Port 22

~ 27 Feb 2026 ~

Suspected Nork digital intruders caught breaking into US healthcare, education orgs

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

Ransomware payments cratered in 2025, but attacks surged to record highs

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

French DIY etailer ManoMano admits customer data stolen

Cops back Dutch telco Odido after second wave of ShinyHunters leaks

Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams

Why Tehrans Two-Tiered Internet Is So Dangerous

Phishing Attacks Against People Seeking Programming Jobs

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

~ 26 Feb 2026 ~

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

This AI Agent Is Designed to Not Go Rogue

UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor

ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories

Expert Recommends: Prepare for PQC Right Now

Threat modeling AI applications

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Rapid AI-driven development makes security unattainable, warns Veracode

Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering

LLMs Generate Predictable Passwords

Yokogawa CENTUM VP R6, R7

SWITCH EV swtchenergy.com

Pelco, Inc. Sarix Pro 3 Series IP Cameras

Mobility46 mobility46.se

Johnson Controls, Inc. Frick Controls Quantum HD

EV2GO ev2go.io

EV Energy ev.energy

Copeland XWEB and XWEB Pro

CloudCharge cloudcharge.se

Chargemap chargemap.com

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover

Claude collaboration tools left the door wide open to remote code execution

~ 25 Feb 2026 ~

Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Google catches Beijing spies using Sheets to spread espionage across 4 continents

SLH Offers $500$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Manual Processes Are Putting National Security at Risk

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

Ex-L3Harris exec jailed 7 years for selling exploits to Russia

Wynn Resorts takes attacker's word for it that stolen staff data was deleted

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

Poisoning AI Training Data

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

OpenAI says Chinese cops used ChatGPT to plan and track smear ops against opponents

How Mexico's CJNG Drug Cartel Embraced AI, Drones, and Social Media

Threat intelligence supply chain is full of weak links, researchers find

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

~ 24 Feb 2026 ~

Heres What a Google Subpoena Response Looks Like, Courtesy of the Epstein Files

AI has gotten good at finding bugs, not so good at swatting them

Patch these 4 critical, make-me-root SolarWinds bugs ASAP

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware

Developer-targeting campaign using malicious Next.js repositories

Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Go library maintainer brands GitHub's Dependabot a 'noise machine'

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

UK data watchdog fines Reddit 14.47M for letting kids slip past the gate

Scaling security operations with Microsoft Defender autonomous defense and expert-led services

Is AI Good for Democracy?

Schneider Electric EcoStruxure Building Operation Workstation

InSAT MasterSCADA BUK-TS

Gardyn Home Kit

Korean cops charge teens over bike hire breach that exposed data on 4.62M riders

Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

UK tech hit by double trouble: Fewer foreign techies amid skills squeeze

Euro allies aiming to rapidly build low-cost air defense weapons

APT28 Targeted European Entities Using Webhook-Based Macro Malware

~ 23 Feb 2026 ~

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Infosec community panics as Anthropic rolls out Claude code security checker

Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

How Exposed Endpoints Increase Risk Across LLM Infrastructure

Global regulators say AI image tools don't get a free pass on privacy rules

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Break free of Ring's servers, earn a five-figure bounty

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

Suspected Anonymous members detained in Spain over post-flood DDoS blitz

On the Security of Password Managers

AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign

Faking it on the phone: How to tell if a voice call is AI or not

Every day in every way, passwords are getting worse and worse

~ 22 Feb 2026 ~

Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records

UK council faces data breach claim after mishandling trans complaints

~ 21 Feb 2026 ~

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

Password Managers Share a Hidden Weakness

Narco-Submarine Carrying 4 Tons of Cocaine Captured by Mexico's Navy

EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

~ 20 Feb 2026 ~

PayPal app code error leaked personal info and a 'few' unauthorized transactions

Friday Squid Blogging: Squid Cartoon

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

AI coding assistant Cline compromised to create more OpenClaw chaos

DHS Wants a Single Search Engine to Flag Faces and Fingerprints Across Agencies

Starkiller Phishing Service Proxies Real Login Pages, MFA