Category: TheHackerNews

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
24
Feb
2026

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious…

Share: X : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKENFacebook : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKENLinkedin : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKENReddit : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKENTelegram : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKENWhatsApp : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKENEmail : RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
24
Feb
2026

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

Ravie LakshmananFeb 24, 2026Cyber Espionage / Malware A Russia-aligned threat actor has been observed targeting a European financial institution as…

Share: X : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareFacebook : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareLinkedin : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareReddit : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareTelegram : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareWhatsApp : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS MalwareEmail : UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
24
Feb
2026

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed…

Share: X : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksFacebook : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksLinkedin : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksReddit : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksTelegram : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksWhatsApp : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare AttacksEmail : Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
Identity Prioritization isn't a Backlog Problem
24
Feb
2026

Identity Prioritization isn’t a Backlog Problem

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control…

Share: X : Identity Prioritization isn’t a Backlog ProblemFacebook : Identity Prioritization isn’t a Backlog ProblemLinkedin : Identity Prioritization isn’t a Backlog ProblemReddit : Identity Prioritization isn’t a Backlog ProblemTelegram : Identity Prioritization isn’t a Backlog ProblemWhatsApp : Identity Prioritization isn’t a Backlog ProblemEmail : Identity Prioritization isn’t a Backlog Problem
LuciDoor and MarsSnake Backdoors
24
Feb
2026

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift…

Share: X : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsFacebook : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsLinkedin : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsReddit : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsTelegram : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsWhatsApp : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake BackdoorsEmail : UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
24
Feb
2026

Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

Ravie LakshmananFeb 24, 2026Artificial Intelligence / Anthropic Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence…

Share: X : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelFacebook : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelLinkedin : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelReddit : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelTelegram : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelWhatsApp : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy ModelEmail : Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
APT28 Targeted European Entities Using Webhook-Based Macro Malware
24
Feb
2026

APT28 Targeted European Entities Using Webhook-Based Macro Malware

Ravie LakshmananFeb 23, 2026Malware / Threat Intelligence The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a…

Share: X : APT28 Targeted European Entities Using Webhook-Based Macro MalwareFacebook : APT28 Targeted European Entities Using Webhook-Based Macro MalwareLinkedin : APT28 Targeted European Entities Using Webhook-Based Macro MalwareReddit : APT28 Targeted European Entities Using Webhook-Based Macro MalwareTelegram : APT28 Targeted European Entities Using Webhook-Based Macro MalwareWhatsApp : APT28 Targeted European Entities Using Webhook-Based Macro MalwareEmail : APT28 Targeted European Entities Using Webhook-Based Macro Malware
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
23
Feb
2026

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a…

Share: X : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic BombFacebook : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic BombLinkedin : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic BombReddit : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic BombTelegram : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic BombWhatsApp : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic BombEmail : Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
How Exposed Endpoints Increase Risk Across LLM Infrastructure
23
Feb
2026

How Exposed Endpoints Increase Risk Across LLM Infrastructure

The Hacker NewsFeb 23, 2026Artificial Intelligence / Zero Trust As more organizations run their own Large Language Models (LLMs), they…

Share: X : How Exposed Endpoints Increase Risk Across LLM InfrastructureFacebook : How Exposed Endpoints Increase Risk Across LLM InfrastructureLinkedin : How Exposed Endpoints Increase Risk Across LLM InfrastructureReddit : How Exposed Endpoints Increase Risk Across LLM InfrastructureTelegram : How Exposed Endpoints Increase Risk Across LLM InfrastructureWhatsApp : How Exposed Endpoints Increase Risk Across LLM InfrastructureEmail : How Exposed Endpoints Increase Risk Across LLM Infrastructure
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
23
Feb
2026

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign that has leveraged a cluster…

Share: X : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API TokensFacebook : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API TokensLinkedin : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API TokensReddit : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API TokensTelegram : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API TokensWhatsApp : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API TokensEmail : Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
23
Feb
2026

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

Ravie LakshmananFeb 23, 2026Threat Intelligence / Artificial Intelligence The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm,…

Share: X : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIPFacebook : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIPLinkedin : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIPReddit : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIPTelegram : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIPWhatsApp : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIPEmail : MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
21
Feb
2026

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise…

Share: X : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 CountriesFacebook : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 CountriesLinkedin : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 CountriesReddit : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 CountriesTelegram : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 CountriesWhatsApp : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 CountriesEmail : AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries