Cybersecurity Articles

101/69 Thursday, February 19, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence of active exploitation. The newly added vulnerabilities are: Regarding CVE-2026-2441, Google has confirmed active exploitation in the wild. However, detailed technical information about the attack techniques has […]

100/69 Thursday, February 19, 2026 Security researchers from Mandiant and the Google Threat Intelligence Group (GTIG) have disclosed that a threat actor tracked as UNC6201 has been conducting covert attacks by exploiting a critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines, a backup and disaster recovery solution for VMware environments. The vulnerability, identified as […]

99/69 Wednesday, February 18, 2026 Washington Hotel, a major business hotel chain in Japan, has issued a statement confirming that its server systems were targeted by a ransomware attack on Friday, February 13, 2026, at 10:00 PM. The incident resulted in unauthorized access to certain business-related data. As an immediate containment measure, the company disconnected […]

98/69 Wednesday, February 18, 2026 A serious security vulnerability has been discovered in the systems of DavaIndia Pharmacy, one of India’s major pharmacy chains operated by Zota Health Care Ltd. The flaw could have allowed malicious actors to access customer order information and escalate privileges to gain full administrative control of the platform. This posed […]

97/69 Wednesday, February 18, 2026 Dutch authorities have arrested a 40-year-old man at his residence in Ridderkerk on charges of computer intrusion and attempted extortion. The case began after a police officer mistakenly sent the man a download link to confidential government documents instead of a link intended for uploading evidence related to a case. […]

96/69 Tuesday, February 17, 2026 Microsoft Threat Intelligence has identified a new variant of the ClickFix social engineering campaign that shifts from delivering malware over HTTP to using DNS as a staging channel. Victims are tricked into opening the Windows Run dialog (Win+R) and executing the nslookup command, which connects to a DNS server controlled […]

95/69 Tuesday, February 17, 2026 Google has released an emergency security update to address a high-severity zero-day vulnerability in the Chrome browser that has been actively exploited in the wild. The flaw, tracked as CVE-2026-2441, is a use-after-free vulnerability in Chrome’s CSS processing component. It marks the first actively exploited Chrome zero-day of 2026, following […]

94/69 Tuesday, February 17, 2026 Microsoft has announced a fix for a Windows 11 system error that caused devices to display the “UNMOUNTABLE_BOOT_VOLUME” message or become stuck on a black screen prompting a restart, preventing users from accessing their systems. The issue primarily affected commercial (enterprise) devices following the installation of security updates earlier this […]

93/69 Monday, February 16, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the BeyondTrust vulnerability CVE-2026-1731 (CVSS 9.9) to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence of active exploitation. The flaw is an OS Command Injection vulnerability affecting certain versions of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) […]

92/69 Monday, February 16, 2026 Figure Technology Solutions, Inc., a U.S.-based fintech company that develops blockchain-powered lending platforms, has confirmed a data breach after one of its employees fell victim to a social engineering attack. As a result, threat actors were able to access and exfiltrate a limited number of company files. A company spokesperson […]