Cyber Security News

A dangerous new version of LockBit ransomware has emerged, targeting multiple operating systems and threatening businesses worldwide. LockBit 5.0, released in September 2025, represents a major upgrade to one of the most active ransomware families in recent years. This version supports Windows, Linux, and ESXi platforms, making it a versatile threat capable of attacking diverse […]

The post LockBit’s New 5.0 Version Attacking Windows, Linux and ESXi Systems appeared first on Cyber Security News.

Palo Alto Networks has finalized its acquisition of CyberArk, a leading identity security firm, in a landmark $25 billion deal. This completion, announced on February 11, 2026, positions identity security as a foundational element of the company’s platform strategy amid rising AI-driven threats. The deal addresses the escalating role of identities in cyberattacks, where machine […]

The post Palo Alto Networks Completed Acquisition of Identity Security Firm CyberArk appeared first on Cyber Security News.

ZeroDayRAT is a new mobile spyware platform sold openly through Telegram, with activity first observed on February 2, 2026. It targets Android (5–16) and iOS (up to 26), giving attackers one cross-platform tool. From a browser-based control panel, an operator can monitor and control an infected phone. The panel supports GPS tracking, notification capture, SMS […]

The post New ZeroDayRAT Attacking Android and iOS For Real-Time Surveillance and Data Theft appeared first on Cyber Security News.

A newly disclosed vulnerability in an industrial control system (ICS) monitoring solution has raised concerns across multiple critical infrastructure sectors. Published by CISA under advisory code ICSA-26-043-10, the flaw has been assigned CVE-2026-1358 and carries a CVSS v3 score of 9.8, indicating critical severity. According to the advisory released on February 12, 2026, the vulnerability affects all versions of Airleader […]

The post Critical Airleader Vulnerability Exposes Systems to Remote Code Execution Attacks appeared first on Cyber Security News.

OpenClaw founder Peter Steinberger has officially joined OpenAI, marking a notable collaboration between open-source innovation and one of the world’s leading AI research organizations. According to Steinberger’s announcement titled “OpenClaw, OpenAI and the Future,” his new role focuses on advancing AI agents to make them accessible and secure for all users. Steinberger, widely known for blending creativity with engineering efficiency, revealed […]

The post OpenClaw Founder Peter Steinberger Officially Joins OpenAI appeared first on Cyber Security News.

A critical vulnerability has been discovered in the file transfer solution from Soliton Systems K.K., potentially allowing attackers to execute arbitrary system commands on affected installations. The issue, tracked as CVE-2026-25108, has been assessed with a CVSS v3.0 base score of 8.8, indicating a severe command injection flaw. The flaw stems from an OS command injection vulnerability (CWE-78) within […]

The post FileZen File Transfer App Vulnerability Enables Arbitrary Command Execution appeared first on Cyber Security News.

The state-sponsored threat group Lotus Blossom successfully breached the official hosting infrastructure of Notepad++ between June and December 2025, targeting users across government agencies, telecommunications companies and critical infrastructure sectors. The attackers gained access by compromising the shared hosting provider’s environment, which allowed them to intercept traffic headed to the Notepad++ update server and redirect […]

The post Lotus Blossom Hackers Compromised Official Hosting Infrastructure of Notepad++ appeared first on Cyber Security News.

An alert regarding two critical vulnerabilities found in ZLAN Information Technology Co.’s ZLAN5143D industrial communication device. According to the advisory (ICSA-26-041-02), successful exploitation could allow attackers to gain complete control of affected systems by bypassing authentication mechanisms or resetting device passwords remotely. The vulnerabilities impact ZLAN5143D version 1.600, a device commonly used across global critical […]

The post CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover appeared first on Cyber Security News.

A critical vulnerability tracked as CVE-2026-1731 is being actively exploited in the wild, enabling attackers to gain full domain control over affected systems. Threat actors are leveraging this flaw to execute operating system commands remotely without authentication. The flaw, discovered in self-hosted BeyondTrust deployments, allows unauthenticated attackers to run arbitrary OS commands via specially crafted HTTP requests, executing […]

The post Critical BeyondTrust Vulnerability Exploited in the Wild to Gain Full Domain Control appeared first on Cyber Security News.

Google has urgently patched a high-severity zero-day vulnerability in Chrome, confirming active exploitation in the wild. Tracked as CVE-2026-2441, the flaw is a use-after-free bug in the browser’s CSS handling, reported by independent researcher Shaheen Fazim just five days ago on February 11, 2026. The company disclosed the issue alongside its latest Stable channel update, […]

The post Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild appeared first on Cyber Security News.

Microsoft’s February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical boot failures just days after deployment. Users describe devices entering infinite restart loops, often exceeding 15 cycles, preventing access to the desktop. This cumulative update delivers essential security fixes alongside quality […]

The post Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop appeared first on Cyber Security News.

PentestAgent, an open-source AI agent framework from researcher Masic (GH05TCREW), has introduced enhanced capabilities, including prebuilt attack playbooks and seamless HexStrike integration. Released on GitHub by GH05TCREW, this tool leverages large language models (LLMs) like Claude Sonnet or GPT-5 via LiteLLM to conduct sophisticated black-box security assessments. PentestAgent operates through a terminal user interface (TUI), […]

The post PentestAgent – AI Penetration Testing Tool With Prebuilt Attack Playbooks and HexStrike Integration appeared first on Cyber Security News.

A new evolution in the ClickFix social engineering campaign, which now employs a custom DNS hijacking technique to deliver malware. This attack method tricks users into executing malicious commands that utilize DNS lookups to fetch the next stage of the infection, allowing attackers to bypass traditional detection methods and blend in with normal network traffic. […]

The post New Clickfix Exploit Tricks Users into Changing DNS Settings for Malware Installation appeared first on Cyber Security News.

A sophisticated malware campaign targeting macOS users through Google-sponsored search results and legitimate platforms, including Anthropic’s Claude AI and Medium. The campaign has already reached over 15,000 potential victims through two distinct attack variants that exploit users’ trust in established online services. The first attack vector leverages Google Ads to promote a malicious Claude AI […]

The post Threat Actors Exploit Claude Artifacts and Google Ads to Target macOS Users appeared first on Cyber Security News.

A threat actor is reportedly selling a purported critical severity zero-day exploit chain targeting OpenSea for $100,000 USD in Bitcoin or Monero. The listing claims the vulnerability remains unpatched and undisclosed, raising alarms in the NFT community. The exploit allegedly targets flaws in OpenSea’s Seaport protocol order validation logic across Ethereum Mainnet, Polygon, and Blast […]

The post Threat Actor Allegedly Selling Critical Severity OpenSea 0-day Exploit Chain on Hacking Forums appeared first on Cyber Security News.

CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on servers and databases. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 12, 2026, agencies must patch by March 5, 2026, or face federal mandates. […]

The post CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok. These fake “AI assistants” spy on users through injected, remote-controlled iframes, turning helpful browser add-ons into surveillance tools. More than 260,000 users have installed these extensions. Security researchers identified at least 30 Chrome extensions promoted as […]

The post Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames appeared first on Cyber Security News.

Over half a million VKontakte users have fallen victim to a sophisticated malware campaign that silently hijacks accounts through seemingly harmless Chrome extensions. The malicious extensions, disguised as VK customization tools, automatically subscribe users to attacker-controlled groups, reset account settings every 30 days, and manipulate security tokens to maintain persistent control. What appeared as simple […]

The post Chrome Extensions Infected 500K Users to Hijack VKontakte Accounts appeared first on Cyber Security News.

A sophisticated social engineering campaign is targeting Windows users through fake CAPTCHA verification pages to deliver the StealC information stealer malware. The attack begins when victims visit compromised websites that display fraudulent Cloudflare security checks, tricking them into executing malicious PowerShell commands. This campaign represents a dangerous evolution in cybercrime tactics, combining psychological manipulation with […]

The post New ClickFix Attack Wave Targeting Windows Systems to Deploy StealC Stealer appeared first on Cyber Security News.

OpenClaw Version 2026.2.12 is a major security-focused update that fixes more than 40 vulnerabilities and strengthens protection across the AI agent platform. The update improves hooks, browser control, scheduling, messaging channels, and gateway security. The main goal of this release is defense-in-depth. It follows serious concerns about exposed OpenClaw agents, token-stealing remote code execution (RCE) […]

The post OpenClaw 2026.2.12 Released With Fix for 40+ Security Issues appeared first on Cyber Security News.