Security Issues, Vulnerabilities, Exploits & Government Alerts
Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation Breakfast: How Mission-Oriented Science and Innovation Programmes Will Address Societal Challenges’. Technologies are evolving fast, reshaping economies,…
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that’s being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. “The…
Ravie LakshmananFeb 16, 2026Zero-Day / Browser Security Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild. The high-severity vulnerability, tracked…
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve…
Ravie LakshmananFeb 13, 2026Threat Intelligence / Malware A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hack group as…
Ravie LakshmananFeb 13, 2026Malware / Critical Infrastructure Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to…
Ravie LakshmananFeb 13, 2026Cloud Security / Cyber Espionage A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) today announced a series of virtual town hall meetings to gather stakeholder input on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) rulemaking. The…
Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as…
The Hacker NewsFeb 13, 2026Supply Chain Security / DevSecOps In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid…