Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe - file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll - network IOCs

⚠️ Chrome Vulnerabilities Let Attackers Execute Arbitrary Code and Crash System Source: cybersecuritynews.com/chrome-vulnera… Google has released a critical security update for the Chrome Stable channel, addressing two high-severity vulnerabilities that expose users to potential arbitrary

CISA: VMware ESXi flaw now exploited in ransomware attacks - Sergiu Gatlan bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

⚠️ Critical FortiClientEMS Vulnerability Let Attackers Execute Malicious Code Remotely | Source: cybersecuritynews.com/forticlientems… Fortinet has issued a critical security advisory warning administrators to immediately patch instances of FortiClientEMS, its central management solution for

North Korean hackers use new macOS malware in crypto-theft attacks - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

⚠️ FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication Source: cybersecuritynews.com/fortios-ldap-a… Fortinet has disclosed a high-severity authentication bypass vulnerability in FortiOS, tracked as CVE-2026-22153 (FG-IR-25-1052), that could allow

Windows Notepad App Remote Code Execution Vulnerability PoC, github.com/BTtea/CVE-2026…

The first part of Windows Registry Analysis Basics was well received so we’ve published part two. The final third part is coming soon as well hackers-arise.com/digital-forens… OccupytheWeb Aircorridor Di Smouk #dfir #blueteam #cybersecurity

🚨 Microsoft Office Word 0-day Vulnerability Actively Exploited in the Wild Source: cybersecuritynews.com/microsoft-offi… A critical zero-day vulnerability in Microsoft Word, tracked as CVE-2026-21514, was disclosed on February 10, 2026, allowing attackers to bypass essential security

🚨 Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack to Target Individuals Source: cybersecuritynews.com/apple-0-day-vu… Apple released iOS 26.3 and iPadOS 26.3 on February 11, 2026, patching over 40 vulnerabilities, including a critical zero-day in the dyld component

🔑25 Vulnerabilities in Cloud Password Managers Allow Unauthorized Access and Modifications Source: cybersecuritynews.com/password-manag… 25 critical vulnerabilities in three leading cloud-based password managers: Bitwarden, LastPass, and Dashlane enable a malicious server to bypass

🚨 Single-Character Typo of "&" Instead of "|" Leads to 0-Day RCE in Firefox Source: cybersecuritynews.com/firefox-0-day-… A critical Remote Code Execution (RCE) vulnerability in Mozilla Firefox was caused by a single-character typo in the SpiderMonkey JavaScript engine's WebAssembly

Hackers target Microsoft Entra accounts in device code vishing attacks - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Instead of watching 2 hours Netflix, learn claude in 60 minutes for Free.

🚨 Hackers Attack Employees via Microsoft Teams to Trick Them Into Granting Remote Access Source: cybersecuritynews.com/hackers-attack… A social-engineering campaign abusing Microsoft Teams and Windows Quick Assist is evolving again; the attackers are now deploying a newly identified

Zoom patches a critical 9.6 CVSS flaw (CVE-2026-30903) allowing unauthenticated remote privilege escalation on Windows. Update your clients immediately. #Zoom #CVE202630903 #CyberSecurity #InfoSec #PatchAlert #Vulnerability #WindowsSecurity securityonline.info/unauthenticate…

🌟Chrome Security Update - Patch for 29 Vulnerabilities that Allow Remote Code Execution Source: cybersecuritynews.com/chrome-securit… Google has officially released Chrome version 146 to the stable channel, delivering crucial security updates for Windows, Mac, and Linux users. Rolling out

Google fixes two new Chrome zero-days exploited in attacks bleepingcomputer.com/news/google/go… bleepingcomputer.com/news/google/go…

⚠️ CISA Urges Securing Microsoft Intune Following Stryker Breach Source: cybersecuritynews.com/secure-microso… CISA has issued an urgent alert urging organizations to harden their endpoint management system configurations following a cyberattack on Stryker Corporation, a U.S.-based medical

Google releases Chrome 146.0.7680.164/165, patching 8 high-severity flaws including use-after-free and buffer overflows. Update your desktop browser now. #ChromeSecurity #PatchAlert #CyberSecurity #GoogleChrome #InfoSec #BrowserSafety #CVE #MemorySafety securityonline.info/chrome-desktop…