New Linux botnet SSHStalker uses old-school IRC for C2 comms
A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. The protocol was invented in…
Month: February 2026
February Patch Tuesday: Microsoft drops six zero-days
Microsoft has released fixes for six newly-classified zero-day common vulnerabilities and exposures (CVEs) on the second monthly Patch Tuesday of 2026, amid a release comprising…
North Korean hackers use new macOS malware in crypto-theft attacks
North Korean hackers are running tailored campaigns using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the…
Patch Tuesday, February 2026 Edition – Krebs on Security
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six…
TeamPCP Industrializes Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform
TeamPCP, also known as PCPcat, ShellForce, and DeadCatx3, emerged in December 2025 as a sophisticated cloud-native threat actor targeting exposed Docker APIs, Kubernetes clusters, Ray…
Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities
Microsoft’s latest security update is littered with zero-day vulnerabilities, actively exploited defects that account for more than 10% of the total CVEs the vendor addressed…
SAP Security Patch Day – Critical Code Injection Vulnerability Fixed in SAP CRM and SAP S/4HANA
SAP Security Patch Day Fixed SAP CRM and SAP S/4HANA SAP’s February 2026 Security Patch Day delivered fixes that SAP urges customers to prioritize to…
Researchers delve inside new SolarWinds RCE attack chain
Researchers at Huntress Security have published new data on exploitation of a critical SolarWinds Web Help Desk (WHD) vulnerability, revealing how in at least three…
Microsoft releases Windows 10 KB5075912 extended security update
Microsoft has released the Windows 10 KB5075912 extended security update to fix February 2026 Patch Tuesday vulnerabilities, including six zero-days, and continue rolling out replacements…
Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data
Multiple Ivanti Endpoint Manager Vulnerability Ivanti has released critical security updates for its Endpoint Manager (EPM) platform, addressing two newly discovered vulnerabilities that could enable…
Windows Secure Boot certificates expire in June, Microsoft warns
Microsoft said it has begun rolling out new Secure Boot security certificates, ahead of a late June 2026 expiration deadline that affects virtually every Windows…
Malicious 7-Zip site distributes installer laced with proxy tool
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user’s computer into a residential proxy node. Residential…