ICYMI: 2026-02-23
Latest Headlines
APT28 Targeted European Entities Using Webhook-Based Macro Malware
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More
How Exposed Endpoints Increase Risk Across LLM Infrastructure
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach
Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
Autonomous AI Agents Provide New Class of Supply Chain Attack
Romanian Hacker Pleads Guilty to Selling Access to US State Network
Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS
Mississippi Hospital System Closes All Clinics After Ransomware Attack
GrayCharlie Injects Malicious JavaScript into WordPress Sites to Deliver NetSupport RAT and Stealc
Anthropic Claude Under Large Scale Distillation Attacks By Chinese AI Labs with 13 Million Exchanges
Conduent Data Breach – Largest Data Breach in U.S. History As Ransomware Group Stolen 8 TB of Data
New MIMICRAT Custom RAT Uncovered in Sophisticated Multi-Stage ClickFix Campaign
Microsoft MFA Down – 504 Gateway Timeout Errors Disrupting MFA Access for U.S. Users
New Phishing Framework Starkiller Proxies Real Login Pages to Bypass MFA
North Korean Threat Actors Leverage Fake IT Worker Campaigns and Contagious Interview Tactics
PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability
jsPDF Vulnerability Exposes Millions of Developers to Object Injection Attacks
HPE Telco Service Activator Vulnerability Let Attackers Bypass Access Restrictions
Android mental health apps with 14.7M installs filled with security flaws
Microsoft says bug in classic Outlook hides the mouse pointer
Ad tech firm Optimizely confirms data breach after vishing attack
CISA: Recently patched RoundCube flaws now exploited in attacks
– MTZ