Latest Internet & Cybersecurity News
Google Patches First 2026 Chrome Zero-Day
Google released an urgent critical security update for Chrome versions 145.0.7632.75/.76 (Windows/macOS) and 144.0.7559.75 (Linux) addressing the first zero-day vulnerability of 2026. CISA added this flaw to its Known Exploited Vulnerabilities catalog, urging federal agencies to patch internet-facing systems immediately.
Prioritize patching collaboration platforms and monitor for unusual logins.
Active Exploitation of BeyondTrust CVE-2026-1731
Unit 42 observed attackers exploiting CVE-2026-1731 in BeyondTrust, involving network reconnaissance, webshell deployment, C2 traffic, backdoors, lateral movement, and data theft across U.S., France, Germany, Australia, and Canada. Attackers used DNS tunneling for evasion and remoteVersion parameter injection for data exfiltration from configs and PostgreSQL dumps.
Sectors affected include multiple industries; patch immediately and monitor for new accounts.
UNC6201 Exploits Dell RecoverPoint Zero-Day CVE-2026-22769
Google Threat Intelligence identified UNC6201 exploiting CVE-2026-22769 (CVSS 10.0) in Dell RecoverPoint, deploying SLAYSTYLE, BRICKSTORM, and GRIMBOLT malware. Mandiant confirmed Grimbolt exploitation, evolving from Brickstorm, targeting virtual infrastructure and backups in critical sectors.
Dell released patches; monitor IOCs and update VMware environments.
WormGPT.AI User Database Compromised
CYFIRMA reported WormGPT.AI, a platform for uncensored AI hacking models, breached with over 19,000 unique February 2026 user records leaked on a cybercrime forum. The full database was made publicly downloadable by the actor.
Enhance cybersecurity postures against such leaks.
Space Bears Ransomware Hits Texcomp
Space Bears Ransomware attacked IT services firm Texcomp, publishing an SQL database with client names, emails, addresses, and phone numbers on its dark web site. The breach exposed partner information, aiding digital transformation clients across industries.
No further disruptions reported.
Asahi Group Hospital Ransomware Leaks 131K PII Records
Ransomware actor breached a Japanese hospital network under Asahi Group, exfiltrating 131,135 unique PII records and a full database export, with media coverage by Asahi News and Nikkei. Over 115,000 employee and client records confirmed leaked, causing operational disruptions.
Additional data release threatened.
Advantest Semiconductor Supplier Faces Ransomware
Japanese semiconductor test equipment supplier Advantest is responding to a ransomware attack impacting multiple company systems. Operations disrupted as the firm addresses the incident.
No details on data exfiltration yet.
North Korean UNC1069 Targets Crypto with AI Video Deception
Researchers observed UNC1069 using social engineering, compromised Telegram, fake Zoom, ClickFix, and AI-generated video to deploy seven malware families against cryptocurrency and DeFi sectors. Attackers deceived victims via sophisticated lures.
Heightened vigilance needed in crypto.
Hacktivists Hit Italian Airports and Infrastructure
Hacktivist collectives targeted websites of two Italian airports and critical infrastructure, confirmed by authorities but mitigated with no significant disruptions. Defenses held, preventing lasting effects.
Ongoing geopolitical tensions in cyber domain.
CISA Adds Four Vulnerabilities to KEV Catalog
CISA expanded its Known Exploited Vulnerabilities catalog with four flaws in Google Chrome, Microsoft Windows, Zimbra, and security software, setting strict patching deadlines for federal agencies. Actively exploited; prioritize internet-facing systems and remove legacy components.
Monitor for file uploads and logins.
Quantum 'Harvest Now, Decrypt Later' Threats Rise
Nation-state actors conduct 'harvest now, decrypt later' campaigns, stockpiling encrypted data for future quantum decryption, prompting enterprise security spending records. AI-augmented security and zero trust top 2026 priorities amid $6.15T IT spend.
Prepare quantum readiness now.
OT Threats Target Virtualization, Not Just PLCs
Dragos 2026 OT Report highlights attacks on virtualization, identity systems causing outages without touching ICS; hacktivists like BAUXITE use wipers and OT interaction. Focus shifted to supporting infrastructure for visibility and control.
Attribution challenges complicate responses.