Category: Bleeping Computer

BeyondTrust
16
Feb
2026

CISA gives feds 3 days to patch actively exploited BeyondTrust flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies on Friday to secure their BeyondTrust Remote Support instances against an…

Share: X : CISA gives feds 3 days to patch actively exploited BeyondTrust flawFacebook : CISA gives feds 3 days to patch actively exploited BeyondTrust flawLinkedin : CISA gives feds 3 days to patch actively exploited BeyondTrust flawReddit : CISA gives feds 3 days to patch actively exploited BeyondTrust flawTelegram : CISA gives feds 3 days to patch actively exploited BeyondTrust flawWhatsApp : CISA gives feds 3 days to patch actively exploited BeyondTrust flawEmail : CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
Google Chrome
16
Feb
2026

Google patches first Chrome zero-day exploited in attacks this year

Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security…

Share: X : Google patches first Chrome zero-day exploited in attacks this yearFacebook : Google patches first Chrome zero-day exploited in attacks this yearLinkedin : Google patches first Chrome zero-day exploited in attacks this yearReddit : Google patches first Chrome zero-day exploited in attacks this yearTelegram : Google patches first Chrome zero-day exploited in attacks this yearWhatsApp : Google patches first Chrome zero-day exploited in attacks this yearEmail : Google patches first Chrome zero-day exploited in attacks this year
CANADA GOOSE
16
Feb
2026

Canada Goose investigating as hackers leak 600K customer records

ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and…

Share: X : Canada Goose investigating as hackers leak 600K customer recordsFacebook : Canada Goose investigating as hackers leak 600K customer recordsLinkedin : Canada Goose investigating as hackers leak 600K customer recordsReddit : Canada Goose investigating as hackers leak 600K customer recordsTelegram : Canada Goose investigating as hackers leak 600K customer recordsWhatsApp : Canada Goose investigating as hackers leak 600K customer recordsEmail : Canada Goose investigating as hackers leak 600K customer records
Hacker starting at a box
16
Feb
2026

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the…

Share: X : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNSFacebook : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNSLinkedin : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNSReddit : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNSTelegram : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNSWhatsApp : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNSEmail : New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
Windows 11 logo with a blue background
16
Feb
2026

Windows 11 KB5077181 fixes boot failures linked to failed updates

Microsoft says it has resolved a Windows 11 bug that caused some commercial systems to fail to boot with an…

Share: X : Windows 11 KB5077181 fixes boot failures linked to failed updatesFacebook : Windows 11 KB5077181 fixes boot failures linked to failed updatesLinkedin : Windows 11 KB5077181 fixes boot failures linked to failed updatesReddit : Windows 11 KB5077181 fixes boot failures linked to failed updatesTelegram : Windows 11 KB5077181 fixes boot failures linked to failed updatesWhatsApp : Windows 11 KB5077181 fixes boot failures linked to failed updatesEmail : Windows 11 KB5077181 fixes boot failures linked to failed updates
LummaStealer + Ninja Browser malware campaign
15
Feb
2026

Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

CTM360 reports that more than 4,000 malicious Google Groups and 3,500 Google-hosted URLs are being used in an active malware…

Share: X : Lumma Stealer and Ninja Browser malware campaign abusing Google GroupsFacebook : Lumma Stealer and Ninja Browser malware campaign abusing Google GroupsLinkedin : Lumma Stealer and Ninja Browser malware campaign abusing Google GroupsReddit : Lumma Stealer and Ninja Browser malware campaign abusing Google GroupsTelegram : Lumma Stealer and Ninja Browser malware campaign abusing Google GroupsWhatsApp : Lumma Stealer and Ninja Browser malware campaign abusing Google GroupsEmail : Lumma Stealer and Ninja Browser malware campaign abusing Google Groups
Bitcoin falling with a man grasping for them
15
Feb
2026

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript…

Share: X : Pastebin comments push ClickFix JavaScript attack to hijack crypto swapsFacebook : Pastebin comments push ClickFix JavaScript attack to hijack crypto swapsLinkedin : Pastebin comments push ClickFix JavaScript attack to hijack crypto swapsReddit : Pastebin comments push ClickFix JavaScript attack to hijack crypto swapsTelegram : Pastebin comments push ClickFix JavaScript attack to hijack crypto swapsWhatsApp : Pastebin comments push ClickFix JavaScript attack to hijack crypto swapsEmail : Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps
Fake job recruiters hide malware in developer coding challenges
14
Feb
2026

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with…

Share: X : Fake job recruiters hide malware in developer coding challengesFacebook : Fake job recruiters hide malware in developer coding challengesLinkedin : Fake job recruiters hide malware in developer coding challengesReddit : Fake job recruiters hide malware in developer coding challengesTelegram : Fake job recruiters hide malware in developer coding challengesWhatsApp : Fake job recruiters hide malware in developer coding challengesEmail : Fake job recruiters hide malware in developer coding challenges
Claude LLM artifacts abused to push Mac infostealers in ClickFix attack
13
Feb
2026

Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for…

Share: X : Claude LLM artifacts abused to push Mac infostealers in ClickFix attackFacebook : Claude LLM artifacts abused to push Mac infostealers in ClickFix attackLinkedin : Claude LLM artifacts abused to push Mac infostealers in ClickFix attackReddit : Claude LLM artifacts abused to push Mac infostealers in ClickFix attackTelegram : Claude LLM artifacts abused to push Mac infostealers in ClickFix attackWhatsApp : Claude LLM artifacts abused to push Mac infostealers in ClickFix attackEmail : Claude LLM artifacts abused to push Mac infostealers in ClickFix attack
Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches
13
Feb
2026

Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches

South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement…

Share: X : Louis Vuitton, Dior, and Tiffany fined $25 million over data breachesFacebook : Louis Vuitton, Dior, and Tiffany fined $25 million over data breachesLinkedin : Louis Vuitton, Dior, and Tiffany fined $25 million over data breachesReddit : Louis Vuitton, Dior, and Tiffany fined $25 million over data breachesTelegram : Louis Vuitton, Dior, and Tiffany fined $25 million over data breachesWhatsApp : Louis Vuitton, Dior, and Tiffany fined $25 million over data breachesEmail : Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches
Criminal IP + IBM QRadar integration
13
Feb
2026

Turning IBM QRadar Alerts into Action with Criminal IP

Criminal IP (criminalip.io), the AI-powered threat intelligence and attack surface intelligence platform, is now integrated with IBM QRadar SIEM and…

Share: X : Turning IBM QRadar Alerts into Action with Criminal IPFacebook : Turning IBM QRadar Alerts into Action with Criminal IPLinkedin : Turning IBM QRadar Alerts into Action with Criminal IPReddit : Turning IBM QRadar Alerts into Action with Criminal IPTelegram : Turning IBM QRadar Alerts into Action with Criminal IPWhatsApp : Turning IBM QRadar Alerts into Action with Criminal IPEmail : Turning IBM QRadar Alerts into Action with Criminal IP
Windows
13
Feb
2026

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered U.S. government agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in…

Share: X : CISA flags critical Microsoft SCCM flaw as exploited in attacksFacebook : CISA flags critical Microsoft SCCM flaw as exploited in attacksLinkedin : CISA flags critical Microsoft SCCM flaw as exploited in attacksReddit : CISA flags critical Microsoft SCCM flaw as exploited in attacksTelegram : CISA flags critical Microsoft SCCM flaw as exploited in attacksWhatsApp : CISA flags critical Microsoft SCCM flaw as exploited in attacksEmail : CISA flags critical Microsoft SCCM flaw as exploited in attacks