118/69 Friday, February 27, 2026 Zyxel, a leading network equipment manufacturer, has issued a security advisory regarding a critical vulnerability identified as CVE-2025-13942, which carries a CVSS score of 9.8 out of 10. The flaw allows unauthenticated attackers to execute arbitrary commands remotely, potentially gaining full control of affected devices. The vulnerability impacts more than […]
117/69 Thursday, February 26, 2026 Broadcom has issued a security advisory and released patches to address multiple vulnerabilities in VMware Aria Operations, including a high-severity flaw that could lead to remote code execution. The most critical issue, CVE-2026-22719 (CVSS 8.1), is a Command Injection vulnerability. An unauthenticated attacker could exploit this flaw to execute arbitrary […]
116/69 Thursday, February 26, 2026 SolarWinds has released security updates addressing four critical vulnerabilities in its Serv-U file transfer software, which supports FTP, FTPS, SFTP, and HTTP/S protocols. Serv-U is widely used by organizations to exchange large files both internally and externally. If left unpatched, the vulnerabilities could allow attackers to execute remote code (RCE) […]
115/69 Thursday, February 26, 2026 A recent report from Symantec’s Threat Hunter Team and Carbon Black highlights a concerning shift in tactics by the state-sponsored Lazarus Group. The group, historically known for cyber espionage operations, is increasingly focusing on financial gain by deploying the Medusa ransomware against healthcare and social service organizations worldwide. By collaborating […]
114/69 Wednesday, February 25, 2026 Vikor Scientific (also known as Vanta Diagnostics), a U.S.-based molecular diagnostic testing provider, has reported a data breach to the Department of Health and Human Services (HHS) after discovering that the personal and medical information of 139,964 patients was accessed without authorization. The incident first came to light in November […]
113/69 Wednesday, February 25, 2026 Anthropic has introduced Claude Code Security, an AI-driven security service built on top of its Claude Code platform. The tool is designed to scan source code for security vulnerabilities and provide remediation guidance in the form of suggested patches for development teams to review. The service is currently available as […]
112/69 Wednesday, February 25, 2026 OpenClaw, nicknamed “Nong Kung,” launched in November 2025 as an open-source intelligent AI agent designed to run directly on personal computers. It can automate various tasks, such as connecting to chat applications like WhatsApp or Discord, reading and writing files, managing calendars, and searching for information online. However, the project […]
111/69 Tuesday, February 24, 2026 Researchers from Kaspersky have uncovered a data-stealing malware operation known as Arkanix Stealer, which was actively promoted in late 2025. Evidence suggests that the malware may have been developed with the assistance of large language models (LLMs) or AI tools, significantly reducing development time and cost. The project was marketed […]
110/69 Tuesday, February 24, 2026 Spanish police have arrested a 20-year-old man in Madrid on allegations that he manipulated the payment system of a hotel and travel booking website to secure luxury room reservations for just €0.01 per night. The actual room rates reportedly reached up to €1,000 per night, resulting in losses exceeding €20,000 […]
109/69 Tuesday, February 24, 2026 A research team from ETH Zurich and the Università della Svizzera italiana, led by Professor Kenneth Paterson, has published alarming findings about popular password management services such as Bitwarden, LastPass, and Dashlane. The study challenges the widely promoted concept of “zero-knowledge encryption”-which claims that service providers cannot access user data-suggesting […]
