Security Issues, Vulnerabilities, Exploits & Government Alerts
Ravie LakshmananFeb 18, 2026Vulnerability / Application Security Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver…
Ravie LakshmananFeb 18, 2026Threat Intelligence / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the…
Ravie LakshmananFeb 17, 2026Malware / Artificial Intelligence Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that…
A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor,…
Ravie LakshmananFeb 17, 2026Infostealer / Artificial Intelligence Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to…
View CSAF Summary Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to…
View CSAF Summary Successful exploitation of these vulnerabilities may allow code execution with elevated privileges. The following versions of GE Vernova Enervista UR Setup are affected: Enervista UR Setup
View CSAF Summary Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise. The…
The Hacker NewsFeb 17, 2026Cloud Security / Digital Forensics Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build…
My objective The role of NDR in SOC workflows Starting up the NDR system How AI complements the human response What else did I try out? What could I see with NDR that I wouldn’t…