Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
Ravie LakshmananFeb 19, 2026Banking Malware / Mobile Security Cybersecurity researchers have disclosed details of a new Android trojan called Massiv...
researchers
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct...
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an...
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
Ravie LakshmananFeb 18, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio...
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
Ravie LakshmananFeb 17, 2026Malware / Artificial Intelligence Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing...
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Ravie LakshmananFeb 17, 2026Infostealer / Artificial Intelligence Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing...
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
Ravie LakshmananFeb 16, 2026Artificial Intelligence / Threat Intelligence Cybersecurity researchers disclosed they have detected a case of an information stealer...
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a...
How to find and remove credential-stealing Chrome extensions
Researchers have found yet another family of malicious extensions in the Chrome Web Store. This time, 30 different Chrome...
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and...
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked...
Outlook add-in goes rogue and steals 4,000 credentials and payment data
Researchers found a malicious Microsoft Outlook add-in which was able to steal 4,000 stolen Microsoft account credentials, credit card...
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In...
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
Ravie LakshmananFeb 11, 2026Linux / Botnet Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies...
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your...
