security)
Infosec exec sold eight zero-day exploit kits to Russia, says DoJ
FOE Feb 15 The Intercept (Privacy)
Palantir Gets Millions of Dollars From New York City’s Public Hospitals
FOE Feb 15 The Hacker News
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
FOE Feb 14 EPIC
The Guardian: The problem with doorbell cams: Nancy Guthrie case and Ring Super Bowl ad reawaken surveillance fears
FRIEND Feb 14 Schneier on Security
Upcoming Speaking Engagements
FOE Feb 13 EPIC
EPIC Urges FTC, States to Block Meta’s Facial Recognition Smart Glasses Plan
FOE Feb 13 CSO Online
Critical BeyondTrust RS vulnerability exploited in active attacks
FRIEND Feb 13 Schneier on Security
Friday Squid Blogging: Do Squid Dream?
FRIEND Feb 13 Dark Reading
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
FOE Feb 13 EFF Deeplinks
Seven Billion Reasons for Facebook to Abandon its Face Recognition Plans
FOE Feb 13 EFF Deeplinks
Seven Billion Reasons for Facebook to Abandon its Face Recognition Plans
FRIEND Feb 13 The Intercept (Privacy)
Leakers Helped Destroy Deportation Case Against Tufts Student
FOE Feb 13 The Register (Security)
Attackers finally get around to exploiting critical Microsoft bug from 2024
FOE Feb 13 CSO Online
South Korea fines Louis Vuitton, Christian Dior, Tiffany $25M for SaaS security failures
FOE Feb 13 CSO Online
Researchers unearth 30-year-old vulnerability in libpng library
FRIEND Feb 13 CSO Online
Battling bots face off in cybersecurity arena
FOE Feb 13 The Hacker News
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
FOE Feb 13 Dark Reading
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
FOE Feb 13 Dark Reading
Nation-State Hackers Put Defense Industrial Base Under Siege
FOE Feb 13 Dark Reading
AI Agents 'Swarm,' Security Complexity Follows Suit
FOE Feb 13 The Hacker News
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
FOE Feb 13 CSO Online
Four new reasons why Windows LNK files cannot be trusted
FOE Feb 13 The Hacker News
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors
FRIEND Feb 13 The Intercept (Privacy)
The Woman Alex Pretti Was Killed Trying to Defend Is an EMT. Federal Agents Stopped Her From Giving First Aid.
NEUTRAL Feb 13 The Intercept (Privacy)
Jasmine Crockett Swears Off Corporate Cash — But Transferred Thousands From Her House Campaign
FRIEND Feb 13 CSO Online
BSI heralds the end of classical encryption [DE]
FRIEND Feb 13 The Intercept (Privacy)
The Only Solution Capitalism Has Is to Sell Us More Useless Junk
FOE Feb 13 CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE Feb 13 The Register (Security)
Top Dutch telco Odido admits 6.2M customers caught in contact system caper
FOE Feb 13 The Hacker News
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
FRIEND Feb 13 The Intercept (Privacy)
Attorney for Epstein Survivors Warns That Justice Is Impossible With Bondi as AG
FOE Feb 13 The Hacker News
npm’s Update to Harden Their Supply Chain, and Points to Consider
FOE Feb 13 The Hacker News
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
FRIEND Feb 13 The Register (Security)
Enforcing piracy policy earned helpdesk worker death threats
FRIEND Feb 13 SANS Internet Storm Center

AI-Powered Knowledge Graph Generator & APTs, (Thu, Feb 12th)
FOE Feb 13 Risky Business News
Risky Bulletin: IcedID malware developer fakes his own death to escape the FBI
NEUTRAL Feb 13 SANS Internet Storm Center
ISC Stormcast For Friday, February 13th, 2026 https://isc.sans.edu/podcastdetail/9808, (Fri, Feb 13th)
FRIEND Feb 13 The Intercept (Privacy)
Trump Attacked Immigrant Food Aid in Minnesota. Locals Fought Back.
FOE Feb 13 Sophos News
February’s Patch Tuesday assumes battle stations
FOE Feb 13 Sophos News
The OpenClaw experiment is a warning shot for enterprise AI security
FOE Feb 12 The Register (Security)
30+ Chrome extensions disguised as AI chatbots steal users' API keys, emails, other sensitive data
FOE Feb 12 Dark Reading
Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again
FRIEND Feb 12 Dark Reading
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense
FOE Feb 12 EFF Deeplinks
Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
FOE Feb 12 EFF Deeplinks
Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
FRIEND Feb 12 Dark Reading
SpecterOps Launches BloodHound Scentry to Accelerate the Practice of Identity Attack Path Management
FOE Feb 12 Dark Reading
Gone With the Shame: One in Two Americans Are Reluctant to Talk About Romance Scam Incidents
FOE Feb 12 Dark Reading
Those 'Summarize With AI' Buttons May Be Lying to You
FOE Feb 12 The Intercept (Privacy)
Pam Bondi Admits DOJ Has a Secret Domestic Terrorist List
FOE Feb 12 The Register (Security)
Who's the bossware? Ransomware slingers like employee monitoring tools, too
FRIEND Feb 12 EPIC
EPIC Model Platform Design Legislation Introduced in Georgia and Kansas
FOE Feb 12 The Intercept (Privacy)
FBI Counterterrorism Agents Spent Weeks Seeking a Climate Activist — Then Showed Up at His Door
FOE Feb 12 EPIC
Coming to America: The Government Wants to See Your Emails
FRIEND Feb 12 BrightTALK InfoSec
Elevating Enterprise IGA Programs for the Future
FOE Feb 12 The Hacker News
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
FOE Feb 12 The Hacker News
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
FRIEND Feb 12 BrightTALK InfoSec
Mastering Identity Governance: Strategies for Enterprise Success in 2026
FOE Feb 12 The Intercept (Privacy)
Marine Detained in Minneapolis Says Feds Copied His Phone Without a Warrant
FOE Feb 12 The Register (Security)
Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware
NEUTRAL Feb 12 The Intercept (Privacy)
AIPAC Is Flooding Illinois With Cash. Pro-Palestine Groups Are Backing Kat Abughazaleh.
FOE Feb 12 Schneier on Security
3D Printer Surveillance
FOE Feb 12 CISA Alerts
CISA Adds Four Known Exploited Vulnerabilities to Catalog
FOE Feb 12 CISA Alerts
Siemens SINEC NMS
FOE Feb 12 CISA Alerts
Siemens COMOS
FOE Feb 12 CISA Alerts
Airleader Master
FOE Feb 12 CISA Alerts
Siemens Solid Edge
FOE Feb 12 CISA Alerts
Siemens Polarion
FOE Feb 12 CISA Alerts
Siemens Siveillance Video Management Servers
FOE Feb 12 CISA Alerts
Siemens Desigo CC Product Family and SENTRON Powermanager
FOE Feb 12 CISA Alerts
Hitachi Energy SuprOS
FOE Feb 12 CISA Alerts
Siemens NX
FOE Feb 12 CISA Alerts
Siemens SINEC OS
FOE Feb 12 The Register (Security)
Supply chain attacks now fuel a 'self-reinforcing' cybercrime economy
FOE Feb 12 The Hacker News
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
FRIEND Feb 12 BrightTALK InfoSec
Overcoming Digital ID Barriers to Drive Seamless Adoption in 2026
FRIEND Feb 12 The Hacker News
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
FRIEND Feb 12 The Register (Security)
Feeling brave? Ministry of Defence seeks £300K digital boss to manage £4.6B spend
FOE Feb 12 Dark Reading
Senegalese Data Breaches Expose Lack of Security Maturity
FRIEND Feb 12 Google Project Zero
Bypassing Administrator Protection by Abusing UI Access
FOE Feb 12 The Hacker News
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
FOE Feb 12 The Register (Security)
Google: China's APT31 used Gemini to plan cyberattacks against US orgs
FOE Feb 12 The Hacker News
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices
FOE Feb 12 SANS Internet Storm Center
ISC Stormcast For Thursday, February 12th, 2026 https://isc.sans.edu/podcastdetail/9806, (Thu, Feb 12th)
FOE Feb 12 SANS Internet Storm Center
Four Seconds to Botnet - Analyzing a Self Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary], (Wed, Feb 11th)
FOE Feb 12 The Register (Security)
Microsoft warns that poisoned AI buttons and links may betray your trust
NEUTRAL Feb 12 Risky Business News
Srsly Risky Biz: Microsoft's Forgoes Its Secure Future
FOE Feb 12 Recorded Future Blog
State of Security Report | Recorded Future
FOE Feb 12 Recorded Future Blog
Fragmentation Defined 2025's Threat Landscape. Here's What It Means for 2026
FRIEND Feb 12 Sophos News
Sophos Firewall Configuration Viewer
FOE Feb 11 BrightTALK InfoSec
Defending Against AI-Driven Identity Threats in 2026
FOE Feb 11 Ars Technica (Security)
Once-hobbled Lumma Stealer is back with lures that are hard to resist
FOE Feb 11 Dark Reading
North Korea's UNC1069 Hammers Crypto Firms With AI
FOE Feb 11 The Register (Security)
Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
FRIEND Feb 11 Dark Reading
How to Stay on Top of Future Threats With a Cutting-Edge SOC
FRIEND Feb 11 SANS Internet Storm Center
Apple Patches Everything: February 2026, (Wed, Feb 11th)
FRIEND Feb 11 Dark Reading
Automaker Secures the Supply Chain With Developer-Friendly Platform
FRIEND Feb 11 The Intercept (Privacy)
Officials Dispute Trump Explanation of El Paso Airspace Closure: “There Was Not a Threat”
FOE Feb 11 The Register (Security)
Posting AI-generated caricatures on social media is risky, infosec killjoys warn
FOE Feb 11 EPIC
CyberScoop: Your AI doctor doesn’t have to follow the same privacy rules as your real one
FOE Feb 11 EFF Deeplinks
🗣 Homeland Security Wants Names | EFFector 38.3
FOE Feb 11 EFF Deeplinks
🗣 Homeland Security Wants Names | EFFector 38.3
FRIEND Feb 11 EPIC
EPIC Endorses New Bill to Ban ICE and CBP from Using Facial Recognition Technology
FOE Feb 11 EFF Deeplinks
“Free” Surveillance Tech Still Comes at a High and Dangerous Cost
FOE Feb 11 EFF Deeplinks
“Free” Surveillance Tech Still Comes at a High and Dangerous Cost
FOE Feb 11 The Hacker News
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
FOE Feb 11 Krebs on Security
Kimwolf Botnet Swamps Anonymity Network I2P
FOE Feb 11 The Register (Security)
Were telcos tipped off to *that* ancient Telnet bug? Cyber pros say the signs stack up
FOE Feb 11 The Hacker News
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
FRIEND Feb 11 Schneier on Security
Rewiring Democracy Ebook is on Sale
FOE Feb 11 Dark Reading
AI Rising: Do We Know Enough About the Data Populating It?
FRIEND Feb 11 Black Hills Information Security
What to Do with Your First Home Lab
FRIEND Feb 11 Dark Reading
Top Cyber Industry Defenses Spike CO2 Emissions
FOE Feb 11 The Intercept (Privacy)
Texas “Antifa Cell” Terror Trial Takes On Tough Questions About Guns at Protests Against ICE
FOE Feb 11 The Hacker News
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms
FOE Feb 11 The Register (Security)
Payroll pirates are conning help desks to steal workers' identities and redirect paychecks
FRIEND Feb 11 BrightTALK InfoSec
Scaling Digital Credentials: The Fast Evolving Landscape of mDL
FOE Feb 11 Schneier on Security
Prompt Injection Via Road Signs
FOE Feb 11 The Register (Security)
Notepad's new Markdown powers served with a side of remote code execution
FOE Feb 11 The Hacker News
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
FOE Feb 11 The Hacker News
Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days
FOE Feb 11 The Hacker News
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
FOE Feb 11 The Register (Security)
Legacy systems blamed as ministers promise no repeat of Afghan breach
FRIEND Feb 11 BrightTALK InfoSec
Modern IAM: Decentralized Solutions for Evolving Threats
FOE Feb 11 The Hacker News
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
FOE Feb 11 Risky Business News
Risky Bulletin: Chinese cyber-spies breached all of Singapore's telcos
FOE Feb 11 Dark Reading
Asia Fumbles With Throttling Back Telnet Traffic in Region
FRIEND Feb 11 Recorded Future Blog
From 27 Steps to 5: How Recorded Future Reimagined Threat Hunting with Autonomous Threat Operations
FOE Feb 10 EFF Deeplinks
Open Letter to Tech Companies: Protect Your Users From Lawless DHS Subpoenas
FRIEND Feb 10 EFF Deeplinks
Open Letter to Tech Companies: Protect Your Users From Lawless DHS Subpoenas
FOE Feb 10 The Register (Security)
Microsoft's Valentine's gift to admins: 6 exploited zero-day fixes
FOE Feb 10 The Intercept (Privacy)
Americans Want Accountability With the Epstein Files. Elites Couldn’t Care Less.
FOE Feb 10 Dark Reading
SolarWinds WHD Attacks Highlight Risks of Exposed Apps
FOE Feb 10 Krebs on Security
Patch Tuesday, February 2026 Edition
FOE Feb 10 Dark Reading
In Bypassing MFA, ZeroDayRAT Is 'Textbook Stalkerware'
FRIEND Feb 10 EPIC
EPIC Joins EFF, Others Urging California to Block Federal Agencies’ Covert ALPRs in New Letter
FOE Feb 10 EFF Deeplinks
No One, Including Our Furry Friends, Will Be Safer in Ring's Surveillance Nightmare
FOE Feb 10 EFF Deeplinks
No One, Including Our Furry Friends, Will Be Safer in Ring's Surveillance Nightmare
FOE Feb 10 Dark Reading
Microsoft Patches 6 Actively Exploited Zero-Days
FRIEND Feb 10 EPIC
Maine House Passes Strong Privacy Bill
FOE Feb 10 Ars Technica (Security)
Windows' original Secure Boot certificates expire in June—here's what you need to do
FOE Feb 10 The Register (Security)
AI agents spill secrets just by previewing malicious links
FOE Feb 10 The Hacker News
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies
FOE Feb 10 EFF Deeplinks
Coalition Urges California to Revoke Permits for Federal License Plate Reader Surveillance
FRIEND Feb 10 EFF Deeplinks
Coalition Urges California to Revoke Permits for Federal License Plate Reader Surveillance
FRIEND Feb 10 EFF Deeplinks
Speaking Freely: Yazan Badran
FOE Feb 10 Dark Reading
OT Attacks Get Scary With 'Living-off-the-Plant' Techniques
FOE Feb 10 The Hacker News
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
FOE Feb 10 The Hacker News
From Ransomware to Residency: Inside the Rise of the Digital Parasite
FRIEND Feb 10 The Register (Security)
Singapore spent 11 months booting China-linked snoops out of telco networks
FOE Feb 10 The Hacker News
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
FOE Feb 10 Schneier on Security
AI-Generated Text and the Detection Arms Race
FOE Feb 10 CISA Alerts
​​Barriers to Secure OT Communication: Why Johnny Can’t Authenticate​
FOE Feb 10 CISA Alerts
CISA Adds Six Known Exploited Vulnerabilities to Catalog
FOE Feb 10 CISA Alerts
Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps
FOE Feb 10 CISA Alerts
ZOLL ePCR IOS Mobile Application
FOE Feb 10 CISA Alerts
AVEVA PI Data Archive
FOE Feb 10 CISA Alerts
AVEVA PI to CONNECT Agent
FOE Feb 10 CISA Alerts
ZLAN Information Technology Co. ZLAN5143D
FOE Feb 10 CISA Alerts
Yokogawa FAST/TOOLS
FRIEND Feb 10 The Hacker News
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
FOE Feb 10 The Register (Security)
Nearly 17,000 Volvo staff dinged in supplier breach
FOE Feb 10 The Hacker News
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
FOE Feb 10 The Register (Security)
British Army splashes $86M on AI gear to speed up the battlefield kill chain
FOE Feb 10 Sophos News
Malicious use of virtual machine infrastructure
FOE Feb 10 The Hacker News
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
FRIEND Feb 10 Sophos News
From Security Operations to Security Leadership: Sophos CISO Advantage
FRIEND Feb 10 Sophos News
Sophos Workspace Protection Enables Safe GenAI Adoption
FRIEND Feb 10 Sophos News
Sophos AI Agents: Accelerating MDR and Powering the Agentic SOC
FOE Feb 10 Sophos News
Threat Intelligence Executive Report – Volume 2025, Number 6
FRIEND Feb 09 Dark Reading
TransUnion's Real Networks Deal Focuses on Robocall Blocking
FOE Feb 09 EFF Deeplinks
EFFecting Change: Get the Flock Out of Our City
FRIEND Feb 09 EFF Deeplinks
EFFecting Change: Get the Flock Out of Our City
FRIEND Feb 09 EFF Deeplinks
The Internet Still Works: Yelp Protects Consumer Reviews
FRIEND Feb 09 EFF Deeplinks
The Internet Still Works: Yelp Protects Consumer Reviews
FOE Feb 09 Dark Reading
Warlock Gang Breaches SmarterTools Via SmarterMail Bugs
FOE Feb 09 The Register (Security)
Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how
FRIEND Feb 09 EFF Deeplinks
The Internet Still Works: Wikipedia Defends Its Editors
FOE Feb 09 Dark Reading
TeamPCP Turns Cloud Infrastructure Into Crime Bots
FOE Feb 09 Dark Reading
'Reynolds' Bundles BYOVD With Ransomware Payload
FRIEND Feb 09 EFF Deeplinks
On Its 30th Birthday, Section 230 Remains The Lynchpin For Users’ Speech
FRIEND Feb 09 EFF Deeplinks
RIP Dave Farber, EFF Board Member and Friend
FRIEND Feb 09 EFF Deeplinks
RIP Dave Farber, EFF Board Member and Friend
FOE Feb 09 The Register (Security)
More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster
FOE Feb 09 Dark Reading
What Organizations Need to Change When Managing Printers
FOE Feb 09 The Hacker News
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
FRIEND Feb 09 EFF Deeplinks
Op-ed: Weakening Section 230 Would Chill Online Speech
FOE Feb 09 The Register (Security)
Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks
FOE Feb 09 The Hacker News
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
FRIEND Feb 09 The Register (Security)
Taiwan tells Uncle Sam its chip ecosystem ain't going anywhere
FOE Feb 09 The Hacker News
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
FOE Feb 09 The Register (Security)
How the GNU C Compiler became the Clippy of cryptography
FOE Feb 09 Schneier on Security
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days
FRIEND Feb 09 The Register (Security)
Follow the money: Switzerland remains Europe's top destination for tech pay
FRIEND Feb 09 The Hacker News
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
FOE Feb 09 The Hacker News
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
FOE Feb 09 The Register (Security)
European Commission probes intrusion into staff mobile management backend
FOE Feb 09 The Hacker News
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
FOE Feb 09 The Hacker News
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
FRIEND Feb 09 The Register (Security)
Indian police commissioner wants ID cards for AI agents
FOE Feb 09 Risky Business News
Risky Bulletin: SmarterTools hacked via its own product
FOE Feb 08 The Register (Security)
Telcos aren't saying how they fought back against China's Salt Typhoon attacks
FRIEND Feb 08 The Hacker News
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
FRIEND Feb 07 The Register (Security)
Study confirms experience beats youthful enthusiasm
FOE Feb 07 The Hacker News
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
FOE Feb 06 Ars Technica (Security)
Malicious packages for dYdX cryptocurrency exchange empties user wallets
FRIEND Feb 06 Schneier on Security
Friday Squid Blogging: Squid Fishing Tips
FRIEND Feb 06 EPIC
South Carolina Becomes Fifth State to Enact an Age-Appropriate Design Code
FOE Feb 06 The Register (Security)
Flickr emails users about data breach, pins it on third party
FOE Feb 06 The Register (Security)
DDoS deluge: Brit biz battered as botnet blitzes break records
FRIEND Feb 06 Dark Reading
'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption
FOE Feb 06 Dark Reading
Shai-hulud: The Hidden Costs of Supply Chain Attacks
FOE Feb 06 Dark Reading
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult
FOE Feb 06 The Hacker News
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
FRIEND Feb 06 The Register (Security)
Ad blocking is alive and well, despite Chrome's attempts to make it harder
FOE Feb 06 Risky Business News
Risky Bulletin: Denmark recruits hackers for offensive cyber operations
FOE Feb 05 The Register (Security)
OpenClaw reveals meaty personal information after simple cracks
FRIEND Feb 05 EFF Deeplinks
Yes to the “ICE Out of Our Faces Act”
FRIEND Feb 05 EFF Deeplinks
Yes to the “ICE Out of Our Faces Act”
FOE Feb 05 Dark Reading
EnCase Driver Weaponized as EDR Killers Persist
FOE Feb 05 Dark Reading
Agentic AI Site 'Moltbook' Is Riddled With Security Risks
FRIEND Feb 05 Dark Reading
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
FOE Feb 05 The Register (Security)
Substack says intruder lifted emails, phone numbers in months-old breach
FRIEND Feb 05 EPIC
PRESS RELEASE: EPIC Publishes Model Bill to Protect Minors from Online Harms and Promote Safer Platform Design
FRIEND Feb 05 PortSwigger Research
Top 10 web hacking techniques of 2025
FRIEND Feb 05 Dark Reading
Cyber Success Trifecta: Education, Certifications & Experience
FOE Feb 05 CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE Feb 05 CISA Alerts
Hitachi Energy FOX61x
FOE Feb 05 CISA Alerts
o6 Automation GmbH Open62541
FOE Feb 05 CISA Alerts
Hitachi Energy XMC20
FOE Feb 05 CISA Alerts
Ilevia EVE X1 Server
FOE Feb 05 Dark Reading
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis
FRIEND Feb 05 Risky Business News
Srsly Risky Biz: Google's Cyber Disruption Unit Kicks Its First Goal
FRIEND Feb 05 EFF Deeplinks
Protecting Our Right to Sue Federal Agents Who Violate the Constitution
FOE Feb 04 Ars Technica (Security)
Microsoft releases urgent Office patch. Russian-state hackers pounce.
FRIEND Feb 04 EFF Deeplinks
Smart AI Policy Means Examining Its Real Harms and Benefits
NEUTRAL Feb 04 EFF Deeplinks
Smart AI Policy Means Examining Its Real Harms and Benefits
FOE Feb 04 Dark Reading
Ransomware Gang Goes Full 'Godfather' With Cartel
FOE Feb 04 Dark Reading
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
FOE Feb 04 Dark Reading
Attackers Use Windows Screensavers to Drop Malware, RMM Tools
FRIEND Feb 04 Privacy International
Card game about technology, data, and elections [ES]
FRIEND Feb 04 Black Hills Information Security
When the SOC Goes to Deadwood: A Night to Remember
FRIEND Feb 04 Dark Reading
Extra Extra! Announcing DR Global Latin America
FOE Feb 04 Dark Reading
Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations
FOE Feb 04 Dark Reading
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil
FOE Feb 04 Risky Business News
Risky Bulletin: Plone CMS stops supply-chain attack
FOE Feb 04 Recorded Future Blog
Rublevka Team: Anatomy of a Russian Crypto Drainer Operation
FOE Feb 04 Sophos News
Malicious use of virtual machine infrastructure
FOE Feb 03 Dark Reading
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
FOE Feb 03 Dark Reading
GlassWorm Malware Returns to Shatter Developer Ecosystems
FOE Feb 03 Dark Reading
AI May Supplant Pen Testers, But Oversight & Trust Are Not There Yet
FRIEND Feb 03 EPIC
Virginia Senate Passes Bill Banning Sale of Precise Location Data
FOE Feb 03 Ars Technica (Security)
The rise of Moltbook suggests viral AI prompts may be the next big security threat
FOE Feb 02 EPIC
The Minnesota Star Tribune: Why the Trump administration keeps asking for Minnesota’s welfare data
FRIEND Feb 02 EPIC
Inside AI Policy: Washington state lawmakers to consider controversial automated decision-making bill
FOE Feb 02 Ars Technica (Security)
Notepad++ users take note: It's time to check if you're hacked
FOE Feb 02 Krebs on Security
Please Don’t Feed the Scattered Lapsus ShinyHunters
FOE Feb 02 Risky Business News
Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal"
FRIEND Feb 01 Recorded Future Blog
Autonomous Threat Operations in action: Real results from Recorded Future’s own SOC team | Recorded Future
About Methodology Fair Use Privacy Contact RSS

Scanning the threat landscape.