Latest Internet & Cybersecurity News
U.S. CISA Adds BeyondTrust Flaws to Known Exploited Vulnerabilities Catalog
U.S. CISA added critical flaws in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) to its Known Exploited Vulnerabilities catalog due to active exploitation. Attackers exploited CVE-2026-1731 within hours of PoC release, enabling remote code execution. Immediate patching is urged.
Microsoft Patch Tuesday Fixes 6 Zero-Days and 58 Flaws
Microsoft's February 2026 Patch Tuesday addressed 58 vulnerabilities, including six zero-days exploited in the wild, such as security feature bypasses in Office and Windows. Patches are critical for Windows users, especially those on unsupported versions without extended security updates. Ivanti also patched multiple Endpoint Manager bugs.
Odido Confirms Massive Data Breach Impacting 6.2 Million Customers
Dutch telco Odido suffered a massive breach exposing data of 6.2 million customers. The incident highlights ongoing risks to telecom sectors from advanced threats. Relatedly, China-linked APT UNC3886 targeted Singapore telcos.
Google: State-Backed Hackers Exploit Gemini AI for Recon and Attacks
State-sponsored actors are leveraging Google's Gemini AI for cyber reconnaissance and attack planning, marking a new frontier in AI misuse by threat groups. This aligns with rising concerns over AI in cyberattacks.
European Commission Probes Cyberattack on Mobile Device Management
The European Commission's mobile device management platform was hacked on January 30, 2026, but contained with no device compromise detected by CERT-EU. Dutch agencies also hit by Ivanti EPMM exploit exposing employee data.
Fintech Figure Discloses Data Breach from Employee Phishing
Fintech firm Figure revealed a data breach following a phishing attack on an employee, underscoring persistent social engineering risks. ApolloMD breach impacted 626,540 people.
Infosec Exec Sold Eight Zero-Days to Russia, Charges DoJ
Former L3Harris cyber exec allegedly sold eight zero-day exploit kits to Russia, per U.S. DoJ court filing. This exposes insider threats in the security industry. Pwn2Own Automotive uncovered 76 zero-days.
AI Coding Assistants Secretly Send Code to China
Two AI coding assistants used by 1.5 million developers covertly transmit ingested code to China, posing massive IP theft risks. Avoid such tools pending mitigation.
Backdoor Found in Notepad++ via Compromised Updates
Chinese government-linked hackers inserted a backdoor into Notepad++ via trojaned updates, targeting users until late 2026. CISA added Notepad++ flaws to KEV catalog.
Critical n8n Vulnerability Allows Instance Takeover
CVE-2026-21858 (CVSS 10.0) in n8n enables attackers to takeover 100,000+ locally deployed servers; upgrade to 1.121.0 required. No workarounds available.
Conduent Data Breach Expands to 25 Million Victims, Hits Volvo Group
Conduent breach now impacts 25 million, up from 10 million, affecting clients like Volvo Group. Ransomware Reynolds uses BYOVD techniques.
Interpol Warns of Cybercriminals Weaponizing AI
Interpol highlights AI as the biggest threat, enabling deepfakes for scams and sophisticated attacks. Gartner notes agentic AI trends for 2026.