Discovering Negative-Days with LLM Workflows
By now, you may have Anthropic’s zero-days blogpost where an “out-of-the-box” Claude Opus 4.6 workflow was used to find 500 vulnerabilities in open-source projects. While…
Month: February 2026
Claude Opus 4.6 Released with Improved Cybersecurity, Validating 500+ high-severity Vulnerabilities
Claude Opus 4.6 Released Anthropic’s latest AI model autonomously identifies critical flaws in decades-old codebases, raising the stakes for both defenders and attackers Anthropic released…
DHS privacy probe will focus on biometric tracking by ICE, OBIM
The Department of Homeland Security’s watchdog office has launched an audit of the agency’s privacy practices amid allegations that DHS and its components have used…
ICE Agent’s ‘Dragging’ Case May Help Expose Evidence in Renee Good Shooting
Defense attorneys for a Minnesota man convicted in December of assaulting Immigration and Customs Enforcement officer Jonathan Ross are seeking access to investigative files related…
Germany warns of Signal account hijacking targeting senior figures
Germany’s domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. The attacks combine social…
Transparent Tribe Hacker Group Attacking India’s Startup Ecosystem
The threat landscape for India’s technology sector has taken an unexpected turn. A Pakistan-based hacking group called Transparent Tribe has shifted its focus from traditional…
What CISA KEV Is And Isn’t And A Tool To Help Security Teams
A new paper gives an insider’s perspective into CISA’s Known Exploited Vulnerability catalog – and also offers a free tool to help security teams use…
Bulletproof Hosting Providers Leverage Legitimate ISPsystem to Supply Servers for Cybercriminals
In the constantly shifting landscape of online threats, cybercriminals have found a new way to strengthen their attacks by hiding behind legitimate technology. Late in…
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. The…
New FvncBot Attacking Android Users by Exploiting Accessibility Services
A dangerous new malicious application has surfaced, targeting mobile banking customers in Poland. Observed on November 25, 2025, this threat masquerades as a legitimate security…
CISA warns of SmarterMail RCE flaw used in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that ransomware actors are exploiting CVE-2026-24423, a critical vulnerability in SmarterMail that allows remote code execution without…
Phishing and OAuth Token Flaws Lead to Full Microsoft 365 Compromise
Modern web applications frequently introduce unforeseen attack surfaces through seemingly harmless features designed for user engagement, such as newsletter signups, contact forms, and password resets.…