Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

February 12, 2026 at 10:25PM Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Pyt…

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

February 12, 2026 at 04:00PM A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) r…

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

February 12, 2026 at 01:02PM A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivan…

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

February 12, 2026 at 11:09AM Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to addre…

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

February 11, 2026 at 11:15PM Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Ou…

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

February 11, 2026 at 03:26PM Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that …

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

February 11, 2026 at 12:20PM The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrenc…

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

February 10, 2026 at 11:14PM The information technology (IT) workers associated with the Democratic People's Republic of Ko…

Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

February 10, 2026 at 03:54PM SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its ne…

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

February 10, 2026 at 01:52PM The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confir…

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

February 10, 2026 at 10:08AM Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that co…

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

February 09, 2026 at 10:31PM The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espiona…