Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an...
disclosed
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
Ravie LakshmananFeb 18, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio...
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
Ravie LakshmananFeb 17, 2026Malware / Artificial Intelligence Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing...
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Ravie LakshmananFeb 17, 2026Infostealer / Artificial Intelligence Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing...
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
Ravie LakshmananFeb 16, 2026Artificial Intelligence / Threat Intelligence Cybersecurity researchers disclosed they have detected a case of an information stealer...
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a...
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting...
Fintech firm Figure disclosed data breach after employee phishing attack
Fintech firm Figure disclosed data breach after employee phishing attack Pierluigi Paganini February 14, 2026 Fintech firm Figure confirmed a...
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote...
Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group
In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820)....
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
Ravie LakshmananFeb 11, 2026Linux / Botnet Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies...
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your...
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
Image: iLixe48/Envato A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click...
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Ravie LakshmananFeb 05, 2026Workflow Automation / Vulnerability A new, critical security vulnerability has been disclosed in the n8n workflow automation...
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
Ravie LakshmananFeb 05, 2026Web Security / Vulnerability Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that...
