Port 22

~ 16 Feb 2026 ~

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

Canada Goose ruffles feathers over 600K record dump, says leak is old news

Dutch cops arrest man after sending him confidential files by mistake

Safe and Inclusive ESociety: How Lithuania Is Bracing for AIDriven Cyber Fraud

You probably can't trust your password manager if it's compromised

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

Open source registries don't have enough money to implement basic security

Google patches Chrome zero-day as in-the-wild exploits surface

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack Patch Released

The Promptware Kill Chain

The El Paso No-Fly Debacle Is Just the Beginning of a Drone Defense Mess

US appears open to reversing some China tech bans

~ 15 Feb 2026 ~

Infosec exec sold eight zero-day exploit kits to Russia, says DoJ

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

~ 14 Feb 2026 ~

Upcoming Speaking Engagements

Ring Kills Flock Safety Deal After Super Bowl Ad Uproar

Robot Dogs Are on Going on Patrol at the 2026 World Cup in Mexico

~ 13 Feb 2026 ~

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Friday Squid Blogging: Do Squid Dream?

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Attackers finally get around to exploiting critical Microsoft bug from 2024

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

npms Update to Harden Their Supply Chain, and Points to Consider

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Top Dutch telco Odido admits 6.2M customers caught in contact system caper

Enforcing piracy policy earned helpdesk worker death threats

~ 12 Feb 2026 ~

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

30+ Chrome extensions disguised as AI chatbots steal users' API keys, emails, other sensitive data

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Copilot Studio agent security: Top 10 risks you can detect and prevent

Who's the bossware? Ransomware slingers like employee monitoring tools, too

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

Your complete guide to Microsoft experiences at RSAC 2026 Conference

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

Crypto-Funded Human Trafficking Is Exploding

3D Printer Surveillance

Siemens Solid Edge

Siemens Siveillance Video Management Servers

Siemens SINEC OS

Siemens SINEC NMS

Siemens Polarion

Siemens NX

Siemens Desigo CC Product Family and SENTRON Powermanager

Siemens COMOS

Hitachi Energy SuprOS

Airleader Master

Supply chain attacks now fuel a 'self-reinforcing' cybercrime economy

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Feeling brave? Ministry of Defence seeks 300K digital boss to manage 4.6B spend

Naming and shaming: How ransomware groups tighten the screws on victims

Google: China's APT31 used Gemini to plan cyberattacks against US orgs

Microsoft warns that poisoned AI buttons and links may betray your trust

~ 11 Feb 2026 ~

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

ICE Is Crashing the US Court System in Minnesota

Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

Posting AI-generated caricatures on social media is risky, infosec killjoys warn

The strategic SIEM buyers guide: Choosing an AI-ready platform for the agentic era

Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

CBP Signs Clearview AI Deal to Use Face Recognition for Tactical Targeting

Kimwolf Botnet Swamps Anonymity Network I2P

Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

Were telcos tipped off to *that* ancient Telnet bug? Cyber pros say the signs stack up

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Rewiring Democracy Ebook is on Sale

The game is over: when free comes at too high a price. What we know about RenEngine

Payroll pirates are conning help desks to steal workers' identities and redirect paychecks

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

Prompt Injection Via Road Signs

Notepad's new Markdown powers served with a side of remote code execution

Spam and phishing in 2025

Legacy systems blamed as ministers promise no repeat of Afghan breach

~ 10 Feb 2026 ~

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

Microsoft's Valentine's gift to admins: 6 exploited zero-day fixes

Patch Tuesday, February 2026 Edition

Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

From Ransomware to Residency: Inside the Rise of the Digital Parasite

AI agents spill secrets just by previewing malicious links

ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security

80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier

Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

ManipulatingAI memoryforprofit: The rise ofAIRecommendation Poisoning

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

Singapore spent 11 months booting China-linked snoops out of telco networks

AI-Generated Text and the Detection Arms Race

ZLAN Information Technology Co. ZLAN5143D

Yokogawa FAST/TOOLS

AVEVA PI to CONNECT Agent

AVEVA PI Data Archive

Nearly 17,000 Volvo staff dinged in supplier breach

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

British Army splashes $86M on AI gear to speed up the battlefield kill chain

Taxing times: Top IRS scams to look out for in 2026

~ 9 Feb 2026 ~

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

Someone's attacking SolarWinds WHD to steal highprivilege credentials - but we don't know who or how

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers