News•Feb 17, 2026
How to Transform Your SOC Through XDR and MDR
In a recent Palo Alto Networks webcast, experts highlighted that modern attackers compress breach timelines to under an hour, overwhelming traditional SOC processes. They argued that XDR platforms like Cortex XDR solve the data‑silo problem by unifying telemetry across endpoints, cloud, network and identity, dramatically reducing alert noise. MDR services then layer expert threat‑hunting and rapid containment on top of XDR, ensuring human judgment where automation falls short. Palo Alto’s new Managed XSIAM offering extends this model into a fully managed SOC, handling detection engineering, automation and ongoing optimization.
By SC Media
News•Feb 17, 2026
Flaws in Popular VSCode Extensions Expose Developers to Attacks
Security researchers at Ox Security uncovered critical and high‑severity vulnerabilities in four widely used Visual Studio Code extensions, collectively downloaded over 128 million times. The flaws—affecting Code Runner, Markdown Preview Enhanced, Live Server, and Microsoft Live Preview—allow attackers to execute remote...
By BleepingComputer
News•Feb 17, 2026
OpenClaw Flaw Enables AI Log Poisoning Risk
A log‑poisoning flaw was discovered in OpenClaw’s gateway server, affecting versions up to 2026.2.12. The vulnerability arises from unsanitized WebSocket headers—such as Origin and User‑Agent—being written directly to structured logs when a handshake is aborted. An unauthenticated attacker could inject...
By eSecurity Planet
News•Feb 17, 2026
Cyber Attacks Enabled by Basic Failings, Palo Alto Analysis Finds
Palo Alto Networks’ 2026 Global Incident Response Report shows cyber‑attack timelines have collapsed, with the fastest breaches moving from initial access to data exfiltration in just 72 minutes, down from nearly five hours in 2024. The acceleration is largely driven...
By CSO Online
News•Feb 17, 2026
CVE-2026-25903 Impacts Apache NiFi Users
A new vulnerability, CVE‑2026‑25903, affects Apache NiFi versions 1.1.0 through 2.7.2 and was patched in 2.8.0. The flaw allows users with limited privileges to modify the configuration of already‑deployed restricted components, bypassing the platform’s authorization checks. While it does not...
By eSecurity Planet
News•Feb 17, 2026
HCP Packer Adds SBOM Vulnerability Scanning
HashiCorp announced that HCP Packer now offers SBOM vulnerability scanning in public beta, while its package‑visibility feature has moved to general availability. The new scanning capability cross‑references each artifact’s software bill of materials against the MITRE CVE database and flags...
By HashiCorp Blog
News•Feb 17, 2026
Quesma Releases BinaryAudit
Quesma unveiled BinaryAudit, an independent benchmark that measures how well artificial‑intelligence models can spot hidden threats in software binaries. The tool aims to shift binary analysis from a reactive, post‑breach activity to a proactive safeguard applied before deployment, during updates,...
By DEVOPSdigest
News•Feb 17, 2026
The 2026 Security 100
AI has become the baseline for security vendors in 2026, with advanced generative AI and agentic features now considered essential rather than differentiators. Leaders like MicroAge note that clients increasingly expect AI‑enhanced upgrades across their security stacks. As large language...
By CRN (US)
News•Feb 17, 2026
Aware Points to Independent PAD and Bias Testing as Remote ID Pressure Mounts
Aware announced that its biometric platform has earned independent validation for presentation‑attack detection (PAD) at ISO/IEC 30107‑3 Levels 1‑3, completed bias testing under ISO/IEC 19795‑10, and participated in the U.S. Department of Homeland Security’s 2025 Remote Identity Validation Rally. The company ties these...
By Mobile ID World
News•Feb 17, 2026
WSO2 Joins MOSIP and IIIT-Bangalore to Refresh eSignet Authentication for National IDs
WSO2 has partnered with IIIT‑Bangalore and the MOSIP project to overhaul eSignet, the open‑source authentication layer used in national digital ID systems. The effort focuses on boosting scalability, OpenID Connect‑style flows, and offline QR support for low‑connectivity environments. By integrating...
By Mobile ID World
News•Feb 17, 2026
Energy Department ‘Center of Excellence’ Delves Into OT Cybersecurity
The U.S. Department of Energy has established a Center of Excellence to tackle operational technology (OT) cybersecurity across its labs and agencies. Sponsored by the Office of Science and the National Nuclear Security Administration, the effort unites cyber experts to...
By Federal News Network
News•Feb 17, 2026
Bluefin and Basis Theory Offer Unified Token Strategy Across Digital and In-Person Payments
Bluefin and Basis Theory have formed a strategic partnership to deliver a unified token strategy that bridges digital and in‑person payment channels. By integrating Bluefin’s PointConex platform with Basis Theory’s API‑driven tokenization and vaulting, merchants can capture, tokenize, and reuse...
By Finovate
News•Feb 17, 2026
CAN Networks Can Meet EU CRA Requirements, but Security Levels Matter
The CAN in Automation (CiA) group warns that all CAN‑based products sold in the EU now fall under the European Union Cyber Resilience Act (EU CRA) unless covered by sector‑specific rules. Compliance hinges on achieving the appropriate IEC 62443 security level (SL),...
By Control Design
News•Feb 17, 2026
UL Solutions Develops New Certification Program for Solar Inverter Cybersecurity
UL Solutions has introduced a new certification program that establishes the first industry‑wide cybersecurity baseline for distributed energy resources (DER) and inverter‑based devices. The program follows UL 2941, a standard covering access management, cryptography, and data handling, and complements the existing...
By Solar Power World
News•Feb 17, 2026
What 5 Million Apps Revealed About Secrets in JavaScript
Intruder scanned five million JavaScript bundles and uncovered more than 42,000 exposed secrets, including active GitHub, GitLab, and SaaS API tokens. The research revealed 688 repository tokens that granted full access to private code and CI/CD pipelines. Traditional static and...
By BleepingComputer
News•Feb 17, 2026
Palo Alto Networks To Acquire ‘Agentic Endpoint’ Security Startup Koi
Palo Alto Networks announced it will acquire AI‑agent security startup Koi, a move aimed at strengthening visibility and protection for AI‑driven workloads on endpoint devices. While the purchase price was not disclosed, a prior report suggested a $400 million valuation. Koi’s...
By CRN (US)
News•Feb 17, 2026
New Keenadu Backdoor Found in Android Firmware, Google Play Apps
Kaspersky has uncovered a sophisticated Android backdoor named Keenadu, embedded in firmware of multiple device brands and distributed through compromised OTA updates, system apps, and even Google Play applications. The malware can infiltrate every installed app, grant attackers unrestricted control,...
By BleepingComputer
News•Feb 17, 2026
Cybersecurity Excellence Awards Reveal Nomination Shift From AI Hype to Governance Execution
Cybersecurity Insiders' 2026 Excellence Awards reveal a notable shift in vendor nominations from AI hype toward concrete governance, identity, and data security solutions. While agentic AI categories are growing rapidly, nominations now emphasize oversight mechanisms, ISO‑42001‑aligned frameworks, and human‑in‑the‑loop controls....
By HackRead
News•Feb 17, 2026
API Threats Grow in Scale as AI Expands the Blast Radius
API vulnerabilities accounted for 17% of the 60,000+ flaws disclosed in 2025, and 43% of exploited weaknesses were API‑related, underscoring a growing attack surface. Wallarm’s report highlights a dramatic 270% rise in Model Context Protocol (MCP) flaws between Q2 and...
By SecurityWeek
News•Feb 17, 2026
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Teleport’s 2026 State of AI in Enterprise Infrastructure Security report reveals that AI workloads with excessive access rights suffer a 4.5‑times higher incident rate than those governed by least‑privilege controls. Seventy percent of surveyed security leaders say AI systems enjoy...
By Infosecurity Magazine
News•Feb 17, 2026
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Researchers have uncovered a new SmartLoader campaign that distributes a trojanized Oura Health Model Context Protocol (MCP) server to install the StealC infostealer. The malicious server is hosted in fabricated GitHub repositories and submitted to the MCP Market registry, exploiting...
By The Hacker News
News•Feb 17, 2026
Checkmarx Enhances IDE-Native Agentic Application Security in Kiro
Checkmarx announced that its AI‑driven Developer Assist tool is now embedded directly within the AWS Kiro integrated development environment. The integration scans source code and dependencies in real time, surfacing security findings inside the IDE and synchronizing them with the...
By SD Times
News•Feb 17, 2026
Poland Arrests Suspect Linked to Phobos Ransomware Operation
Polish authorities detained a 47‑year‑old man suspected of collaborating with the Phobos ransomware group during a joint operation in the Małopolska region. The arrest, part of Europol‑coordinated Operation Aether, yielded computers and phones loaded with stolen credentials, credit‑card data, and server‑access...
By BleepingComputer
News•Feb 17, 2026
How to Securely Edit and Redact Sensitive PDFs: A Cybersecurity Guide
PDFs remain the go‑to format for confidential data, yet hidden metadata, annotations, and embedded objects often leak information despite password protection. In 2023, over 400 breach incidents were traced to incomplete redactions or metadata exposure. The guide outlines a six‑step...
By HackRead
News•Feb 17, 2026
Cloud On Demand & StorVault Announce Partnership to Strengthen Local Data Protection
Cloud On Demand and South African backup specialist StorVault have announced a partnership that combines scalable cloud delivery with locally‑grounded, immutable data protection. The joint offering targets ransomware, hardware failures and endpoint vulnerabilities that threaten hybrid workforces, while delivering point‑in‑time...
By IT News Africa
News•Feb 17, 2026
3 Threat Groups Started Targeting ICS/OT in 2025: Dragos
Dragos’ 2026 Year in Review OT/ICS report adds three new adversaries—Sylvanite, Azurite and Pyroxene—targeting industrial control systems in 2025. Sylvanite acts as a rapid‑exploitation broker, weaponising n‑day flaws within 48 hours and handing access to the Voltzite group across power, oil,...
By SecurityWeek
News•Feb 17, 2026
Magnet Virtual Summit 2026 Kicks Off February 23!
The Magnet Virtual Summit 2026 runs February 23‑26, featuring over 50 leading experts who will discuss AI, mobile forensics, cloud investigations, deepfakes, eDiscovery, and incident response. The event spotlights the new Magnet One platform, promising faster, AI‑enhanced case building, and...
By Forensic Focus
News•Feb 17, 2026
Citizen Lab Links Cellebrite to the Hacking of a Kenyan Presidential Candidate’s Phone
Citizen Lab’s forensic analysis uncovered Cellebrite’s phone‑cracking software on Kenyan activist Boniface Mwangi’s device, indicating that state authorities used the tool after his arrest. The evidence shows the phone was unlocked without a password, exposing personal photos, messages, and his...
By CyberScoop
News•Feb 17, 2026
Unit 42: Nearly Two-Thirds of Breaches Now Start with Identity Abuse
Unit 42’s annual incident‑response report reveals identity abuse now initiates roughly two‑thirds of network intrusions, with social engineering responsible for one‑third of the 750 incidents examined. Compromised credentials, brute‑force attacks and permissive identity policies further fuel the trend, while identity‑related...
By CyberScoop
News•Feb 17, 2026
The Copilot Problem: Why Internal AI Assistants Are Becoming Accidental Data Breach Engines
Internal AI copilots are being deployed across enterprises as search and decision‑aid layers, inheriting every permission granted to users. Their ability to index, retrieve, and combine data from email, file shares, and SaaS tools exposes vast amounts of previously hidden...
By Security Magazine (Cybersecurity)
News•Feb 17, 2026
Harnessing AI to Secure the Future of Identity
Artificial intelligence is reshaping identity management, with machine and AI agents now surpassing human users in many environments. This surge creates a broader attack surface, as each automated identity demands governance yet often appears outside IT‑approved systems. Channel partners are...
By ITPro
News•Feb 17, 2026
India’s Cybersecurity Cost Equation
India’s enterprises are boosting cybersecurity spend as multi‑cloud, API‑led ecosystems expand, yet Security Operations Centre (SOC) capacity lags behind. The average data‑breach cost has climbed to ₹22 crore (≈US$2.6 million), highlighting the financial stakes. Tool proliferation generates more alerts, but analyst throughput...
By TechRepublic – Articles
News•Feb 17, 2026
Netrio Named to CRN’s MSP 500 List For 2026
Netrio has been named to CRN’s 2026 Managed Service Provider (MSP) 500 list in the Elite 150 category, highlighting its role as a leading AI‑driven managed IT and cybersecurity provider for mid‑market enterprises. The Elite 150 spot recognizes Netrio’s end‑to‑end...
By AI-TechPark
News•Feb 17, 2026
Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat
A malicious fork of the legitimate Triton macOS client was posted on GitHub, masquerading as an official release while embedding a Windows‑only malware payload. The attacker, operating under the account “JaoAureliano,” used a deceptive README and raw asset links to...
By GBHackers On Security
News•Feb 17, 2026
How to Choose a Password Manager for Your Business
Choosing a password manager is now a strategic security decision, not just a convenience tool. While consumer‑focused apps handle basic storage, enterprise‑grade solutions add centralized provisioning, role‑based access, and detailed audit trails. Decision‑makers must evaluate encryption models, zero‑knowledge architecture, MFA...
By TechRepublic – Articles
News•Feb 17, 2026
DSS Files Charges Against El-Rufai Over Alleged NSA Phone Interception
The Department of State Services has filed a three‑count criminal charge against former Kaduna governor Nasir El‑Rufai for allegedly intercepting the telephone communications of National Security Adviser Nuhu Ribadu. Prosecutors say El‑Rufai admitted the illegal interception during a televised interview on 13 February 2026,...
By The Cyber Express
News•Feb 17, 2026
CVE-2026-1357: WordPress Plugin RCE Exposes Sites to Full Takeover
A critical remote code execution flaw, CVE‑2026‑1357, has been discovered in the WPvivid Backup & Migration WordPress plugin, affecting over 900,000 active sites. The vulnerability lets unauthenticated attackers upload and run arbitrary PHP files via the plugin’s backup‑receive endpoint, granting...
By Security Boulevard
News•Feb 17, 2026
How SSO Simplifies Identity Management for Deskless and Frontline Workforces
Frontline and deskless workers comprise roughly 80% of the global labor force, yet traditional identity systems struggle with shared devices, shift changes, and high turnover. Single Sign‑On (SSO) consolidates credentials, cutting password‑reset tickets and speeding up access at shift handovers....
By Security Boulevard
News•Feb 17, 2026
REMnux V8 Brings AI Integration to the Linux Malware Analysis Toolkit
REMnux released version 8, rebuilt on Ubuntu 24.04 LTS, and introduces a new Cast‑based installer that handles fresh deployments, upgrades, and container installs. The highlight is the REMnux MCP server, which implements the Model Context Protocol to connect AI agents with the...
By Help Net Security
News•Feb 17, 2026
How Red Teaming Reduces Breach Risk?
Red Teaming, also known as adversary simulation, pits authorized security experts against an organization’s defenses to expose real‑world attack gaps. By mimicking the full cyber kill chain—from OSINT‑driven reconnaissance to covert data exfiltration—teams reveal weaknesses that traditional scans miss. The...
By Security Boulevard
News•Feb 17, 2026
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X‑labs uncovered a new phishing campaign that spoofs the US Social Security Administration to deliver a malicious .cmd script. The script auto‑elevates, disables Windows SmartScreen and Mark‑of‑Web, and leverages Alternate Data Streams to hide before silently installing a compromised...
By HackRead
News•Feb 17, 2026
Montana Hospital Restores Phones as Cyber-Related Network Disruptions Persist
Livingston HealthCare in Montana announced that its phone system has been fully restored after a recent cybersecurity incident forced the hospital to shut down communications and other network services. The disruption, first reported on Feb. 13, stemmed from a potential...
By DataBreaches.net
News•Feb 17, 2026
FOI Is Arming Cyberattackers – Here Is How to Fix It
Freedom of Information (FOI) requests on cybersecurity governance are exposing a stark inconsistency in public‑sector disclosures. Large NHS trusts and other big bodies tend to refuse or invoke national‑security exemptions, while smaller organisations often provide granular details. This uneven approach...
By PublicTechnology.net (UK)
News•Feb 17, 2026
Introducing Red Hat Build of Podman Desktop: Enterprise-Ready Local Container Development Environments
Red Hat has announced the general availability of its own build of Podman Desktop, delivering an enterprise‑grade, secure‑by‑design local container development environment. The offering bridges the long‑standing gap between developers’ laptops and hardened OpenShift clusters, leveraging the same trusted RHEL components....
By Red Hat – DevOps (Category)
News•Feb 16, 2026
Marietta Also Affected by BridgePay Ransomware Attack.
The BridgePay Network Solutions ransomware attack disrupted the City of Marietta’s online credit‑card processing, halting business‑license payments on February 6, 2026. BridgePay’s forensic review found no payment‑card data was compromised, and the ransomware group remains unidentified. The city is deploying a temporary,...
By DataBreaches.net
News•Feb 16, 2026
The Rise of Credential Stuffing Attacks
Credential stuffing attacks are surging as attackers exploit reused passwords harvested from past breaches. The technique is cheap, highly automated, and blends into normal traffic, making detection difficult. Small‑to‑mid‑size businesses, SaaS platforms, and customer‑facing portals are prime targets because they...
By TechRepublic – Articles
News•Feb 16, 2026
Washington Hotel in Japan Discloses Ransomware Infection Incident
Washington Hotel, a Japanese hospitality chain with 30 properties and 11,000 rooms, disclosed a ransomware breach on February 13, 2026 that compromised business data on its servers. The hotel immediately isolated the affected systems, formed an internal task force and enlisted police,...
By BleepingComputer
News•Feb 16, 2026
MCP Leaves Much to Be Desired when It Comes to Data Privacy and Security
The Model Context Protocol (MCP) was introduced as a universal interface that lets AI agents tap into enterprise data and services. In practice, the protocol has become a lightning rod for privacy breaches: a rogue MCP server harvested WhatsApp chats...
By SD Times
News•Feb 16, 2026
Eurail Says Stolen Traveler Data Now up for Sale on Dark Web
Eurail B.V., the Dutch operator of European rail passes, confirmed that data stolen in a breach earlier this year is now being offered for sale on the dark web. A threat actor also posted a sample of the compromised records...
By BleepingComputer
News•Feb 16, 2026
Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware
A new social‑engineering campaign uses a fake Cloudflare‑style CAPTCHA to trick Windows users into pasting a malicious PowerShell command. The clipboard‑to‑run technique launches the fileless StealC malware, which injects reflective shellcode into svchost.exe and exfiltrates browser credentials, cryptocurrency wallets, Outlook...
By TechRepublic – Articles