The state-sponsored threat group Lotus Blossom successfully breached the official hosting infrastructure of Notepad++ between June and December 2025, targeting users across government agencies, telecommunications…
BeyondTrust Vulnerability Exploit A critical vulnerability tracked as CVE-2026-1731 is being actively exploited in the wild, enabling attackers to gain full domain control over affected systems. Threat actors…
Chrome 0-Day Vulnerability Exploited Google has urgently patched a high-severity zero-day vulnerability in Chrome, confirming active exploitation in the wild. Tracked as CVE-2026-2441, the flaw…
Windows 11 KB5077181 Security Update Microsoft’s February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered…
PentestAgent PentestAgent, an open-source AI agent framework from developer Masic (GH05TCREW), has introduced enhanced capabilities, including prebuilt attack playbooks and seamless HexStrike integration. Released on…
Clickfix Attack DNS Hijacking spread malware A new evolution in the ClickFix social engineering campaign, which now employs a custom DNS hijacking technique to deliver…
Threat Actors Exploit Claude Artifacts Google Ads A sophisticated malware campaign targeting macOS users through Google-sponsored search results and legitimate platforms, including Anthropic’s Claude AI…
OpenSea 0-day Exploit Chain A threat actor is reportedly selling a purported critical severity zero-day exploit chain targeting OpenSea for $100,000 USD in Bitcoin or…
CISA Warns Microsoft Configuration Manager SQL Injection Vulnerability CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM).…
Malicious Chrome AI Extensions Attacking 260000 Users via Injected IFrames A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT,…
OpenClaw 2026.2.12 Released OpenClaw Version 2026.2.12 is a major security-focused update that fixes more than 40 vulnerabilities and strengthens protection across the AI agent platform.…
A sophisticated social engineering campaign is targeting Windows users through fake CAPTCHA verification pages to deliver the StealC information stealer malware. The attack begins when…
