Latest Internet & Cybersecurity News
BeyondTrust Critical RCE Flaw Under Active Attack
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access is being actively exploited, allowing unauthenticated attackers to run arbitrary commands and enable lateral movement. CISA has issued an urgent patch order. Affected appliances face full system compromise.
CISA Operating at 38% Capacity Amid DHS Shutdown
CISA is functioning at roughly 38% capacity with only 888 of 2,341 staff due to the DHS shutdown starting February 14, 2026, impacting cybersecurity response efforts. This reduces monitoring and advisory capabilities during heightened threats.
Chrome 145 Patches Likely RCE Vulnerability CVE-2026-2441
Google's Chrome 145 update addresses CVE-2026-2441, a vulnerability likely exploitable for arbitrary code execution. Users are urged to update immediately to mitigate risks. The fix was released on February 16, 2026.
Ransomware Groups Targeting Industrial Orgs Surge 49%
Dragos tracked 119 ransomware groups hitting industrial organizations in 2025, up 49% from 80 in 2024, causing major OT disruptions. Common entry via compromised remote access like VPNs using stolen credentials.
Kimwolf Botnet Infects Over 2 Million Devices
The Kimwolf botnet has infected more than two million devices via residential proxies, bypassing firewalls to target local networks including corporate and government systems. It continues surging in scale into 2026.
Exposed Database of 149 Million Credentials Taken Down
Security analyst discovered an exposed database with 149 million usernames and passwords from Gmail, Facebook, crypto platforms, assembled by infostealer malware. The database grew in real-time before being removed.
Unit 42: AI Compresses Attack Timelines to 72 Minutes
Palo Alto Networks' 2026 report shows AI-enabled attacks achieving data exfiltration in just 72 minutes, 4x faster than last year. Identity issues in 90% of incidents, supply chain in 23%.
Sophos Reports 688% Surge in Stolen Credentials
Sophos X-Ops data reveals a 688% increase in stolen credentials over three years, making identity the primary attack vector. ITDR solutions recommended for early detection.
SolarWinds Web Help Desk RCE Added to CISA KEV Catalog
CISA added actively exploited SolarWinds Web Help Desk RCE (disclosed January, exploited since December 2025) to its Known Exploited Vulnerabilities catalog. Another exploitation wave detected recently.
Cloudflare and Mastercard Partner on Cyber Defense
Cloudflare and Mastercard announce partnership to combine attack surface monitoring and application security for small businesses and critical infrastructure. Aims to automate risk remediation.
New OT Threat Groups: Azurite, Pyroxene, Sylvanite
Dragos identifies Azurite targeting engineering workstations, Pyroxene using supply chain social engineering, and Sylvanite as initial access broker for OT systems. Expanding operations to US and Europe.
NoName057 Leads 329 Cyberattacks Across 56 Countries
Hack Tuesday reports 329 cyberattacks last week (11-17 Feb 2026) across 56 countries, with NoName057(16) responsible for 39. Highlights ongoing global threat actor activity.