Researchers at CTM360 have uncovered a sprawling campaign abusing Google Groups to spread Lumma Stealer and the Ninja Browser malware, turning trusted community platforms into launchpads for credential theft and data compromise. bleepingcomputer.com/news/security/…

Microsoft has disclosed a stealthy DNS-based “ClickFix” campaign that manipulates users into executing malicious commands, highlighting how attackers continue to weaponize everyday troubleshooting tactics for compromise. thehackernews.com/2026/02/micros…

Infostealer malware operators are now targeting OpenClaw environments for the first time, expanding their reach beyond traditional credentials to siphon off high-value secrets and signaling yet another evolution in data-theft tactics. bleepingcomputer.com/news/security/…

A fake Android antivirus app dubbed “TrustBastion” is spreading malware instead of protection, highlighting how cybercriminals continue to exploit users’ security fears to infiltrate devices and steal sensitive data. techrepublic.com/article/news-f…

Threat actor ShinyHunters claims to have leaked 600,000 Canada Goose customer records, but the company denies any breach, setting the stage for a high-stakes dispute over data security and potential customer impact. securityaffairs.com/188046/data-br…

LockBit 5.0 has emerged with expanded capabilities targeting Windows, Linux, and ESXi systems, signaling a dangerous new chapter for one of the most notorious ransomware operations still evolving despite global crackdowns. helpnetsecurity.com/2026/02/16/loc…

Security researchers have demonstrated that AI assistants like Copilot and Grok can be manipulated in unexpected ways, raising fresh concerns about how generative AI tools might be abused if proper safeguards aren’t firmly in place. thehackernews.com/2026/02/resear…

Notepad++ has strengthened its update process with a new “double-lock” security mechanism, aiming to prevent hijacked downloads and reinforce trust in one of the world’s most widely used code editors. bleepingcomputer.com/news/security/…

A newly uncovered Keenadu firmware backdoor is silently infecting devices at a low level, underscoring how deeply embedded threats can evade traditional defenses and persist within network infrastructure. thehackernews.com/2026/02/keenad…

Honeywell CCTV systems used in critical infrastructure are vulnerable to an authentication bypass flaw, raising urgent concerns about unauthorized access and the security of high-value facilities. bleepingcomputer.com/news/security/…

Microsoft has patched a security flaw that exposed confidential emails to AI systems, highlighting the growing challenges of safeguarding sensitive data in increasingly automated enterprise environments. securityboulevard.com/2026/02/micros…

Cybersecurity researchers warn that popular AI platforms can be abused as covert command-and-control channels, enabling threat actors to hide malware communications within seemingly legitimate AI-driven traffic. bleepingcomputer.com/news/security/…

A free virtual event on 26 February 2026 will explore evolving mainframe security challenges, from DORA and NIS2 compliance to live attack simulations and LLM-assisted defense on the Mainframe. linkedin.com/events/7430276…

Deutsche Bahn has been hit by a DDoS attack that disrupted its online services, underscoring the ongoing cyber threats facing critical national infrastructure. securityaffairs.com/188254/breakin…

A new Android malware strain dubbed “PromptSpy” is abusing Google services to exfiltrate data and spy on users, demonstrating how attackers continue to weaponize trusted platforms to stay under the radar. thehackernews.com/2026/02/prompt…

INTERPOL has announced 20 arrests as part of Operation Red Card, a coordinated international crackdown targeting cybercriminal networks across multiple countries. thehackernews.com/2026/02/interp…

Microsoft has patched CVE-2026-26119, addressing a critical security vulnerability that could be exploited by attackers to compromise affected systems. thehackernews.com/2026/02/micros…

A glitch in a PayPal loan app exposed more customer data than first reported, expanding the scope of the breach and reigniting concerns over fintech data security. securityaffairs.com/188309/data-br…

Japanese semiconductor equipment giant Advantest has been hit by a ransomware attack, disrupting systems and underscoring the ongoing cyber risk facing global tech manufacturers. bleepingcomputer.com/news/security/…

Google says its AI-powered security systems blocked 1.75 million policy-violating apps in 2025, highlighting the growing role of machine learning in cleaning up app store threats at scale. techrepublic.com/article/news-g…