Cyber Security News

In 2025, threat actors turned widely used artificial intelligence tools into weapons for launching fast, precise network intrusions. CrowdStrike’s 2026 Global Threat Report found an 89% year-over-year increase in attacks by AI-enabled adversaries, as criminals used automation and machine-generated scripts to cut the time between initial entry and full domain access to under 30 minutes. […]

The post Threat Actors Weaponized AI Tools to Gain Full Domain Access within 30 Minutes appeared first on Cyber Security News.

The financial sector remains a prime target for cybercriminals, safeguarding not only vast sums of money but also sensitive personal data, payment systems, and economic trust. Recent reports highlight escalating threats, with 65% of financial organizations hit by ransomware in 2024, the highest rate across industries, while average recovery costs excluding ransoms reached $2.73 million. […]

The post 65% of Financial Organizations Targeted by Ransomware as Cybercriminals Escalate Attacks appeared first on Cyber Security News.

A supply chain attack targeting ASP.NET developers has surfaced, involving four malicious NuGet packages built to steal login credentials and plant persistent backdoors inside web applications. The packages — NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_ — were published between August 12 and 21, 2024, by a threat actor operating under the username “hamzazaheer,” and together they […]

The post Malicious NuGet Packages Attacking ASP.NET Developers to Steal Login Credentials appeared first on Cyber Security News.

The UK’s Information Commissioner’s Office (ICO) has issued a £14.47 million ($19.52 million) fine against Reddit, Inc. after an investigation concluded the social media platform unlawfully processed the personal information of children under the age of 13, failing to implement effective age verification controls and leaving young users exposed to potentially harmful content. Reddit, which […]

The post Reddit Fined £14.47 Million by UK Regulator for Children’s Privacy Failures appeared first on Cyber Security News.

A critical Remote Code Execution (RCE) vulnerability has been identified in a Ruby background job processing system. The flaw stems from unsafe JSON deserialization, which allows untrusted input to be transformed into executable objects. This issue highlights the hidden dangers of deserialization in Ruby environments, where a single line of code can lead to deterministic […]

The post New Deserialization Vulnerability in Ruby Workers Could Enable Full System Compromise appeared first on Cyber Security News.

Atomic macOS Stealer (AMOS), a well-known data-theft malware, has taken a sharp turn in how it reaches victims. Instead of hiding inside cracked software downloads as it once did, threat actors now embed it within malicious OpenClaw skills — small add-on packages that extend AI agent capabilities on platforms like OpenClaw. AMOS operates as a […]

The post Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection appeared first on Cyber Security News.

Wilmington, North America, February 24th, 2026, CyberNewswire In a recent DMARCbis fireside chat, email authentication leaders discussed upcoming DMARC changes and how teams can plan for 2026.  Sendmarc has released a new fireside chat featuring Todd Herr, Principal Solutions Architect at GreenArrow Email and co-editor of DMARCbis, on the upcoming update to DMARC (Domain-based Message […]

The post Sendmarc Releases DMARCbis Fireside Chat Featuring Co-Editor Todd Herr appeared first on Cyber Security News.

A malicious NPM package named buildrunner-dev has been caught hiding .NET malware inside innocent-looking PNG images, using steganography to slip past antivirus tools and deliver a Remote Access Trojan onto Windows systems. Discovered in February 2026, this campaign signals a notable shift in supply chain attack methods, where the actual malicious code remains completely invisible inside what […]

The post Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads appeared first on Cyber Security News.

A group of attackers has built a fake version of the Huorong Security antivirus website to trick users into downloading ValleyRAT, a Remote Access Trojan (RAT) built on the Winos4.0 framework. The campaign is linked to the Silver Fox APT group, a Chinese-speaking threat actor known for distributing trojanized versions of popular Chinese software. Huorong […]

The post Fake Huorong Download Site Used to Deploy ValleyRAT Backdoor in Targeted Malware Campaign appeared first on Cyber Security News.

A Russian-linked cybercrime group named Diesel Vortex has been quietly running a large phishing operation against freight and trucking companies across the United States and Europe. The campaign ran from September 2025 through February 2026 and resulted in more than 1,649 stolen login credentials from users of major logistics platforms, including DAT Truckstop, Penske Logistics, […]

The post Diesel Vortex Russian Cybercrime Group Targets Global Logistics Sector and Steals 1,600+ Credentials appeared first on Cyber Security News.

A sophisticated new malware campaign has emerged, leveraging fake CAPTCHA lures to deceive users and deploy a stealthy information stealer. Identified in early 2026, this activity shares significant behavioral patterns with the ClickFix campaign that previously targeted restaurant reservation systems in July 2025. The operators have refined their social engineering tactics to bypass traditional security […]

The post ClickFix Infostealer Campaign Uses Fake CAPTCHA Lures to Compromise Victims appeared first on Cyber Security News.

Broadcom issued security advisory VMSA-2026-0001 on February 24, 2026, disclosing three vulnerabilities in VMware Aria Operations that pose risks, including remote code execution. Organizations using affected products should prioritize patching to mitigate potential exploits. VMware Aria Operations, a key component in products like VMware Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure, faces command […]

The post Multiple VMware Aria Vulnerabilities Allow Remote Code Execution Attacks appeared first on Cyber Security News.

The CEO of Tesla and xAI recently stated that the artificial intelligence company Anthropic has stolen large amounts of data to train its models. Musk claims this data theft occurred on a massive scale, resulting in the company paying billions of dollars in settlements. The community notes appear to criticize Anthropic’s practices, prompting Musk to […]

The post Elon Musk Accuses Anthropic of Stealing Data in a Massive Scale appeared first on Cyber Security News.

The notorious cybercriminal group has claimed responsibility for a massive data breach targeting the Dutch telecommunications company Odido and its brand BEN. The group ShinyHunters claims to have stolen 21 million records from 8 million customers, suggesting the incident is far more severe than previously disclosed. The data exposed in this alleged breach is highly […]

The post ShinyHunters Allegedly Claim Breach of 21 Million Records from Odido appeared first on Cyber Security News.

OpenClaw, the open-source personal AI assistant with over 215,000 GitHub stars, has released version 2026.2.23, emphasizing robust security hardening alongside advanced AI integrations. This update addresses multiple vulnerabilities and introduces features like Claude Opus 4.6 support, making it a timely boost for privacy-focused users deploying AI gateways locally across macOS, Windows, and Linux. A key […]

The post OpenClaw Releases 2026.2.23 Released With Security Updates and New AI features appeared first on Cyber Security News.

In early February 2026, a significant cybersecurity threat emerged involving the sophisticated use of Large Language Models (LLMs) in active intrusion campaigns. A misconfigured server exposed a detailed software pipeline where threat actors integrated DeepSeek and Claude into their attack workflows. This discovery highlights a dangerous evolution in modern cybercrime, where AI tools are not […]

The post Hackers Leverage DeepSeek and Claude to Attack FortiGate Devices Worldwide appeared first on Cyber Security News.

WhatsApp has released a new Android update through the Google Play Beta Program, bringing the version up to 2.26.7.8. The update reveals that WhatsApp is actively developing an optional account password feature designed to add another layer of security on top of the existing two-step verification (2FA) system. WhatsApp already offers two-step verification as an […]

The post WhatsApp Introduces Optional Account Password Feature to Strengthen Login Security appeared first on Cyber Security News.

A newly launched bug bounty program is offering nearly $18,000 to anyone who can successfully disconnect Ring Video Doorbells from Amazon’s cloud servers while keeping the devices fully functional. This initiative aims to address ongoing privacy concerns about Ring’s data-handling practices and the lack of local storage options for users. The bounty targets Ring doorbells […]

The post $10K+ Bounty Offered to Hacker Who Can Disconnect Ring Video Doorbells from Amazon Cloud appeared first on Cyber Security News.

Google has released a critical security update for its Chrome browser, pushing version 145.0.7632.116/117 to Windows and macOS users, while Linux users receive version 144.0.7559.116. The update, which is rolling out progressively over the coming days and weeks, addresses three high-severity vulnerabilities that could expose users to significant risk if left unpatched. The update carries […]

The post Google Chrome Emergency Security Update Patches Three High-Severity Vulnerabilities appeared first on Cyber Security News.

A threat actor known as GrayCharlie has been compromising WordPress websites since mid-2023, silently embedding malicious JavaScript to push malware onto visiting users. The group overlaps with the previously tracked SmartApeSG cluster, also called ZPHP or HANEMONEY. Its main tool is NetSupport RAT, a remote access trojan that gives attackers direct control over infected machines. […]

The post GrayCharlie Injects Malicious JavaScript into WordPress Sites to Deliver NetSupport RAT and Stealc appeared first on Cyber Security News.