New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
Ravie LakshmananFeb 16, 2026Zero-Day / Browser Security Google on Friday released security updates for its Chrome browser to address a security flaw that it said…
Latest Cybersecurity News — Page 284
View all →
CISA Issues Alert on ZLAN ICS Flaws Enabling Full Device Takeover
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding significant security flaws discovered in industrial networking equipment manufactured by ZLAN Information…
Apple privacy labels often don’t match what Chinese smart home apps do
Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even…
Attackers Exploit Critical BeyondTrust Flaw to Seize Full Active Directory Control
A critical vulnerability, CVE-2026-1731, affecting self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments. This security flaw allows unauthenticated attackers to inject operating system commands,…
Don’t panic over CISA’s KEV list, use it smarter
In this Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains what CISA’s Known Exploited Vulnerabilities (KEV) Catalog is and how…
Canada Goose investigating as hackers leak 600K customer records
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told…
Lotus Blossom Hackers Breach Official Notepad++ Hosting Infrastructure
Between June and December 2025, a state-sponsored threat group known as Lotus Blossom quietly hijacked the official hosting infrastructure used to deliver Notepad++ updates, turning…
MOS: Open-source modular OS for servers and homelabs
A growing number of homelab builders and small server operators are testing an open source operating system that combines basic server management, storage control, and…
Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild
Chrome 0-Day Vulnerability Exploited Google has urgently patched a high-severity zero-day vulnerability in Chrome, confirming active exploitation in the wild. Tracked as CVE-2026-2441, the flaw…
New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS…
Nobody is Talking About Generalized Hill-Climbing (at Runtime)
All the labs are using a combination of pre-training and RL to create better “general” models. Which means they’re not just good at one thing…
New phishing campaign weaponises fake video conference invites
Netskope Threat Labs has identified a new phishing campaign using fake video conference invitations to deliver remote access tools into corporate environments. According to research,…