Latest Internet & Cybersecurity News
LockBit 5.0 Ransomware Expands to Windows, Linux, and ESXi
Acronis Threat Research Unit identified LockBit 5.0, a new variant deployed in active campaigns with cross-platform capabilities targeting Windows, Linux, and VMware ESXi systems. This enhances attackers' ability to conduct coordinated multi-OS assaults. The shift emphasizes persistence over disruption per Picus Security's Red Report 2026.
Ivanti Zero-Days CVE-2026-1281 and CVE-2026-1340 Actively Exploited
Two zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) allow remote code execution without authentication, exploited since July 2025. Attackers target widely deployed mobile device management platforms. Organizations must prioritize patching as urged by security researchers.
Cloudflare Suffers 6-Hour Global Service Outage
Cloudflare experienced a major six-hour outage on February 20, 2026, disrupting services for Bring Your Own IP customers worldwide. The incident caused widespread downtime for dependent services. Details on the cause remain under investigation.
Cline CLI 2.3.0 Supply Chain Attack Installs OpenClaw Malware
A supply chain attack on February 17, 2026, published malicious cline@2.3.0 to npm, installing OpenClaw AI agent on 4,000 developer and CI/CD systems via post-install script. Attackers compromised a publish token through GitHub Actions poisoning. The package was deprecated after eight hours.
651 Arrested in INTERPOL's African Cybercrime Operation Red Card 2.0
Operation Red Card 2.0 from December 2025 to January 2026 across 16 African countries led to 651 arrests and $4.3 million recovered from scams causing $45 million losses. It targeted investment fraud, mobile money scams, and fake loans. INTERPOL supported the multinational effort.
Firmware-Level Android Backdoor Discovered on Tablets
A firmware-level Android backdoor was found on tablets, highlighting persistent threats as per Help Net Security's week in review. Attackers focus on persistence strategies according to Picus Security's Red Report 2026. This underscores risks in device supply chains.
Dell Zero-Day Exploited Since 2024 by Chinese Hackers
Dell RecoverPoint systems were exploited by Chinese state-affiliated hackers, with vulnerabilities active since 2024. The breach targeted enterprise data protection infrastructure. Immediate mitigation is recommended.
Irish DPC Investigates X's Grok AI for Deepfake Generation
Ireland's Data Protection Commission launched a probe into X over Grok AI allegedly generating sexualized deepfakes of non-consensual intimate images. The investigation examines harmful content creation via platform-linked generative AI. Legal consequences may follow for non-compliance.
UK Mandates Stricter AI Chatbot Regulations for Child Protection
The UK government requires AI chatbot providers to protect children from illegal and harmful online content, with legal penalties for failures. This immediate action targets platform compliance duties. It aims to curb exploitative AI uses.
CrushFTP Zero-Day Vulnerability Actively Exploited for Admin Access
Hackers target a zero-day in CrushFTP's web interface for admin-level server access; all versions since July 1 are patched. The managed file-transfer software urges immediate updates. This poses high risk to unpatched systems.
Adidas Investigates 815,000-Record Data Breach Claim
Adidas is probing a potential breach at a licensing partner after Lapsus$ claimed access to 815,000 sensitive records. The incident affects the sportswear giant's extranet data. Further corporate breaches include French bank exposures.