Cybersecurity
138 articles RSS
Cloudflare's 2026 Threat Report: Attackers Swap Break-Ins for Log-Ins as AI and Credential Theft Redefine the Threat Landscape
Cloudflare's 2026 Threat Report documents a pivotal shift: attackers now log in rather than break in, using stolen session tokens and AI-assisted credential theft to bypass MFA, as DDoS volumes doubled and nation-state pre-positioning inside critical infrastructure intensifies.
Google Disrupts Decade-Long Chinese Cyberespionage Campaign That Hijacked Google Sheets to Spy on 53 Telecoms and Governments Across 42 Countries
Google and Mandiant exposed UNC2814, a China-nexus threat actor that used a novel backdoor called GRIDTIDE to abuse Google Sheets as command-and-control infrastructure, breaching telecoms and government agencies across three continents since at least 2017.
Conduent Breach Reaches 25 Million Americans, Making It the Largest in U.S. History
A ransomware attack on government services giant Conduent exposed SSNs, medical records, and health insurance data for at least 25 million Americans across multiple states.
Cisco SD-WAN Zero-Day Exploited for Three Years Before Patch, CISA Issues Emergency Directive
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN has been actively exploited since 2023 by a sophisticated threat actor, prompting a CISA emergency directive requiring federal agencies to patch or disconnect affected systems.
AWS European Sovereign Cloud Goes Live, but CLOUD Act Shadow Looms Over €7.8 Billion Promise
Amazon launched its AWS European Sovereign Cloud in Brandenburg, Germany in January 2026 with €7.8 billion in investment and ~90 services, but legal experts warn the U.S. CLOUD Act may undermine its core sovereignty guarantees.
IBM X-Force 2026 Report Reveals AI-Accelerated Attacks Exploiting Basic Security Gaps as Ransomware Groups Splinter and Multiply
IBM's annual threat index finds vulnerability exploitation now causes 40% of breaches, with 109 ransomware groups active and over 300,000 AI platform credentials stolen.
AI-Augmented Threat Actor Breached 600 FortiGate Firewalls in Five Weeks Using Commercial LLMs, Amazon Warns
Amazon Threat Intelligence tracked a low-skill actor who used DeepSeek and Claude to compromise 600+ FortiGate devices across 55 countries, signaling AI is lowering the barrier to large-scale cyberattacks.
Prompt Injection in AI Issue Triage Bot Led to Cline CLI Supply Chain Attack, Affecting Thousands of Developers
A security researcher's disclosure of a prompt injection flaw in Cline's AI-powered GitHub issue bot was weaponized eight days later to steal npm publish tokens and install unauthorized software on developer machines.
Chinese Hackers Exploited a Maximum-Severity Dell Zero-Day for Nearly Two Years Before Discovery
A hardcoded-credential flaw in Dell RecoverPoint rated CVSS 10.0 let Chinese spies deploy three malware families and hide inside VMware infrastructure since mid-2024.
npm, PyPI, and Crates.io Cannot Afford Basic Security as Malware Costs Devour Thin Budgets, Alpha-Omega Audit Reveals
An audit of the world's largest open source package registries finds they spend 12 percent of their budgets fighting malware and just 2 percent on new features, with no path to sustainable security funding.
Microsoft Patches Six Actively Exploited Zero-Days in February 2026, Matching Last Year's Record High
Microsoft's February Patch Tuesday fixes 58 flaws including six zero-days already under attack, with CISA ordering immediate federal remediation.
PackageGate flaws let Git dependencies bypass npm’s post–Shai-Hulud install defenses
Researchers say Git-sourced dependencies can re-enable code execution paths even when npm is run with --ignore-scripts, undermining a widely recommended mitigation after 2025’s Shai-Hulud worm.