x86.se

3 Min Read

February 28, 2026

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to se…

3 Min Read

February 28, 2026

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute

Anthropic on Friday hit back after U.S. Secretary of Defense Pete…

2 Min Read

February 27, 2026

DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

The U.S. Department of Justice (DoJ) this week announced the seizure of…

2 Min Read

February 27, 2026

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX…

3 Min Read

February 27, 2026

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive…

2 Min Read

February 27, 2026

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to…

5 Min Read

February 27, 2026

Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams

Meta on Thursday said it's taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers…

4 Min Read

February 26, 2026

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control…

8 Min Read

February 26, 2026

Expert Recommends: Prepare for PQC Right Now

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into…

5 Min Read

February 26, 2026

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical…

5 Min Read

February 25, 2026

Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It

Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early,…

5 Min Read

February 24, 2026

Identity Prioritization isn't a Backlog Problem – It's a Risk Math Problem

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control…

3 Min Read

February 24, 2026

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an…

3 Min Read

February 24, 2026

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan,…

15 Min Read

February 23, 2026

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the…

6 Min Read

February 23, 2026

How Exposed Endpoints Increase Risk Across LLM Infrastructure

As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming…

4 Min Read

February 23, 2026

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster…

3 Min Read

February 23, 2026

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and…

4 Min Read

February 21, 2026

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence…

2 Min Read

February 21, 2026

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software…

1 Min Read

February 21, 2026

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to…

3 Min Read

February 21, 2026

EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4…

2 Min Read

February 20, 2026

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and…

4 Min Read

February 20, 2026

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to…

2 Min Read

February 20, 2026

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously…

4 Min Read

February 20, 2026

Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on…

2 Min Read

February 20, 2026

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea's fraudulent…

2 Min Read

February 20, 2026

FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading to losses of…

3 Min Read

February 20, 2026

Former Google Engineers Indicted Over Trade Secret Transfers to Iran

Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the…

3 Min Read

February 19, 2026

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial…

2 Min Read

February 19, 2026

INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown

An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort…

1 Min Read

February 19, 2026

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows…

15 Min Read

February 19, 2026

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up…

4 Min Read

February 19, 2026

From Exposure to Exploitation: How AI Collapses Your Response Window

We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving.…

3 Min Read

February 19, 2026

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that's designed to facilitate device takeover (DTO)…

4 Min Read

February 19, 2026

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing…

2 Min Read

February 18, 2026

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions…

7 Min Read

February 18, 2026

Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability

In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted…

4 Min Read

February 18, 2026

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected…

3 Min Read

February 18, 2026

3 Ways to Start Your Intelligent Workflow Program

Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full…

3 Min Read

February 17, 2026

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model…

2 Min Read

February 17, 2026

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk…

9 Min Read

February 17, 2026

My Day Getting My Hands Dirty with an NDR System

My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could…

3 Min Read

February 17, 2026

Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the "Summarize with…

13 Min Read

February 16, 2026

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons,…

Explore Trending Topics