Latest Cybersecurity News and Articles
27 February 2026
The 24-year-old suspect has been accused of trafficking over 26,000 cards from a single brand.
The post Chilean Carding Shop Operator Extradited to US appeared first on SecurityWeek.
27 February 2026
Anthropic said it sought narrow assurances from the Pentagon that Claude won’t be used for mass surveillance of Americans or in fully autonomous weapons.
The post Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline appeared first on SecurityWeek.
27 February 2026
Aeternum operates on smart contracts, making its command-and-control (C&C) infrastructure difficult to disrupt.
The post Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience appeared first on SecurityWeek.
27 February 2026
An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902.
The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek.
27 February 2026
Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT).
"A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar," the Microsoft Threat Intelligence team said in a post on X. "This downloader used PowerShell
27 February 2026
Meta on Thursday said it's taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers based in Brazil, China, and Vietnam.
As part of the effort, the advertisers' methods of payment have been suspended, related accounts have been disabled, and the website domain names used to pull off the scams have been blocked.
Concurrently, the social
27 February 2026
CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio.
The post Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking appeared first on SecurityWeek.
26 February 2026
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
The post Apple iPhone and iPad Cleared for Classified NATO Use appeared first on SecurityWeek.
26 February 2026
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure to make it resilient to takedown efforts.
"Instead of relying on traditional servers or domains for command-and-control, Aeternum stores its instructions on the public Polygon blockchain," Qrator Labs said in a report shared with The
26 February 2026
The goal isn’t about preventing every attack but about keeping the business running when attacks succeed.
The post Four Risks Boards Cannot Treat as Background Noise appeared first on SecurityWeek.
26 February 2026
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025.
The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to deliver a never-before-seen backdoor codenamed Dohdoor.
"Dohdoor utilizes the DNS-over-HTTPS (DoH)
26 February 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Feb. 26, 2026 – Read the full story in BitGuardian The staggering prediction by Cybersecurity Ventures that global cybercrime damages would reach $10.5 trillion USD annually by 2025 has served as a wake-up call
The post The Cascading Economic Ripple Effects Of Cybercrime appeared first on Cybercrime Magazine.
26 February 2026
Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting invite, or a software update.
Behind the scenes, the tactics are sharper. Access happens faster. Control is established sooner. Cleanup becomes harder.
Here is a quick look at the signals worth paying attention to.
AI-powered command
26 February 2026
Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files.
The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek.
26 February 2026
The seed and Series A investment will enable the startup to accelerate product development and expand sales and customer success teams.
The post Gambit Security Emerges From Stealth With $61 Million in Funding appeared first on SecurityWeek.
26 February 2026
The issue impacts the UPnP function of multiple device models and could be exploited for remote code execution.
The post Zyxel Patches Critical Vulnerability in Many Device Models appeared first on SecurityWeek.
26 February 2026
Introduction: Steal It Today, Break It in a Decade
Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex and highly professional criminal ecosystem. The era of the cloud brought general availability of
26 February 2026
A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines.
"The activity aligns with a broader cluster of threats that use job-themed lures to blend into routine developer workflows and increase the likelihood of code
26 February 2026
The broker acquired eight zero-day exploits from a US defense contractor executive jailed for his actions.
The post US Sanctions Russian Exploit Broker Operation Zero appeared first on SecurityWeek.
26 February 2026
Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector.
The package, codenamed StripeApi.Net, attempts to masquerade as Stripe.net, a legitimate library from Stripe that has over 75 million downloads. It was uploaded by a user named