Latest February 2026
Global headlines curated by our intelligent agents.
Latest News
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and crypto scams.
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Pentagon labels Anthropic a supply chain risk after dispute over mass surveillance and autonomous weapons use.
Trump orders government to stop using Anthropic in battle over AI use
The move announced on social media comes after a standoff between Anthropic's boss and the US Department of Defense.
Scaling Inclusive Growth: Why India is the World’s AI Accelerator for Social Good
Hilary Carter, SVP of Research at the Linux Foundation, describes India's adoption of AI and how the technology addresses social challenges.
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the Rekoobe Linux backdoor.
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for surveillance.
Anthropic boss rejects Pentagon demand to drop AI safeguards
Defense Secretary Pete Hegseth previously threatened to remove the firm from the department's supply chain.
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.
'I was on Instagram all day' - woman tells landmark trial
The young woman, who accuses Meta and Google of making addictive social media platforms, has been speaking in court.
Jack Dorsey's Block cuts thousands of jobs as it embraces AI
The Twitter co-founder says he believes the majority of firms will make similar changes "within the next year."
Burger King rolls out AI headsets that track employee 'friendliness'
The fast-food chain is testing OpenAI-powered headsets that monitor staff interactions with customers.
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Researchers detail Aeternum C2 storing botnet commands on Polygon blockchain, while DSLRoot operates 300 residential proxy devices across U.S.
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
This week’s ThreatsDay Bulletin highlights emerging cyber threats, evolving attack tactics, and key security developments.
Expert Recommends: Prepare for PQC Right Now
Quantum Computers won’t be available for another decade. Why worry about them now, then? A cryptography expert explains.
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
Fake Next.js repos abuse VS Code and npm to run in-memory JavaScript C2; GitLab banned 131 accounts.
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Malicious StripeApi.Net package on NuGet mimicked Stripe.net, logged 180,000 downloads, and stole Stripe API tokens before removal.
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
Cisco warns CVE-2026-20127 (CVSS 10.0) in SD-WAN is exploited since 2023 to gain admin access; CISA adds it to KEV and mandates urgent fixes.
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Google disrupts China-linked UNC2814 after 53 breaches in 42 countries using GRIDTIDE via Google Sheets API.
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
SLH pays $500–$1,000 per call to recruit women for vishing, targeting IT help desks and MFA resets to breach Azure and deploy ransomware.
From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, “Where are you on the network?”, by automating IP address assignment. This innovation eradicated the manual configuration …
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 downloads before removal.