PromptSpy abuses Gemini AI to gain persistent access on Android
PromptSpy abuses Gemini AI to gain persistent access on Android Pierluigi Paganini February 20, 2026 PromptSpy is the first Android malware to abuse Google’s Gemini…
Month: February 2026
Ukrainian gets 5 years for helping North Koreans infiltrate US firms
A Ukrainian national was sentenced to five years in prison for providing North Korean IT workers with stolen identities that helped them infiltrate U.S. companies.…
PoC Released for Windows Notepad Vulnerability that Enables Malicious Command Execution
Microsoft has patched a high-severity remote code execution (RCE) vulnerability in the modern Windows Notepad application, tracked as CVE-2026-20841, as part of its February 2026…
LLM-Generated Passwords Expose Security Risks with Predictability and Weakness
LLM-generated passwords may look complex and “high entropy,” but new research shows they are highly predictable, frequently repeated, and far weaker than traditional cryptographic password…
INTERPOL busts scam networks across Africa, seizes millions
Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions Pierluigi Paganini February 20, 2026 INTERPOL’s Operation Red Card 2.0 led to 651 arrests…
Hackers Actively Exploiting Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT
A critical vulnerability in BeyondTrust’s remote support software is being actively exploited by hackers to deliver dangerous backdoors on compromised systems. The flaw, tracked as…
651 arrested, $4.3 million recovered in African cybercrime sweep
Operation Red Card 2.0, supported by INTERPOL and involving law enforcement agencies from 16 African countries, led to 651 arrests and the recovery of more…
Is Poshmark safe? How to buy and sell without getting scammed
Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can…
Hackers Using OAuth Apps in Microsoft Entra ID to Establish Persistence
Hackers Using OAuth Apps in Microsoft Entra ID Hackers are increasingly abusing OAuth applications in Microsoft Entra ID to gain persistent access, blending in as normal “business…
Google Issues Emergency Chrome Update for High-Severity PDFium, V8 Flaws
Google has rushed out a vital security patch for Chrome, fixing three flaws that could let attackers run malicious code on users’ devices. The Stable…
New infosec products of the week: February 20, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Compliance Scorecard, Impart Security, Redpanda, and Virtana. Impart enables safe,…
Automated AI-Powered Penetration Testing Tool that Integrates 20+ Security Tools
PentAGI Penetration Testing Tool PentAGI introduces an AI-driven approach to penetration testing, automating complex workflows with tools like Nmap and Metasploit while generating detailed reports.…