The Enigma cipher machine, used by the Nazis during World War II, continues to offer valuable lessons for modern cybersecurity professionals. Despite its historical significance, the Enigma's vulnerabilities and the mistakes made by its users provide insights into contemporary cybersecurity practices. The machine's design flaws and human errors highlight the importance of robust security measures and the need for continuous vigilance.

Microsoft is investigating a bug in the classic Outlook desktop email client that causes the mouse pointer to disappear for some users. The issue, reported nearly two months ago, makes the app unusable as users cannot interact with emails or perform basic functions. Microsoft has acknowledged the problem and provided temporary workarounds while they continue their investigation.

Optimizely, an ad tech firm with over 10,000 clients, confirmed a data breach following a voice phishing (vishing) attack. The breach, which occurred on February 11, compromised basic business contact information stored in internal systems and CRM records. The attackers did not escalate privileges or install backdoors, but the company warned customers about potential follow-up phishing attacks. The incident is linked to the ShinyHunters extortion operation, known for targeting SSO accounts at Microsoft, Okta, and Google.

The threat actor Silver Fox has been exploiting a previously unknown vulnerable driver associated with WatchDog Anti-malware to deploy ValleyRAT malware. The driver, 'amsdk.sys' (version 1.0.600), is a validly signed Windows kernel device driver built on the Zemana Anti-Malware SDK. This driver allows arbitrary process termination and local privilege escalation, enabling the attackers to neutralize endpoint protection products and deploy the ValleyRAT remote access trojan. The campaign, first observed in late May 2025, targets Chinese-speaking victims using various social engineering techniques and trojanized software. The WatchDog driver has been patched, but attackers have adapted by modifying the driver to bypass hash-based blocklists. Silver Fox, also known as SwimSnake and UTG-Q-1000, is highly active and organized, targeting domestic users and companies to steal secrets and defraud victims. A newly identified cryptojacking campaign has been uncovered, spreading through pirated software installers. This campaign deploys system-level malware using a customised XMRig miner and a controller component for persistence. The controller, named Explorer.exe, functions as a state-driven orchestrator. The malware includes a hardcoded expiration date of December 23, 2025, for self-removal. The campaign uses a vulnerable signed driver, WinRing0x64.sys, to gain kernel-level access and modifies CPU registers to disable hardware prefetchers, boosting mining performance. The campaign connects to the Kryptex mining pool at xmr-sg.kryptex.network:8029. The cryptojacking campaign uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. The malware exhibits worm-like capabilities, spreading across external storage devices, enabling lateral movement even in air-gapped environments. The binary acts as the central nervous system of the infection, serving different roles as an installer, watchdog, payload manager, and cleaner. The malware features a modular design that separates the monitoring features from the core payloads responsible for cryptocurrency mining, privilege escalation, and persistence. The malware includes a logic bomb that operates by retrieving the local system time and comparing it against a predefined timestamp. The hard deadline of December 23, 2025, indicates that the campaign was designed to run indefinitely on compromised systems. The malware uses a legitimate Windows Telemetry service executable to sideload the miner DLL. The malware uses a legitimate but flawed driver (WinRing0x64.sys) as part of a technique called bring your own vulnerable driver (BYOVD). The driver is susceptible to a vulnerability tracked as CVE-2020-14979 (CVSS score: 7.8) that allows privilege escalation. The integration of this exploit into the XMRig miner is to have greater control over the CPU's low-level configuration and boost the mining performance by 15% to 50%. The mining activity took place, albeit sporadically, throughout November 2025, before spiking on December 8, 2025.

The *SANDWORM_MODE* campaign, a new iteration of the Shai-Hulud supply chain worm, has expanded its attack surface by leveraging 19 malicious npm packages (e.g., `claud-code`, `crypto-locale`, `secp256`) to harvest credentials, cryptocurrency keys, and API tokens. Published under aliases *official334* and *javaorg*, the malware retains Shai-Hulud’s self-propagating capabilities while introducing novel techniques: **GitHub API exfiltration with DNS fallback**, **hook-based persistence**, **SSH propagation**, and **MCP server injection** targeting AI coding assistants (Claude Code, VS Code Continue, etc.). The attack also targets **LLM API keys** (Anthropic, OpenAI, Mistral, etc.) and includes a **polymorphic engine** (currently inactive) for evasion via Ollama/DeepSeek Coder. A two-stage payload delays deeper harvesting (password managers, worm propagation) for 48+ hours, with a destructive wiper routine as a fallback. This follows the *Sha1-Hulud* wave (November–December 2025), which exposed **400,000 secrets** across **30,000 GitHub repositories** via **800+ trojanized npm packages**, and the *PackageGate* vulnerabilities (January 2026) that bypassed npm’s `--ignore-scripts` defenses. Concurrently, unrelated but similarly severe threats include the `buildrunner-dev` and `eslint-verify-plugin` packages deploying **Pulsar RAT/Mythic C2 agents**, and a fake VS Code Solidity extension (`solid281`) dropping **ScreenConnect or reverse shells**. Researchers warn of escalating risks to developer environments, CI/CD pipelines, and AI-assisted coding tools, urging **immediate credential rotation**, **dependency audits**, and **hardened access controls**.

A sophisticated Python-based malware attack was uncovered during a fraud investigation. The attack involved obfuscation, disposable infrastructure, and commercial offensive tools. The victim reported unusual desktop behavior and unauthorized PayPal transfers. The malware used PowerShell commands to download and execute payloads, including XWorm RAT, HTran, and Cobalt Strike Beacon. The attack also involved credential theft from browsers and cryptocurrency wallets.

Modern workforce security faces challenges due to the over-reliance on identity as a proxy for trust. As employees use multiple devices and networks, access decisions based solely on identity become insufficient. The risk profile of access changes dynamically, especially when device conditions shift post-authentication. Attackers exploit these gaps by reusing valid identities from untrusted devices, bypassing modern controls. Zero Trust principles are often inconsistently applied, particularly at the device layer, leading to fragmented visibility and static access policies. Continuous verification of both user and device is essential to address these security gaps.

A zero-day vulnerability (CVE-2026-22769) in Dell RecoverPoint for Virtual Machines has been exploited by a suspected China-nexus threat cluster, UNC6201, since mid-2024. The vulnerability, with a CVSS score of 10.0, involves hard-coded credentials affecting versions prior to 6.0.3.1 HF1. The attackers used the flaw to upload a web shell named SLAYSTYLE and execute commands as root to deploy the BRICKSTORM backdoor and its newer version, GRIMBOLT. The exploitation involves authenticating to the Dell RecoverPoint Tomcat Manager via the '/manager/text/deploy' endpoint and deploying the malicious payloads.

A Russian-speaking, financially motivated hacker used generative AI services to breach over 600 FortiGate firewalls across 55 countries in five weeks. The campaign, which occurred between January 11 and February 18, 2026, targeted exposed management interfaces and weak credentials lacking MFA protection. The attacker used AI to automate access to other devices on breached networks, extracting sensitive configuration data and conducting reconnaissance. The attacker successfully compromised multiple organizations' Active Directory environments, extracted complete credential databases, and targeted backup infrastructure, likely in a lead-up to ransomware deployment. The campaign targeted various regions, including South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia. The threat actor used multiple commercial GenAI services to implement and scale well-known attack techniques throughout every phase of their operation. The threat actor's tools lacked robustness and failed under edge cases, characteristics typical of AI-generated code used without significant refinement. The threat actor used AI for attack planning, multi-model operational workflow, compromise planning, and infrastructure building.

An ongoing crypto scam, Bob-ptp, is actively exploiting trust in AI agent networks. The attack uses malicious Claude Skills on Clawhub, a marketplace for AI plugins, to compromise Solana wallet private keys and redirect payments through attacker-controlled infrastructure. The threat actor, BobVonNeumann, promotes the malicious skill on Moltbook, a social media platform for AI agents, leveraging the implicit trust between agents to spread the attack laterally without further human interaction. The campaign highlights a new class of supply chain attacks that combine traditional supply chain poisoning with social engineering targeting algorithms rather than humans.

Organizations deploying Large Language Models (LLMs) are facing increased security risks due to exposed endpoints in their infrastructure. These endpoints, which allow communication with LLMs, often accumulate excessive permissions and long-lived credentials, making them attractive targets for cybercriminals. The gradual exposure of these endpoints through misconfigurations and poor security practices can lead to significant security breaches, including data exfiltration and lateral movement within the network.

CISA added two vulnerabilities in Roundcube webmail software to its KEV catalog, citing active exploitation. CVE-2025-49113 (CVSS 9.9) allows remote code execution via untrusted data deserialization, while CVE-2025-68461 (CVSS 7.2) is a cross-site scripting flaw. Both vulnerabilities were patched in 2025, but exploits have been developed and sold. The flaws have been linked to nation-state actors in the past. FCEB agencies must remediate by March 13, 2026. Over 84,000 vulnerable Roundcube webmail installations were identified shortly after the patch for CVE-2025-49113 was released, and CVE-2025-68461 can be exploited through low-complexity XSS attacks abusing the animate tag in SVG documents.

Advantest Corporation, a major supplier of automatic test equipment for the semiconductor industry, detected a ransomware attack on February 15, 2026. The company confirmed an IT network intrusion and activated incident response protocols. Preliminary findings suggest unauthorized access and ransomware deployment, but the extent of data exfiltration remains unclear. No ransomware group has claimed responsibility yet. Advantest employs over 7,500 people, has an annual revenue of more than $5 billion, and a market capitalization of $120 billion. The company serves key chipmakers like Intel, Samsung, and TSMC. The attack follows recent ransomware incidents in the semiconductor sector and new Japanese government OT security guidelines for semiconductor factories.

The US has charged 87 individuals in a conspiracy involving ATM jackpotting fraud, linked to the Venezuelan crime syndicate Tren de Aragua. The defendants allegedly used Ploutus malware to hack ATMs, causing $40.73 million in losses by August 2025. The conspiracy involved surveillance, malware deployment, and money laundering to fund further criminal activities. In July 2025, the U.S. government sanctioned key members of Tren de Aragua, including Hector Rusthenford Guerrero Flores, for their involvement in various criminal activities. Two Venezuelan nationals, Luz Granados and Johan Gonzalez-Jimenez, were convicted of stealing hundreds of thousands of dollars from U.S. banks using ATM jackpotting and will be deported after serving their sentences. The FBI reported 1,900 ATM jackpotting incidents since 2020, with 700 occurring in 2025, and losses of more than $20 million in 2025 due to these incidents. Threat actors exploit the eXtensions for Financial Services (XFS) API to bypass bank authorization and control ATMs. Ploutus malware interacts directly with ATM hardware, bypassing the original ATM software's security. The FBI recommends physical security measures, hardware security, logging, auditing, IP whitelisting, endpoint detection and response, threat intelligence sharing, and updated security awareness training to mitigate jackpotting risks.

The University of Mississippi Medical Center (UMMC) remains offline following a ransomware attack that disrupted IT systems and blocked access to electronic medical records. All clinics statewide are closed, and outpatient services are cancelled, but hospital operations continue using downtime procedures. UMMC is investigating with assistance from CISA, the FBI, and the Department of Homeland Security. The attackers have communicated with UMMC, but no ransomware group has claimed responsibility. The impact on patient data remains uncertain, and all network systems are shut down for risk assessment. UMMC operates seven hospitals, 35 clinics, and over 200 telehealth sites statewide. The attack led to the cancellation of elective procedures and the rescheduling of appointments where possible. The hospitals and emergency departments in Jackson, Grenada, Madison County, and Holmes County remain open using downtime procedures.

The MuddyWater threat actor, linked to Iran and also known as Static Kitten, Mercury, and Seedworm, has conducted a global phishing campaign targeting over 100 organizations, including government entities, embassies, diplomatic missions, foreign affairs ministries, consulates, international organizations, and telecommunications firms in the Middle East and North Africa (MENA) region. The campaign used compromised email accounts to send phishing emails with malicious Microsoft Word documents containing macros that dropped and launched the Phoenix backdoor, version 4. This backdoor provided remote control over infected systems. The campaign was active starting August 19, 2025, and used a command-and-control (C2) server registered under the domain screenai[.]online. The attackers employed three remote monitoring and management (RMM) tools and a custom browser credential stealer, Chromium_Stealer. The malware and tools were hosted on a temporary Python-based HTTP service linked to NameCheap's servers. The campaign highlights the ongoing use of trusted communication channels by state-backed threat actors to evade defenses and infiltrate high-value targets. The server and server-side command-and-control (C2) component were taken down on August 24, 2025, likely indicating a new stage of the attack. The MuddyWater threat actor has also targeted Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors. The hacking group has delivered a previously undocumented backdoor called MuddyViper. The attacks also singled out one technology company based in Egypt. The attack chains involve spear-phishing and the exploitation of known vulnerabilities in VPN infrastructure to infiltrate networks and deploy legitimate remote management tools. The campaign uses a loader named Fooder that decrypts and executes the C/C++-based MuddyViper backdoor. The MuddyViper backdoor enables the attackers to collect system information, execute files and shell commands, transfer files, and exfiltrate Windows login credentials and browser data. Additionally, the MuddyWater threat actor has deployed a new backdoor called UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes. The attack chain involves using spear-phishing tactics to distribute booby-trapped Microsoft Word documents that trigger the execution of a malicious payload once macros are enabled. The phishing messages impersonate the Turkish Republic of Northern Cyprus Ministry of Foreign Affairs and purport to invite recipients to an online seminar titled "Presidential Elections and Results." The VBA script in the dropper file is equipped to conceal any sign of malicious activity by displaying a Hebrew-language decoy image from Israeli telecommunications provider Bezeq about supposed disconnection periods in the first week of November 2025 across various cities in the country. UDPGangster establishes persistence through Windows Registry modifications and boasts of various anti-analysis checks to resist efforts made by security researchers to take it apart. UDPGangster connects to an external server ("157.20.182[.]75") over UDP port 1269 to exfiltrate collected data, run commands using "cmd.exe," transmit files, update C2 server, and drop and execute additional payloads. The MuddyWater threat actor has launched a new campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. The campaign uses icon spoofing and malicious Word documents to deliver Rust-based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular post-compromise capability expansion. The RustyWater implant gathers victim machine information, detects installed security software, sets up persistence by means of a Windows Registry key, and establishes contact with a command-and-control (C2) server (nomercys.it[.]com) to facilitate file operations and command execution. The RustyWater implant is also referred to as Archer RAT and RUSTRIC. The use of RUSTRIC was previously flagged by Seqrite Labs as part of attacks targeting IT, MSPs, human resources, and software development companies in Israel. Historically, MuddyWater has relied on PowerShell and VBS loaders for initial access and post-compromise operations, but the introduction of Rust-based implants represents a notable tooling evolution toward more structured, modular, and low noise RAT capabilities. The MuddyWater threat actor has launched a new campaign codenamed Operation Olalampo targeting organizations and individuals in the Middle East and North Africa (MENA) region. The campaign involves the deployment of new malware families including GhostFetch, HTTP_VIP, CHAR, and GhostBackDoor. GhostFetch is a first-stage downloader that profiles the system, validates mouse movements, checks screen resolution, and fetches and executes secondary payloads directly in memory. GhostBackDoor is a second-stage backdoor delivered by GhostFetch that supports an interactive shell, file read/write, and re-run GhostFetch. HTTP_VIP is a native downloader that conducts system reconnaissance and deploys AnyDesk from the C2 server. CHAR is a Rust backdoor controlled by a Telegram bot (username "stager_51_bot") that executes cmd.exe or PowerShell commands. The PowerShell command executed by CHAR is designed to execute a SOCKS5 reverse proxy or another backdoor named Kalim, upload data stolen from web browsers, and run unknown executables referred to as "sh.exe" and "gshdoc_release_X64_GUI.exe." The MuddyWater threat actor has been observed exploiting recently disclosed vulnerabilities on public-facing servers to obtain initial access to target networks. The MuddyWater APT group remains an active threat within the MENA region, with this operation primarily targeting organizations in the MENA region.

Arkanix Stealer, an AI-assisted information-stealing malware, was promoted on dark web forums in late 2025 but was shut down two months later. The malware offered standard data-stealing features, a modular architecture, and anti-analysis capabilities. Kaspersky researchers found evidence of LLM-assisted development, suggesting reduced development time and costs. The stealer targeted browser data, cryptocurrency wallets, VPN credentials, and more, with a premium version offering advanced features like RDP credential theft and anti-sandbox checks. The project's purpose remains unclear, but it may have been an experiment to assess LLM assistance in malware development.

Intellexa’s Predator spyware leverages kernel-level access to hook iOS SpringBoard and suppress camera and microphone activity indicators. The malware intercepts sensor activity updates, preventing the display of green or orange dots in the status bar. This allows Predator to operate stealthily, hiding its surveillance activities from users. The spyware exploits previously obtained kernel access rather than zero-day vulnerabilities.

Anthropic has introduced security review features in its Claude Code platform, designed to integrate security checks into AI-assisted development workflows. The new capabilities, now available in a limited research preview, automate the detection and remediation of common vulnerabilities in codebases, leveraging AI to enhance application security. These features are part of a broader trend toward embedding security directly into development tools and pipelines, addressing the challenges posed by AI-assisted coding and 'vibe coding.' The security review function allows developers to run ad hoc checks for vulnerabilities and implement fixes, with the option to integrate these checks into continuous integration/continuous deployment (CI/CD) pipelines. While the initial focus is on classic security issues like SQL injection and cross-site scripting, the tool is expected to evolve, though it is not intended to replace existing security measures. Security experts emphasize the need for a comprehensive approach to application security, combining AI-assisted tools with traditional methods and human oversight to ensure robust protection against emerging threats.

EC-Council has expanded its certification portfolio with the launch of the Enterprise AI Credential Suite, introducing four new AI-focused certifications alongside the updated Certified CISO v4. This initiative aims to address the growing gap between AI adoption and workforce readiness, particularly in the U.S., where 700,000 workers need reskilling. The new certifications cover various aspects of AI adoption, security, and governance, aligning with U.S. priorities on workforce development and AI education. The launch is driven by the urgent need to prepare professionals for AI-driven risk environments, as AI adoption accelerates and attack surfaces expand. The certifications are designed to provide practical capabilities across AI adoption, security, and governance, helping organizations scale AI with confidence.

A new phishing kit called Starkiller has emerged, allowing attackers to bypass multi-factor authentication (MFA) by proxying legitimate login pages. The kit is distributed as a subscription-based service on the dark web, offering real-time session monitoring and keylogging capabilities. It mimics login pages of major services like Google, Microsoft, and banks, routing traffic through attacker-controlled infrastructure to steal credentials and authentication tokens. Starkiller uses Docker containers running headless Chrome instances to serve genuine page content, making it difficult for security vendors to detect or block. The toolkit is sold with updates and customer support, posing a significant escalation in phishing infrastructure. The service is part of a broader cybercrime offering by a threat group called Jinkusu, which provides additional features such as email harvesting and campaign analytics.

BeyondTrust has patched a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2026-1731, CVSS 9.9) in Remote Support (RS) and Privileged Remote Access (PRA) products. The flaw could allow unauthenticated attackers to execute OS commands in the context of the site user, leading to unauthorized access, data exfiltration, and service disruption. The vulnerability affects RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior. Patches are available in RS versions 25.3.2 and later, and PRA versions 25.1.1 and later. Self-hosted customers must manually apply updates if not subscribed to automatic updates. The vulnerability was discovered on January 31, 2026, with approximately 11,000 exposed instances identified, including around 8,500 on-prem deployments. BeyondTrust secured all RS/PRA cloud systems by February 2, 2026. The flaw was discovered by Harsh Jaiswal and the Hacktron AI team. Threat actors can exploit the flaw through maliciously crafted client requests in low-complexity attacks that do not require user interaction. In June 2025, BeyondTrust fixed a high-severity RS/PRA Server-Side Template Injection vulnerability. Attackers have begun actively exploiting the CVE-2026-1731 vulnerability in the wild, abusing the get_portal_info endpoint to extract the x-ns-company value before establishing a WebSocket channel. A proof-of-concept exploit targeting the /get_portal_info endpoint was published on GitHub. Threat actors have been observed exploiting CVE-2026-1731 to conduct network reconnaissance, deploy web shells, establish command-and-control (C2) channels, install backdoors and remote management tools, perform lateral movement, and exfiltrate data. The attacks have targeted financial services, legal services, high technology, higher education, wholesale and retail, and healthcare sectors across the U.S., France, Germany, Australia, and Canada. The vulnerability enables attackers to inject and execute arbitrary shell commands via the affected 'thin-scc-wrapper' script through the WebSocket interface. Attackers have deployed multiple web shells, including a PHP backdoor and a bash dropper, to maintain persistent access. Malware such as VShell and Spark RAT have been deployed as part of the exploitation. Out-of-band application security testing (OAST) techniques have been used to validate successful code execution and fingerprint compromised systems. Sensitive data, including configuration files, internal system databases, and a full PostgreSQL dump, have been exfiltrated to an external server. CVE-2026-1731 and CVE-2024-12356 share a common issue with input validation within distinct execution pathways. CVE-2026-1731 could be a target for sophisticated threat actors, similar to CVE-2024-12356 which was exploited by China-nexus threat actors like Silk Typhoon. CISA has confirmed that CVE-2026-1731 has been exploited in ransomware campaigns. CISA added CVE-2026-1731 to its Known Exploited Vulnerabilities (KEV) catalog on February 13 and gave federal agencies three days to apply the patch or stop using the product. Proof-of-concept (PoC) exploits for CVE-2026-1731 became available shortly after the initial disclosure, and exploitation was detected on January 31, making it a zero-day vulnerability for at least a week. CISA has activated the 'Known To Be Used in Ransomware Campaigns?' indicator in the KEV catalog for CVE-2026-1731. Customers of the cloud-based application (SaaS) had the patch applied automatically on February 2. Self-hosted instance customers need to either enable automatic updates or manually install the patch. For Remote Support, the recommended version is 25.3.2. For Privileged Remote Access, the recommended version is 25.1.1 or newer. Customers still using RS v21.3 and PRA v22.1 are recommended to upgrade to a newer version before applying the patch.

Pajemploi, a French social security service for parents and home-based childcare providers, reported a data breach on November 14, 2025, potentially exposing personal information of 1.2 million individuals. The breach affected registered professional caregivers working for private employers. The stolen data includes full names, places of birth, postal addresses, social security numbers, banking institution names, Pajemploi numbers, and accreditation numbers. The agency assured that bank account numbers, email addresses, phone numbers, and account passwords were not compromised. Pajemploi took immediate action to stop the attack and notified the French Data Protection Authority (CNIL) and the National Agency for the Security of Information Systems (ANSSI). In late January 2026, a cybersecurity incident impacted data associated with 1.2 million user accounts at the national bank account registry (FICOBA). Hackers gained access using stolen credentials from a civil servant, exfiltrating sensitive information including bank account details, account holder identity, physical address, and taxpayer identification number. The Ministry took immediate action to restrict access and is working to restore the system with enhanced security. Affected users will be notified individually, and banking institutions have been informed to raise awareness among customers. Numerous scam attempts are circulating, and users are advised to be vigilant.

The 'shift left' security strategy, which aims to integrate security earlier in the software development lifecycle (SDLC), has failed to deliver its promised benefits. Developers are overwhelmed with cognitive load, and businesses prioritize speed over security, leading to increased risks. A study by Qualys found that 7.3% of container images from public repositories were malicious, with 70% containing cryptomining software. The strategy has shifted the burden onto developers without adequate support, resulting in security being bypassed or ignored. To address these issues, experts recommend a 'shift down' approach, where security is embedded into the infrastructure layer, managed by specialized teams. This approach automates security checks and fixes, reducing the cognitive load on developers and making secure deployment the path of least resistance.

A malicious Microsoft Visual Studio Code (VS Code) extension named "ClawdBot Agent - AI Coding Assistant" was discovered on the official Extension Marketplace. The extension, which posed as a free AI coding assistant, stealthily dropped a malicious payload on compromised hosts. The extension was taken down by Microsoft after being reported by cybersecurity researchers. The malicious extension executed a binary named "Code.exe" that deployed a legitimate remote desktop program, granting attackers persistent remote access to compromised hosts. The extension also incorporated multiple fallback mechanisms to ensure payload delivery, including retrieving a DLL from Dropbox and using hard-coded URLs to obtain the payloads. Additionally, security researchers found hundreds of unauthenticated Moltbot instances online, exposing sensitive data and credentials. Moltbot, an open-source personal AI assistant, can run 24/7 locally, maintaining a persistent memory and executing scheduled tasks. However, insecure deployments can lead to sensitive data leaks, corporate data exposure, credential theft, and command execution. Hundreds of Clawdbot Control admin interfaces are exposed online due to reverse proxy misconfiguration, allowing unauthenticated access and root-level system access. More than 230 malicious packages for OpenClaw (formerly Moltbot and ClawdBot) have been published in less than a week on the tool's official registry and on GitHub. These malicious skills impersonate legitimate utilities and inject information-stealing malware payloads onto users' systems, targeting sensitive data like API keys, wallet private keys, SSH credentials, and browser passwords. Users are advised to audit their configurations, revoke connected service integrations, and implement network controls to mitigate potential risks. A self-styled social networking platform built for AI agents, Moltbook, contained a misconfigured database that allowed full read and write access to all data. The exposure was due to a Supabase API key exposed in client-side JavaScript, granting unauthenticated access to the entire production database. Researchers accessed 1.5 million API authentication tokens, 30,000 email addresses, and thousands of private messages between agents. The API key exposure allowed attackers to impersonate any agent on the platform, post content, send messages, and interact as that agent. Unauthenticated users could edit existing posts, inject malicious content or prompt injection payloads, and deface the site. SecurityScorecard found 40,214 exposed OpenClaw instances associated with 28,663 unique IP addresses. 63% of observed deployments are vulnerable, with 12,812 instances exploitable via remote code execution (RCE) attacks. SecurityScorecard correlated 549 instances with prior breach activity and 1493 with known vulnerabilities. Three high-severity CVEs in OpenClaw have been discovered, with public exploit code available. OpenClaw instances are at risk of indirect prompt injection and API key leaks, with most exposures located in China, the US, and Singapore. A supply chain attack via the Cline npm package version 2.3.0 installed OpenClaw on users' systems, exploiting a prompt injection vulnerability in Cline's Claude Issue Triage workflow. The compromised Cline package was downloaded approximately 4,000 times over an eight-hour stretch. OpenClaw has broad permissions and full disk access, making it a high-value implant for attackers. Cline released version 2.4.0 to address the issue and revoked the compromised token. The attack affected all users who installed the Cline CLI package version 2.3.0 during an eight-hour window on February 17, 2026. The attack did not impact Cline's Visual Studio Code (VS Code) extension and JetBrains plugin. Cline maintainers released version 2.4.0 to mitigate the unauthorized publication and revoked the compromised token. Microsoft Threat Intelligence observed a small but noticeable uptick in OpenClaw installations on February 17, 2026, due to the supply chain compromise. Users are advised to update to the latest version, check their environment for any unexpected installation of OpenClaw, and remove it if not required.

A software error in PayPal's Working Capital loan application exposed sensitive personal information of users, including Social Security numbers, for nearly six months in 2025. The breach was discovered on December 12, 2025, and PayPal reversed the code change the following day. Affected users are offered credit monitoring and identity restoration services, and some experienced unauthorized transactions.

The frequency and power of Distributed Denial-of-Service (DDoS) attacks have escalated dramatically in 2025, with a 168% increase compared to 2024. The average Radware customer faced over 25,351 attempted DDoS attacks, equivalent to 139 incidents per day. The technology, telecommunications, and financial services sectors were the most targeted. Attacks have become faster, stronger, and harder to stop, with high-impact web DDoS attacks lasting less than 60 seconds. Hacktivism remains the primary driver behind these campaigns, coordinated through Telegram channels. The most targeted countries were Israel, the US, and Ukraine, with pro-Russian groups responsible for the highest number of campaigns.

A sophisticated ClickFix campaign abuses compromised legitimate websites to deliver MIMICRAT (AstarionRAT), a custom C++ remote access trojan (RAT). The campaign uses a multi-stage PowerShell chain to bypass security mechanisms and deploy the RAT, which supports Windows token impersonation, SOCKS5 tunneling, and 22 post-exploitation commands. The campaign targets victims across multiple geographies and languages, with suspected goals of ransomware deployment or data exfiltration.

PromptSpy, an advanced Android malware, uses Google's Gemini AI to maintain persistence by pinning itself in the recent apps list. The malware captures lockscreen data, blocks uninstallation, gathers device information, takes screenshots, and records screen activity. It communicates with a hard-coded C2 server and is distributed via a dedicated website targeting users in Argentina. PromptSpy is the first known Android malware to use generative AI in its execution flow, sending screen data to Gemini to receive instructions for maintaining persistence. The malware is an advanced version of VNCSpy and is likely financially motivated. Researchers have discovered that PromptSpy was first found in February 2026, with initial samples uploaded to VirusTotal from Hong Kong and Argentina. ESET has not observed the malware in its telemetry, suggesting it may be a proof-of-concept. ESET attributed PromptSpy to Chinese developers with medium confidence, but has not linked it to any known threat actor. PromptSpy deploys a VNC module on compromised systems, enabling operators to view the victim’s screen and take full control of the Android device. The malware saves both its previous prompts and Gemini’s responses, allowing Gemini to understand context and coordinate multistep interactions.

In 2026, cyber insurance underwriting increasingly focuses on identity posture, driven by the rising prevalence of credential compromise in cyber-attacks. Insurers and regulators prioritize factors like password hygiene, privileged access management, and multi-factor authentication (MFA) coverage to assess cyber risk and determine insurance costs. Organizations must demonstrate strong identity controls to secure favorable terms, as credential compromise remains a critical attack vector.