News•Feb 17, 2026
REMnux V8 Brings AI Integration to the Linux Malware Analysis Toolkit
REMnux released version 8, rebuilt on Ubuntu 24.04 LTS, and introduces a new Cast‑based installer that handles fresh deployments, upgrades, and container installs. The highlight is the REMnux MCP server, which implements the Model Context Protocol to connect AI agents with the distribution’s 200+ malware‑analysis tools. Updated utilities include a Rust‑based YARA‑X engine and expanded file‑format analysis tools. The release aims to blend human expertise, AI execution, and domain‑specific guidance into a four‑part analysis workflow.
By Help Net Security
News•Feb 17, 2026
How Red Teaming Reduces Breach Risk?
Red Teaming, also known as adversary simulation, pits authorized security experts against an organization’s defenses to expose real‑world attack gaps. By mimicking the full cyber kill chain—from OSINT‑driven reconnaissance to covert data exfiltration—teams reveal weaknesses that traditional scans miss. The...
By Security Boulevard
News•Feb 17, 2026
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X‑labs uncovered a new phishing campaign that spoofs the US Social Security Administration to deliver a malicious .cmd script. The script auto‑elevates, disables Windows SmartScreen and Mark‑of‑Web, and leverages Alternate Data Streams to hide before silently installing a compromised...
By HackRead
News•Feb 17, 2026
Montana Hospital Restores Phones as Cyber-Related Network Disruptions Persist
Livingston HealthCare in Montana announced that its phone system has been fully restored after a recent cybersecurity incident forced the hospital to shut down communications and other network services. The disruption, first reported on Feb. 13, stemmed from a potential...
By DataBreaches.net
News•Feb 17, 2026
FOI Is Arming Cyberattackers – Here Is How to Fix It
Freedom of Information (FOI) requests on cybersecurity governance are exposing a stark inconsistency in public‑sector disclosures. Large NHS trusts and other big bodies tend to refuse or invoke national‑security exemptions, while smaller organisations often provide granular details. This uneven approach...
By PublicTechnology.net (UK)
News•Feb 17, 2026
Introducing Red Hat Build of Podman Desktop: Enterprise-Ready Local Container Development Environments
Red Hat has announced the general availability of its own build of Podman Desktop, delivering an enterprise‑grade, secure‑by‑design local container development environment. The offering bridges the long‑standing gap between developers’ laptops and hardened OpenShift clusters, leveraging the same trusted RHEL components....
By Red Hat – DevOps (Category)
News•Feb 16, 2026
Marietta Also Affected by BridgePay Ransomware Attack.
The BridgePay Network Solutions ransomware attack disrupted the City of Marietta’s online credit‑card processing, halting business‑license payments on February 6, 2026. BridgePay’s forensic review found no payment‑card data was compromised, and the ransomware group remains unidentified. The city is deploying a temporary,...
By DataBreaches.net
News•Feb 16, 2026
The Rise of Credential Stuffing Attacks
Credential stuffing attacks are surging as attackers exploit reused passwords harvested from past breaches. The technique is cheap, highly automated, and blends into normal traffic, making detection difficult. Small‑to‑mid‑size businesses, SaaS platforms, and customer‑facing portals are prime targets because they...
By TechRepublic – Articles
News•Feb 16, 2026
Washington Hotel in Japan Discloses Ransomware Infection Incident
Washington Hotel, a Japanese hospitality chain with 30 properties and 11,000 rooms, disclosed a ransomware breach on February 13, 2026 that compromised business data on its servers. The hotel immediately isolated the affected systems, formed an internal task force and enlisted police,...
By BleepingComputer
News•Feb 16, 2026
MCP Leaves Much to Be Desired when It Comes to Data Privacy and Security
The Model Context Protocol (MCP) was introduced as a universal interface that lets AI agents tap into enterprise data and services. In practice, the protocol has become a lightning rod for privacy breaches: a rogue MCP server harvested WhatsApp chats...
By SD Times
News•Feb 16, 2026
Eurail Says Stolen Traveler Data Now up for Sale on Dark Web
Eurail B.V., the Dutch operator of European rail passes, confirmed that data stolen in a breach earlier this year is now being offered for sale on the dark web. A threat actor also posted a sample of the compromised records...
By BleepingComputer
News•Feb 16, 2026
Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware
A new social‑engineering campaign uses a fake Cloudflare‑style CAPTCHA to trick Windows users into pasting a malicious PowerShell command. The clipboard‑to‑run technique launches the fileless StealC malware, which injects reflective shellcode into svchost.exe and exfiltrates browser credentials, cryptocurrency wallets, Outlook...
By TechRepublic – Articles
News•Feb 16, 2026
BeyondTrust RCE Exploited for Domain Control
Attackers are actively exploiting CVE‑2026‑1731, an unauthenticated OS command injection flaw in self‑hosted BeyondTrust Remote Support and Privileged Remote Access appliances. The vulnerability enables remote code execution, allowing threat actors to run commands as SYSTEM, install the SimpleHelp RMM tool,...
By eSecurity Planet
News•Feb 16, 2026
Indian Cyber-Tech Is the Model for European Airports
Indian firms WAISL and GRAMAX have created AeroWise, an AI‑driven airport predictive operation centre that blends digital‑twin technology with embedded cyber‑security. The solution includes miniature physical models of terminals, runways and ancillary systems that can be “war‑gamed” to visualize attack...
By Airport Improvement Magazine
News•Feb 16, 2026
Virtual IT Group Crowns Maurice McCarthy as New CEO
Virtual IT Group has appointed Maurice McCarthy, a former Optus customer‑success director, as its new chief executive officer, succeeding founder Christian Pacheco. McCarthy brings 25 years of telecom leadership and will focus on client outcomes, service reliability, and responsible AI integration. Pacheco transitions...
By ARN (Australia)
News•Feb 16, 2026
Identity Is the New Perimeter for State Government Cybersecurity
State and local governments are shifting from perimeter‑based defenses to an identity‑first security model, as highlighted in the State CIO Top 10 Priorities for 2026. The article argues that who a user—or nonhuman account—is matters more than where they connect,...
By StateTech Magazine
News•Feb 16, 2026
When Is It Time to Upgrade Your Control System?
Control system upgrades are back on plant executives' agendas as new capital budgets roll out for the year. The article highlights three primary risks of aging automation: hardware failure, cybersecurity vulnerabilities, and the erosion of tribal knowledge. It urges decision‑makers...
By Control Design
News•Feb 16, 2026
Infostealer Malware Found Stealing OpenClaw Secrets for First Time
Hudson Rock reported the first in‑the‑wild incident of an infostealer stealing OpenClaw configuration files. The malware, identified as a Vidar variant, exfiltrated files such as openclaw.json, device.json, and soul.md on February 13, 2026, revealing API tokens, private keys, and personal data. These...
By BleepingComputer
News•Feb 16, 2026
Telefónica Tech Promotes Digital Identity Management in the Insurance Sector in Spain
Telefónica Tech is launching a unified digital identity platform for Spain’s insurance sector, enabling secure, self‑sovereign access to digital services. The initiative builds on a 2023 European trial and integrates cloud, IoT, big‑data and blockchain capabilities. Partnering with the insurance...
By Identity Week
News•Feb 16, 2026
The Olympics Are Going Mobile — Your Security Strategy Has to Follow
The Milano Cortina 2026 Winter Olympics will see mobile devices become the primary attack surface, mirroring the digital surge seen at Paris 2024 where billions engaged via apps and streaming. Cybercriminals are already deploying Olympic‑themed phishing, fake ticketing sites, malicious apps and QR‑code...
By Security Magazine (Cybersecurity)
News•Feb 16, 2026
OysterLoader Evolves With New C2 Infrastructure and Obfuscation
OysterLoader, a C++‑based multi‑stage malware loader also known as Broomstick and CleanUp, has been updated through early 2026 with enhanced command‑and‑control infrastructure and obfuscation techniques. The loader now employs a three‑step HTTP/HTTPS handshake, custom Base64 alphabets, and a modified LZMA...
By Infosecurity Magazine
News•Feb 16, 2026
Cubbit Powers Swiss Cantonal-Level Sovereign Cloud for Ailanto
IT integrator Ailanto announced a sovereign cloud service for Swiss organizations built on Cubbit’s DS3 Composer software‑defined object storage. The offering launches with 1 PB of capacity hosted in Swiss‑based data centres and will expand later in 2026. It provides S3‑compatible,...
By Blocks & Files
News•Feb 16, 2026
Vault Radar 2025 Recap: Expanding Visibility, Deepening Integration, and Simplifying Security
HashiCorp's Vault Radar, launched in 2025, expanded its secret‑sprawl detection across developer tools and cloud services, adding integrations for Jira, VS Code, Amazon S3, Slack, and AWS Secrets Manager. The platform introduced real‑time IDE scanning, direct remediation through Vault, webhook alerts,...
By HashiCorp Blog
News•Feb 16, 2026
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
Operation DoppelBrand, attributed to the financially motivated GS7 group, launched a large‑scale phishing campaign against Fortune 500 financial and technology firms between December 2025 and January 2026. The attackers registered over 150 look‑alike domains, used automated SSL certificates and rotating registrars, and cloned...
By Infosecurity Magazine
News•Feb 16, 2026
Passwords to Passkeys: Staying ISO 27001 Compliant in a Passwordless Era
Organizations are rapidly replacing passwords with passkey authentication to curb the 49% of security incidents tied to compromised credentials. Passkeys, built on FIDO2 and WebAuthn, satisfy AAL2/AAL3 standards and are already deployed in billions of accounts, including Google’s 800 million users....
By BleepingComputer
News•Feb 16, 2026
What Your Bluetooth Devices Reveal
A developer released Bluehood, an open‑source Bluetooth scanner that passively logs nearby devices and visualises their appearance patterns. The tool runs on a Raspberry Pi or laptop and can identify phones, wearables, vehicles and IoT gadgets without ever connecting. Its release...
By Hacker News
News•Feb 16, 2026
Passwork 7.4 Enhances Enterprise Security with Centralized User Vault Restrictions
Passwork has launched version 7.4, adding centralized restrictive settings for User vaults. Administrators can now block adding users, sending passwords, creating links, and shortcuts across all personal vaults. The controls apply automatically to existing and new vaults, tightening data‑leak defenses and...
By Help Net Security
News•Feb 16, 2026
Microsoft Equips CISOs and AI Risk Leaders with a New Security Tool
Microsoft has launched a public‑preview Security Dashboard for AI, consolidating posture and real‑time risk signals from Microsoft Defender, Entra, and Purview into a single interface. The tool inventories AI assets—including models, agents, and third‑party applications—and surfaces AI‑related security risks in...
By Help Net Security
News•Feb 16, 2026
5 Reasons Why Detego Case Manager For DFIR Is Ideal For Investigative Teams
Detego Case Manager for DFIR launches as a purpose‑built platform that consolidates digital and physical evidence, audit trails, and chain‑of‑custody logs in a tamper‑proof environment. It offers a unified dashboard delivering real‑time visibility, customizable Kanban‑style workflows, and role‑based permissions for...
By Forensic Focus
News•Feb 16, 2026
260K+ Chrome Users Duped by Fake AI Browser Extensions
Researchers at LayerX uncovered 30 malicious Chrome extensions masquerading as AI assistants, collectively amassing over 260,000 downloads. These extensions embed attacker‑controlled iframes that capture user prompts, emails, and webpage data, then relay them to remote servers while returning plausible AI...
By Dark Reading
News•Feb 16, 2026
Resecurity Highlights AI-Driven Cybersecurity at AI Everything MEA Egypt 2026
Resecurity, a U.S. cybersecurity firm, showcased its AI‑driven threat detection suite at AI Everything MEA Egypt 2026, an event held under President Abdel‑Fattah El‑Sisi’s patronage and organized by the Ministry of Communications and Information Technology. In partnership with Alkan CIT/Alkan Telecom, the company...
By AI-TechPark
News•Feb 16, 2026
He Tried to Extort the Dutch Police. It Didn’t Work Out Well for Him.
A 40‑year‑old man from Ridderkerk attempted to extort the Dutch police by demanding something in exchange for returning compromised files. Police intercepted the scheme and arrested him on Thursday evening around 7:00 PM. The arrest was reportedly triggered by a procedural...
By DataBreaches.net
News•Feb 16, 2026
CISA Gives Feds 3 Days to Patch Actively Exploited BeyondTrust Flaw
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered all federal agencies to patch the actively exploited BeyondTrust Remote Support vulnerability (CVE‑2026‑1731) within three days. The flaw, an OS command‑injection that enables unauthenticated remote code execution, affects Remote Support 25.3.1...
By BleepingComputer
News•Feb 16, 2026
Leaky Chrome Extensions with 37M Installs Caught Divulging Your Browsing History
Security researcher Q Continuum identified 287 Chrome extensions that secretly transmit users' browsing histories, affecting an estimated 37 million installations worldwide. The extensions span categories such as VPNs, productivity utilities, and shopping add‑ons, and many request broad host permissions that enable...
By CSO Online
News•Feb 16, 2026
Ransomware Gangs Are Using Employee Monitoring Software as a Springboard for Cyber Attacks
Threat actors have weaponized Net Monitor for Employees, a legitimate workforce‑tracking product, as a remote access trojan and paired it with SimpleHelp RMM software to stage ransomware attacks. Huntress identified two separate incidents where the dual‑tool chain was used to...
By ITPro (UK)
News•Feb 16, 2026
Cybersecurity Leader Pete Angstadt Joins DTEX’s Advisory Board
DTEX, a leader in risk‑adaptive security, announced that cybersecurity veteran Pete Angstadt has joined its Advisory Board. Angstadt brings decades of go‑to‑market leadership, having scaled revenue at ForgeRock, Ping Identity, Securiti and Oracle’s cloud security unit. His expertise in identity‑focused...
By AI-TechPark
News•Feb 16, 2026
AuthID Announces Out of the Box
authID (Nasdaq: AUID) unveiled an out‑of‑the‑box biometric security platform that conforms to the Personal Identity Verification (PIV) framework for energy, water, gas and other critical utilities. The solution replaces passwords and physical tokens with live‑face verification, protecting SCADA consoles, privileged...
By AI-TechPark
News•Feb 16, 2026
DVSA Seeks £95K Digital Chief to Steer Test Booking System Out of the Ditch
The UK Driver and Vehicle Standards Agency (DVSA) is recruiting a chief digital and information officer with a £95,000 salary to overhaul its 18‑year‑old practical test booking platform, which has been plagued by bots and resale schemes. A National Audit...
By The Register
News•Feb 16, 2026
ChatGPT Gets New Security Feature to Fight Prompt Injection Attacks
OpenAI has added a Lockdown Mode and Elevated Risk labels to ChatGPT to mitigate prompt‑injection attacks and other security threats. Lockdown Mode restricts tool and network access, allowing admins to create dedicated roles that limit external interactions, initially for Enterprise,...
By Help Net Security
News•Feb 16, 2026
From Findings to Action: How SecurityBridge Is Bringing Trusted AI Into SAP Security
SecurityBridge has launched the AI Companion, the first AI‑powered security assistant built specifically for SAP environments. Leveraging a proprietary, continuously enriched SAP security knowledge base, the tool transforms thousands of technical findings into context‑aware, actionable recommendations delivered via natural‑language interaction....
By ERP News
News•Feb 16, 2026
Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix
Researchers at Moonlock Lab discovered that hackers hijacked verified Google Ads accounts belonging to a children’s charity and a Colombian retailer to promote malicious “ClickFix” links. The ads direct users searching for macOS commands to a counterfeit Claude AI page...
By HackRead
News•Feb 16, 2026
Google Patches First Chrome Zero-Day Exploited in Attacks This Year
Google has issued emergency updates to patch CVE‑2026‑2441, a high‑severity use‑after‑free flaw in Chrome’s CSSFontFeatureValuesMap implementation. The vulnerability, confirmed to be exploited in the wild, can cause crashes, rendering issues, or data corruption. Google back‑ported the fix to stable desktop...
By BleepingComputer
News•Feb 16, 2026
10 Years Later, Bangladesh Bank Cyberheist Still Offers Cyber-Resiliency Lessons
A decade after the Bangladesh Bank heist, the 2016 cyberattack that attempted to steal $951 million via the SWIFT network remains a benchmark for nation‑state hacking. Attackers used spear‑phishing malware to obtain valid SWIFT credentials, executing 35 fraudulent payment orders, of...
By CSO Online
.webp?ssl=1)
News•Feb 16, 2026
LockBit 5.0 Emerges: Cross-Platform Ransomware Now Targeting Windows, Linux, and ESXi Systems
LockBit has released version 5.0, a cross‑platform ransomware that encrypts Windows, Linux and VMware ESXi systems with a single code base. The new variant uses XChaCha20 and Curve25519 encryption, while the Windows build adds sophisticated anti‑forensic tricks such as ETW...
By GBHackers On Security
News•Feb 16, 2026
Apple Privacy Labels Often Don’t Match What Chinese Smart Home Apps Do
A new study of 49 Chinese smart‑home apps on Apple’s App Store reveals systematic gaps in by‑stander privacy and frequent mismatches between privacy policies, user‑interface controls, and App Store privacy labels. All apps require real‑name phone registration and collect a...
By Help Net Security
News•Feb 16, 2026
In GitHub’s Advisory Pipeline, some Advisories Move Faster than Others
A new study of 288,604 GitHub Security Advisories from 2019‑2025 shows that only about 8% (23,563) complete GitHub’s formal review process. Advisories created directly in repositories are reviewed far faster—median under one day—than those imported from the National Vulnerability Database,...
By Help Net Security
News•Feb 16, 2026
Don’t Panic over CISA’s KEV List, Use It Smarter
In a Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains CISA’s Known Exploited Vulnerabilities (KEV) Catalog and clears up common misconceptions. He notes that KEV entries vary in urgency, with some requiring local access and...
By Help Net Security
News•Feb 16, 2026
Lotus Blossom Hackers Breach Official Notepad++ Hosting Infrastructure
Between June and December 2025, the state‑sponsored Lotus Blossom group compromised the shared hosting provider that delivered Notepad++ updates, turning the popular text editor into a covert espionage conduit. By exploiting weaknesses in the older WinGUp updater, attackers redirected update...
By GBHackers On Security
News•Feb 16, 2026
MOS: Open-Source Modular OS for Servers and Homelabs
MOS is an open‑source, modular operating system built on Devuan that targets homelab enthusiasts and small‑scale server operators. It unifies server monitoring, storage pooling, container orchestration, and virtualization behind a browser‑based dashboard and a REST/WebSocket API. The platform leverages mergerfs...
By Help Net Security
News•Feb 16, 2026
Canada Goose Investigating as Hackers Leak 600K Customer Records
Canada Goose disclosed that a 1.67 GB dataset containing over 600,000 customer records was posted by the ShinyHunters extortion group. The leak includes personal identifiers, shipping details, IP addresses and partial payment‑card information, but the company says it found no evidence...
By BleepingComputer