Search the Portal

Recent Articles

FEB18
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials

The Hacker News by info@thehackernews.com (The Hacker News)
FEB18
3 Ways to Start Your Intelligent Workflow Program

Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comes

The Hacker News by info@thehackernews.com (The Hacker News)
FEB18
CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5

The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024. The post CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5 appeared first on SecurityWeek.

Security Week by Eduard Kovacs
FEB18
Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction

Koi has developed an endpoint security solution that Palo Alto will use to enhance its products. The post Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction appeared first on SecurityWeek.

Security Week by Eduard Kovacs
FEB18
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design that aims to make the update process "robust and effectively unexploitable." This includes verification

The Hacker News by info@thehackernews.com (The Hacker News)
FEB18
Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group

GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024. The post Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group appeared first on SecurityWeek.

Security Week by Eduard Kovacs
FEB18
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 (CVSS score: 8.8) - A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap

The Hacker News by info@thehackernews.com (The Hacker News)
FEB17
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins. Cloud forensics is fundamentally

The Hacker News by info@thehackernews.com (The Hacker News)
FEB17
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok

The Hacker News by info@thehackernews.com (The Hacker News)
FEB17
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build phase.

The Hacker News by info@thehackernews.com (The Hacker News)
FEB17
VulnCheck Raises $25 Million in Series B Funding to Scale Vulnerability Intelligence

The latest funding round was led by Sorenson Capital and brings the total investment to $45 million. The post VulnCheck Raises $25 Million in Series B Funding to Scale Vulnerability Intelligence appeared first on SecurityWeek.

Security Week by SecurityWeek News
FEB17
Hackers Offer to Sell Millions of Eurail User Records

Eurail has confirmed that the stolen data is up for sale, but it’s still trying to determine how many individuals are impacted. The post Hackers Offer to Sell Millions of Eurail User Records appeared first on SecurityWeek.

Security Week by Eduard Kovacs
FEB17
API Threats Grow in Scale as AI Expands the Blast Radius

New research shows attackers increasingly abusing APIs at machine speed as AI-driven systems widen exposure and amplify impact. The post API Threats Grow in Scale as AI Expands the Blast Radius appeared first on SecurityWeek.

Security Week by Kevin Townsend
FEB17
Cyber Insights 2026: The Ongoing Fight to Secure Industrial Control Systems

As nation-state actors, ransomware groups, and aging infrastructure collide, organizations must rethink how they defend critical operations through resilience, visibility, and modern security strategies. The post Cyber Insights 2026: The Ongoing Fight to Secure Industrial Control Systems appeared first on SecurityWeek.

Security Week by Kevin Townsend
FEB17
Man Linked to Phobos Ransomware Arrested in Poland

Polish police said they found evidence of cybercrime on the 47-year-old suspect’s devices. The post Man Linked to Phobos Ransomware Arrested in Poland appeared first on SecurityWeek.

Security Week by Eduard Kovacs