ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+...
Ravie LakshmananFeb 26, 2026Cybersecurity / Hacking News
Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a...
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
Ravie LakshmananFeb 25, 2026Social Engineering / Cloud Security
The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off...
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity...
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries.
That's according...
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
The Hacker NewsFeb 20, 2026Cyber Insurance / Password Security
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture...
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
Ravie LakshmananFeb 20, 2026Malware / Threat Intelligence
Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products...
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
Ravie LakshmananFeb 19, 2026Cybersecurity / Hacking News
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up...
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
Ravie LakshmananFeb 12, 2026Cybersecurity / Hacking News
Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many...
