Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity...
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries.
That's according...
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
The Hacker NewsFeb 20, 2026Cyber Insurance / Password Security
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture...
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
Ravie LakshmananFeb 20, 2026Malware / Threat Intelligence
Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products...
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
Ravie LakshmananFeb 19, 2026Cybersecurity / Hacking News
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up...
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
Ravie LakshmananFeb 12, 2026Cybersecurity / Hacking News
Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many...
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
The incident took place on January 29, 2026, when a...
From Ransomware to Residency: Inside the Rise of the Digital Parasite
Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all...
