Technology

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That’s according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026. “No exploitation of FortiGate

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries Read More »

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months. “On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems Read More »

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and  The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration Read More »

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea’s fraudulent information technology (IT) worker scheme. In November 2025, Oleksandr “Alexander” Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case Read More »

Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk.  For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are

Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026 Read More »

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). “The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stage

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware Read More »

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots,

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Read More »

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same time. Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories Read More »

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud. The high-severity vulnerability, tracked as CVE-2026-26119,

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center Read More »

INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown

An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure

INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown Read More »

Scroll to Top