Latest Cybersecurity News and Articles
27 February 2026
OpenAI and Google, along with Elon Musk’s xAI, also have contracts to supply their AI models to the military.
The post Trump Orders All Federal Agencies to Phase Out Use of Anthropic Technology appeared first on SecurityWeek.
27 February 2026
The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering.
The confiscated funds were traced to cryptocurrency addresses used for the laundering of criminally derived proceeds stolen from victims of cryptocurrency investment scams, the department added.
"Criminal
27 February 2026
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025.
Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France.
The non-profit entity said the compromises are likely
27 February 2026
Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe.
The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, but injects malicious code that's responsible for exfiltrating secrets entered via terminal password
27 February 2026
Other noteworthy stories that might have slipped under the radar: cyber valuations surge, OpenAI disrupts malicious AI use, ShinyHunters claims Odido breach.
The post In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators appeared first on SecurityWeek.
27 February 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Feb. 27, 2026 – Watch the YouTube Short Cybercrime Magazine’s latest YouTube Short video, produced by Taylor Fox, looks back at a riveting privacy and surveillance story that gripped students, parents, and educators
The post WebcamGate 2009: A High School’s Laptop Initiative Turned Into A National Spying Scandal appeared first on Cybercrime Magazine.
27 February 2026
Hackers stole personal information such as names, email addresses, phone numbers, and other information.
The post 38 Million Allegedly Impacted by ManoMano Data Breach appeared first on SecurityWeek.
27 February 2026
The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface.
The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek.
27 February 2026
The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks.
The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware
27 February 2026
The 24-year-old suspect has been accused of trafficking over 26,000 cards from a single brand.
The post Chilean Carding Shop Operator Extradited to US appeared first on SecurityWeek.
27 February 2026
Anthropic said it sought narrow assurances from the Pentagon that Claude won’t be used for mass surveillance of Americans or in fully autonomous weapons.
The post Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline appeared first on SecurityWeek.
27 February 2026
Aeternum operates on smart contracts, making its command-and-control (C&C) infrastructure difficult to disrupt.
The post Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience appeared first on SecurityWeek.
27 February 2026
An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902.
The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek.
27 February 2026
Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT).
"A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar," the Microsoft Threat Intelligence team said in a post on X. "This downloader used PowerShell
27 February 2026
Meta on Thursday said it's taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers based in Brazil, China, and Vietnam.
As part of the effort, the advertisers' methods of payment have been suspended, related accounts have been disabled, and the website domain names used to pull off the scams have been blocked.
Concurrently, the social
27 February 2026
CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio.
The post Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking appeared first on SecurityWeek.
26 February 2026
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
The post Apple iPhone and iPad Cleared for Classified NATO Use appeared first on SecurityWeek.
26 February 2026
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure to make it resilient to takedown efforts.
"Instead of relying on traditional servers or domains for command-and-control, Aeternum stores its instructions on the public Polygon blockchain," Qrator Labs said in a report shared with The
26 February 2026
The goal isn’t about preventing every attack but about keeping the business running when attacks succeed.
The post Four Risks Boards Cannot Treat as Background Noise appeared first on SecurityWeek.
26 February 2026
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025.
The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to deliver a never-before-seen backdoor codenamed Dohdoor.
"Dohdoor utilizes the DNS-over-HTTPS (DoH)