Collaborate Disseminate
Veteran security engineer Niels Provos is working on a new technical approach designed to stop autonomous AI agents from taking actions you haven’t specifically authorized. His open-source software solution, called IronCurtain, aims to neutralize the r… Continue reading IronCurtain: An open-source, safeguard layer for autonomous AI assistants
The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected… Continue reading Scattered Lapsus$ Hunters seeks women for vishing attacks
A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported… Continue reading Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)
Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victi… Continue reading Fake Zoom meeting leads to silent install of surveillance software
SolarWinds has fixed four critical vulnerabilities in its popular Serv-U file transfer solution, which is used by businesses and organizations of all sizes. If exploited, the flaws may allow attackers to create a system admin user and/or execute code a… Continue reading SolarWinds Serv-U hit by four critical RCE-level vulnerabilities
CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has rec… Continue reading CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108)
Security researchers have uncovered another supply chain attack targeting developers: 19 typosquatting npm packages published on npmjs.com that steal credentials, infect projects, and propagate themselves across developer environments. The operation, d… Continue reading Self-spreading npm malware targets developers in new supply chain attack
A new malware delivery campaign has hit ClawHub, the official online repository for “skills” that augment the capabilities of the popular OpenClaw AI agent. Unlike previous ones, this campaign does not aim to trick users into downloading a … Continue reading Fake troubleshooting tip on ClawHub leads to infostealer infection
Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on February 15, 2026. What happened? Tokyo-based Advantest is a leading manufactur… Continue reading Japanese chip-testing toolmaker Advantest suffers ransomware attack
A RAT masquerading as legitimate remote monitoring and management (RMM) software is being sold to cybercriminals as a service, Proofpoint researchers recently discovered. The fake RMM tool, called TrustConnect, was being marketed via an LLM-created web… Continue reading Criminals create business website to sell RAT disguised as RMM tool